收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 #PACKAGE 0704
1234
返回列表 发新帖
楼主: Jerry.Lin
 收起左侧

[病毒样本] #PACKAGE 0704

  [复制链接]
zst470396853
发表于 2018-7-4 23:50:45 | 显示全部楼层
360


卡巴补杀


最后余下



本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

www-tekeze
发表于 2018-7-5 00:10:37 | 显示全部楼层
command360 发表于 2018-7-4 22:45
4号样本有点皮……

直接双击了,火绒提示有毒

行为分析报的混淆器,我是右键扫描没报。
回复

举报

fzshot
发表于 2018-7-5 04:00:01 | 显示全部楼层
Avira 20/20 100%
  1. Start of the scan: 2018-07-04 15:52:19
  2. 07/04/2018,15-52-21        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\0704(1).exe'
  3. 07/04/2018,15-52-21        [INFO]        The file 'c:\users\**\desktop\infected\0704(1).exe' was scanned with the Protection Cloud. SHA256 = 52BDD722FB75924191A4F2E128CDEC2BA69EE5B04DFF77691574110F3F4306C6
  4. 07/04/2018,15-52-21        [INFO]        c:\users\**\desktop\infected\0704(1).exe
  5. 07/04/2018,15-52-21        [INFO]        [DETECTION] file contains 'TR/AD.Emotet.B'
  6. 07/04/2018,15-52-22        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\0704(10).exe'
  7. 07/04/2018,15-52-22        [INFO]        The file 'c:\users\**\desktop\infected\0704(10).exe' was scanned with the Protection Cloud. SHA256 = FF88D9B1E591A14DD6A78C81999B0BF6E59AF122D933F5D7027F044C704B7451
  8. 07/04/2018,15-52-22        [INFO]        c:\users\**\desktop\infected\0704(10).exe
  9. 07/04/2018,15-52-22        [INFO]        [DETECTION] file contains 'TR/Dropper.VB.ff88d9'
  10. 07/04/2018,15-52-22        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\0704(11).exe'
  11. 07/04/2018,15-52-22        [INFO]        The file 'c:\users\**\desktop\infected\0704(11).exe' was scanned with the Protection Cloud. SHA256 = 17514E9F44AFC616EAA0C3AECC1DB3BE261B31521DC3BB8D93188C01BCC93DEF
  12. 07/04/2018,15-52-22        [INFO]        c:\users\**\desktop\infected\0704(11).exe
  13. 07/04/2018,15-52-22        [INFO]        [DETECTION] file contains 'TR/AD.AscentorLoader.B'
  14. 07/04/2018,15-52-22        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\0704(12).exe'
  15. 07/04/2018,15-52-22        [INFO]        The file 'c:\users\**\desktop\infected\0704(12).exe' was scanned with the Protection Cloud. SHA256 = 42D6C84C81B5A93B21627F04ECE568B97FE74968A02CBDA710A16A2898461F20
  16. 07/04/2018,15-52-22        [INFO]        c:\users\**\desktop\infected\0704(12).exe
  17. 07/04/2018,15-52-22        [INFO]        [DETECTION] file contains 'TR/AD.Emotet.B'
  18. 07/04/2018,15-52-23        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\0704(13).exe'
  19. 07/04/2018,15-52-23        [INFO]        The file 'c:\users\**\desktop\infected\0704(13).exe' was scanned with the Protection Cloud. SHA256 = E35A3DF1E13F3E79A6AB7AE4FD94827B707930C351C08C608AFFBCC743FBEE2A
  20. 07/04/2018,15-52-23        [INFO]        c:\users\**\desktop\infected\0704(13).exe
  21. 07/04/2018,15-52-23        [INFO]        [DETECTION] file contains 'TR/AD.LokiBot.B'
  22. 07/04/2018,15-52-23        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\0704(14).exe'
  23. 07/04/2018,15-52-23        [INFO]        c:\users\**\desktop\infected\0704(14).exe
  24. 07/04/2018,15-52-23        [INFO]        [DETECTION] file contains 'TR/Kryptik.vjzyd'
  25. 07/04/2018,15-52-23        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\0704(15).exe'
  26. 07/04/2018,15-52-23        [INFO]        c:\users\**\desktop\infected\0704(15).exe
  27. 07/04/2018,15-52-23        [INFO]        [DETECTION] file contains 'TR/Kryptik.porbb'
  28. 07/04/2018,15-52-23        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\0704(16).exe'
  29. 07/04/2018,15-52-23        [INFO]        c:\users\**\desktop\infected\0704(16).exe
  30. 07/04/2018,15-52-23        [INFO]        [DETECTION] file contains 'TR/Dropper.Gen'
  31. 07/04/2018,15-52-23        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\0704(17).exe'
  32. 07/04/2018,15-52-23        [INFO]        The file 'c:\users\**\desktop\infected\0704(17).exe' was scanned with the Protection Cloud. SHA256 = 13F66C5BC1C36140DB1409B7CD4C55979C8104C610E8A6F87FDB2F32117FFFD3
  33. 07/04/2018,15-52-23        [INFO]        c:\users\**\desktop\infected\0704(17).exe
  34. 07/04/2018,15-52-23        [INFO]        [DETECTION] file contains 'TR/AD.Emotet.B'
  35. 07/04/2018,15-52-24        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\0704(18).exe'
  36. 07/04/2018,15-52-24        [INFO]        The file 'c:\users\**\desktop\infected\0704(18).exe' was scanned with the Protection Cloud. SHA256 = F4CCDC9DB4A550D0A0D3C7B311AB0B95B338A8F60BBC3FFB4E564BB9CEF86644
  37. 07/04/2018,15-52-24        [INFO]        c:\users\**\desktop\infected\0704(18).exe
  38. 07/04/2018,15-52-24        [INFO]        [DETECTION] file contains 'TR/AD.MoksSteal.Y'
  39. 07/04/2018,15-52-24        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\0704(19).exe'
  40. 07/04/2018,15-52-24        [INFO]        The file 'c:\users\**\desktop\infected\0704(19).exe' was scanned with the Protection Cloud. SHA256 = BD4AB514D90A0410AD1BCE9A3E2572EB3ED1682F461B50373C91A9497270D96E
  41. 07/04/2018,15-52-24        [INFO]        c:\users\**\desktop\infected\0704(19).exe
  42. 07/04/2018,15-52-24        [INFO]        [DETECTION] file contains 'TR/AD.LokiBot.B'
  43. 07/04/2018,15-52-24        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\0704(2).exe'
  44. 07/04/2018,15-52-24        [INFO]        The file 'c:\users\**\desktop\infected\0704(2).exe' was scanned with the Protection Cloud. SHA256 = EB4089F839066855364B57C597DB04C2CED79C9C1A86F9EB4AB58E9892864668
  45. 07/04/2018,15-52-24        [INFO]        c:\users\**\desktop\infected\0704(2).exe
  46. 07/04/2018,15-52-24        [INFO]        [DETECTION] file contains 'TR/AD.Emotet.B'
  47. 07/04/2018,15-52-25        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\0704(20).exe'
  48. 07/04/2018,15-52-25        [INFO]        The file 'c:\users\**\desktop\infected\0704(20).exe' was scanned with the Protection Cloud. SHA256 = 2638E71012E24DAED51333854308A150FCF6800083B3CFAA63C2168EB2BB6C6E
  49. 07/04/2018,15-52-25        [INFO]        c:\users\**\desktop\infected\0704(20).exe
  50. 07/04/2018,15-52-25        [INFO]        [DETECTION] file contains 'TR/AD.Ursnif.Y'
  51. 07/04/2018,15-52-25        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\0704(3).exe'
  52. 07/04/2018,15-52-25        [INFO]        The file 'c:\users\**\desktop\infected\0704(3).exe' was scanned with the Protection Cloud. SHA256 = A1E864ECD80B227FE7E411341116CCDFAEFDD28EF3EDAF7BB3DF31853DC64244
  53. 07/04/2018,15-52-25        [INFO]        c:\users\**\desktop\infected\0704(3).exe
  54. 07/04/2018,15-52-25        [INFO]        [DETECTION] file contains 'TR/AD.Gootkit.B'
  55. 07/04/2018,15-52-26        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\0704(4).exe'
  56. 07/04/2018,15-52-26        [INFO]        The file 'c:\users\**\desktop\infected\0704(4).exe' was scanned with the Protection Cloud. SHA256 = FD3A00BBE06C02F39562C63A700325C90031B226FCE25D79B771D38F645EC8F5
  57. 07/04/2018,15-52-26        [INFO]        c:\users\**\desktop\infected\0704(4).exe
  58. 07/04/2018,15-52-26        [INFO]        [DETECTION] file contains 'TR/AD.MoksSteal.Y'
  59. 07/04/2018,15-52-26        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\0704(5).exe'
  60. 07/04/2018,15-52-26        [INFO]        c:\users\**\desktop\infected\0704(5).exe
  61. 07/04/2018,15-52-26        [INFO]        [DETECTION] file contains 'TR/Crypt.XPACK.Gen7'
  62. 07/04/2018,15-52-27        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\0704(6).exe'
  63. 07/04/2018,15-52-27        [INFO]        The file 'c:\users\**\desktop\infected\0704(6).exe' was scanned with the Protection Cloud. SHA256 = C438EEBFD192D5FEE00A09BEEE8C89D6B7D76986FE2AC33B1350208DE9D6A7A2
  64. 07/04/2018,15-52-27        [INFO]        c:\users\**\desktop\infected\0704(6).exe
  65. 07/04/2018,15-52-27        [INFO]        [DETECTION] file contains 'HEUR/APC'
  66. 07/04/2018,15-52-27        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\0704(7).exe'
  67. 07/04/2018,15-52-27        [INFO]        c:\users\**\desktop\infected\0704(7).exe
  68. 07/04/2018,15-52-27        [INFO]        [DETECTION] file contains 'TR/Injector.etlfo'
  69. 07/04/2018,15-52-28        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\0704(8).exe'
  70. 07/04/2018,15-52-28        [INFO]        The file 'c:\users\**\desktop\infected\0704(8).exe' was scanned with the Protection Cloud. SHA256 = 986200667277624B447D20698E93905117ACCA470F30E8AE9C8A6DF234676625
  71. 07/04/2018,15-52-28        [INFO]        c:\users\**\desktop\infected\0704(8).exe
  72. 07/04/2018,15-52-28        [INFO]        [DETECTION] file contains 'TR/AD.Ursnif.Y'
  73. 07/04/2018,15-52-28        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\0704(9).exe'
  74. 07/04/2018,15-52-28        [INFO]        The file 'c:\users\**\desktop\infected\0704(9).exe' was scanned with the Protection Cloud. SHA256 = 7F3310138B3EBE9E15FA96C4BD53DAC1F3F98F4D4D04AB90BEC12CD76F42B1AC
  75. 07/04/2018,15-52-28        [INFO]        c:\users\**\desktop\infected\0704(9).exe
  76. 07/04/2018,15-52-28        [INFO]        [DETECTION] file contains 'TR/AD.Emotet.B'
复制代码


回复

举报

command360
发表于 2018-7-5 09:41:35 | 显示全部楼层
本帖最后由 command360 于 2018-7-5 09:42 编辑
www-tekeze 发表于 2018-7-5 00:10
行为分析报的混淆器,我是右键扫描没报。

我右扫也报了啊!!!

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

www-tekeze
发表于 2018-7-5 10:09:31 | 显示全部楼层
command360 发表于 2018-7-5 09:41
我右扫也报了啊!!!

看25L截图,没报。。。但现在报了,emmm,不懂了。。

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

XZ8SM7Sx0bVkoUV
发表于 2018-7-5 13:25:05 | 显示全部楼层
您好,火绒有企业版和个人版本,不同版本的病毒库是不一样的哦,火绒每天更新版本,目前火绒的版本扫描处理的是7个

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

ynghaos
发表于 2018-7-5 13:25:45 | 显示全部楼层
BD2019清空
回复

举报

dolphin
发表于 2018-7-5 15:27:11 | 显示全部楼层
费尔锁库测试
这次换vista系统
扫描5x

双击结果
3 4 7 8 17 18 miss
5 无法运行
10 15 运行报错
11 报植入型木马
13 报植入型木马
14 报植入型木马
16 报病毒 杀衍生物 clean
19 报病毒
20 报植入型木马
剩余9x
11/20

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x

评分

参与人数 1人气 +1 收起 理由
浮生如梦 + 1 感谢支持,欢迎常来: )

查看全部评分

回复

举报

1234
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-5-1 03:40 , Processed in 0.094905 second(s), 16 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表