搜索
查看: 1596|回复: 106
收起左侧

[病毒样本] 样本集奉上_13

  [复制链接]
www-tekeze
发表于 2018-7-6 16:38:48 | 显示全部楼层 |阅读模式
本帖最后由 www-tekeze 于 2018-7-6 16:40 编辑

50个样本,已检查过没有重复文件,似乎是火绒样本采集范围内的,但火绒不报。。    @火绒工程师
So,请大家帮忙测试下! 快来快来,扫描? 双击? 一概欢迎!  


蓝奏云盘,下载挺快。。。https://www.lanzous.com/i1cvsjg    密码:infected
感兴趣还可对比下修改MD5后的。。。https://www.lanzous.com/i1cvsuh    密码你懂。。
191196846
发表于 2018-7-6 16:43:03 | 显示全部楼层
本帖最后由 191196846 于 2018-7-6 17:02 编辑

ESET

40/50



剩余样本信誉


  1. Time;Scanner;Object type;Object;Threat;Action;User;Information;Hash;First seen here
  2. 2018/7/6 16:43:35;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (8).vir;a variant of Win64/Adware.RunBooster.E application;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;BDD8E0B3D1F7B696AA16C36B300D4433FCD60398;2018/7/6 16:43:24
  3. 2018/7/6 16:43:35;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (5).vir;JS/TrojanDownloader.Nemucod.EAO trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;B71848D7EEB4238CAF161608A6EE51E8A248B4C4;2018/7/6 16:43:24
  4. 2018/7/6 16:43:37;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (6).vir;HTML/TrojanDownloader.Agent.NFH trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;CAD77559EFC49A24431B6588106CFAB8CB59284C;2018/7/6 16:43:24
  5. 2018/7/6 16:43:41;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (9).vir;a variant of Win32/Spy.KeyLogger.QAR trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;4CE8DC309E145E079C232D991E372459345AE0E7;2018/7/6 16:43:24
  6. 2018/7/6 16:43:44;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (10).vir;a variant of Win32/Adware.Coupons.AA application;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;202BC9DB6B150ED840C7871A80A69586DCB8E4AF;2018/7/6 16:43:24
  7. 2018/7/6 16:43:46;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (1).vir;a variant of Win32/Adware.Qjwmonkey.H application;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;76656811DB4761193C29DF9C1BD9004366471CAE;2018/7/6 16:43:24
  8. 2018/7/6 16:43:48;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (4).vir;a variant of Generik.GBOVAGD trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;D85474DF3A6FE4E1A23FC1FF623DC2CF825CCDBC;2018/7/6 16:43:24
  9. 2018/7/6 16:43:52;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (12).vir;a variant of Generik.LMWYVAQ trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;84148B1CD22754AD43F9E8F0B4FD8B4D0EEDF7AD;2018/7/6 16:43:24
  10. 2018/7/6 16:43:53;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (11).vir;a variant of Linux/Mirai.BD trojan;deleted;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;173F670B3762FE024785C4DEEE4F7980452D901B;
  11. 2018/7/6 16:43:54;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (2).vir;Win32/InstallCore.Gen.A potentially unwanted application;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;046E576998DC797F9C9FB55C34BA48127792C1EA;2018/7/6 16:43:24
  12. 2018/7/6 16:43:57;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (15).vir;Win32/Adware.Zdengo.ANG application;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;D0251915C6910ACC7032436336E99716FEB190E0;2018/7/6 16:43:24
  13. 2018/7/6 16:43:57;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (14).vir;a variant of Generik.CNUVECQ trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;0D9640C50054EBB7AA0C114B6AF21D856FB01726;2018/7/6 16:43:24
  14. 2018/7/6 16:44:01;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (13).vir;a variant of MSIL/LockScreen.WH trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;2C178C9B6AD1EC2886003EE0847272098F34C318;2018/7/6 16:43:24
  15. 2018/7/6 16:44:08;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (19).vir;a variant of Generik.JWCVMPO trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;81A9C9A700D71DE166F08A76426A5FCC2BEB894C;2018/7/6 16:43:24
  16. 2018/7/6 16:44:09;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (20).vir;Win32/Adware.Dotdo.AB application;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;A874B6437168AD6D27BEA7FD4B2FF71294A5864E;
  17. 2018/7/6 16:44:14;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (16).vir;a variant of MSIL/Kryptik.NYP trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;519C52138AEC2137E8483FBF5AA7BD2976A01AD6;2018/7/6 16:43:24
  18. 2018/7/6 16:44:16;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (22).vir;a variant of Win32/Kryptik.GHQT trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;2B0732ADC25E86521047F1C8E2D921EF3EC21470;2018/7/6 16:43:24
  19. 2018/7/6 16:44:19;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (24).vir;a variant of Win32/Adware.Coupons.AA application;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;2589068F01C844606A85F6873CAD3E2F4062C245;2018/7/6 16:43:25
  20. 2018/7/6 16:44:22;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (21).vir;DOC/Agent.BL trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;11BFFF9B6B7876187D9AD8E4A642B40B35880171;2018/7/6 16:43:24
  21. 2018/7/6 16:44:22;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (26).vir;multiple threats;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;824C0FAAE682B08201CA0B245557436174ED6DA9;
  22. 2018/7/6 16:44:27;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (27).vir;Win32/Injector.DWPW trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;0266561BC5A50D411F378603BEF26199AC4CB46E;2018/7/6 16:43:25
  23. 2018/7/6 16:44:29;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (31).vir;a variant of Win32/Adware.Coupons.AA application;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;D13DCA442FFB8E5C5A3298559A5023CAF71C2898;2018/7/6 16:43:25
  24. 2018/7/6 16:44:29;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (30).vir;a variant of Win32/DownWare.AY potentially unwanted application;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;6D0B60E6D61DF7C694A9989C42EEA228C972FC2B;2018/7/6 16:43:25
  25. 2018/7/6 16:44:34;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (28).vir;a variant of Win32/FusionCore.I potentially unwanted application;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;F1C82BD0859C1450FF48B4DD32ECC355093BE402;
  26. 2018/7/6 16:44:36;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (25).vir;Win32/Filecoder.Ishtar.R trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;E51FA875283175C0CFA8B3DEAADF9F3FC10D8345;
  27. 2018/7/6 16:44:36;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (33).vir;a variant of Win32/NukeSped.CE trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;EAA9659457479502183EA9BEFD1A1C178307A428;2018/7/6 16:43:25
  28. 2018/7/6 16:44:39;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (34).vir;a variant of Win32/Auslogics.C potentially unwanted application;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;7803926B6BBB704ED8F63809D6635AE811BDBDC2;2018/7/6 16:43:25
  29. 2018/7/6 16:44:41;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (36).vir;Win32/HoudRat.E trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;1DCF60FC07E66F386106D06AB81B0E2DB49380E1;2018/7/6 16:43:25
  30. 2018/7/6 16:44:41;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (39).vir;a variant of MSIL/HackTool.BruteForce.HB trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;3E4186CD57A4A8D31A41766F21BDDBEB37547240;2018/7/6 16:43:25
  31. 2018/7/6 16:44:46;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (38).vir;a variant of Win32/Kryptik.GGSC trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;A1972B3391E9C0C65C50C9924C2887B9D2EF237D;2018/7/6 16:43:25
  32. 2018/7/6 16:44:50;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (41).vir;a variant of MSIL/Spy.Keylogger.DF trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;BF6B20570696B39908240B690422EB6B85E91EB1;2018/7/6 16:43:25
  33. 2018/7/6 16:44:50;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (40).vir;a variant of Win32/Adware.ConnectUpdate.A application;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;59C94235D380D09A479291CD3400694D1C2EC18D;2018/7/6 16:43:25
  34. 2018/7/6 16:44:50;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (46).vir;a variant of MSIL/Bladabindi.AN trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;5985086A2A09FF315866EEC101BF33FD030A3696;2018/7/6 16:43:25
  35. 2018/7/6 16:44:53;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (45).vir;JS/Vjworm.S worm;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;743B9BC26EADB05F786DDC642A71EB7A6057F99E;2018/7/6 16:43:25
  36. 2018/7/6 16:44:56;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (44).vir;a variant of Win32/Spy.KeyLogger.QFB trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;71C47A7BF6BEEA803E1CDE82268F87BF31536DFC;2018/7/6 16:43:25
  37. 2018/7/6 16:44:57;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (42).vir;Win32/InstallCore.Gen.A potentially unwanted application;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;AF6FDBDC4E4293B2BFF63CB076BB2CFA4FFDEEEE;2018/7/6 16:43:25
  38. 2018/7/6 16:44:57;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (48).vir;a variant of MSIL/HackTool.BruteForce.HG trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;2FED0956F88136363D685588EA45B2E93B56D06B;2018/7/6 16:43:25
  39. 2018/7/6 16:45:01;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (49).vir;a variant of Generik.BANGUQJ trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;617CF57635BCFF3083530FDD80B47B8CB1B2CE4D;2018/7/6 16:43:25
  40. 2018/7/6 16:45:04;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (47).vir;a variant of Win32/DealPly.SG potentially unwanted application;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\winrar.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;0B1B04EA2C57F38D39DC73FF6E87040F8DE6F0A1;2018/7/6 16:43:25
复制代码


剩余样本 HitmanPro 4x


  1. HitmanPro 3.8.0.292
  2. www.hitmanpro.com

  3.    Computer name . . . . : DESKTOP-VPBE70N
  4.    Windows . . . . . . . : 10.0.0.17134.X64/4
  5.    User name . . . . . . : DESKTOP-VPBE70N\zhong
  6.    UAC . . . . . . . . . : Enabled
  7.    License . . . . . . . : Paid (255 days left)

  8.    Scan date . . . . . . : 2018-07-06 16:48:08
  9.    Scan mode . . . . . . : Context
  10.    Scan duration . . . . : 12s
  11.    Disk access mode  . . : Direct disk access (FsdHigh)
  12.    Cloud . . . . . . . . : Internet
  13.    Reboot  . . . . . . . : No

  14.    Threats . . . . . . . : 4

  15.    Objects scanned . . . : 10
  16.    Files scanned . . . . : 10
  17.    Remnants scanned  . . : 0 files / 0 keys

  18. Malware _____________________________________________________________________

  19.    C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (23).vir
  20.       Size . . . . . . . : 1,012,330 bytes
  21.       Age  . . . . . . . : 0.0 days (2018-07-06 16:43:25)
  22.       Entropy  . . . . . : 8.0
  23.       SHA-256  . . . . . : 93EB41F1593C044EB981AD1FA83A0008B50E5E138AC4AA83F9E15CD6A4291995
  24.       Product  . . . . . : BMWAiCoder
  25.       Publisher  . . . . : BMWAi labs.
  26.       Description
  27.       Version  . . . . . : 4.4.3.780
  28.       LanguageID . . . . : 2052
  29.     > HitmanPro  . . . . : Mal/Packer

  30.    C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (29).vir
  31.       Size . . . . . . . : 1,177,600 bytes
  32.       Age  . . . . . . . : 0.0 days (2018-07-06 16:43:25)
  33.       Entropy  . . . . . : 8.0
  34.       SHA-256  . . . . . : 6654658D349748C097EC78D3986A10DC438BFB88E437D093E10237BA4E931226
  35.     > Bitdefender  . . . : Trojan.GenericKD.12000205
  36.     > Kaspersky  . . . . : UDS:DangerousObject.Multi.Generic
  37.     > HitmanPro  . . . . : Mal/Generic-S

  38.    C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (35).vir
  39.       Size . . . . . . . : 71,168 bytes
  40.       Age  . . . . . . . : 0.0 days (2018-07-06 16:43:25)
  41.       Entropy  . . . . . : 6.6
  42.       SHA-256  . . . . . : 27C0A569AEE72FC5F4452658B086C82C079E2E6647414CEC9DD1723DF05F4B80
  43.     > Bitdefender  . . . : Trojan.Agent.CLHF
  44.     > HitmanPro  . . . . : Mal/Generic-S

  45.    C:\Users\zhong\Downloads\Compressed\VIRUS TEST\卡饭\VirusSamples_13\Samp (7).vir
  46.       Size . . . . . . . : 3,453,598 bytes
  47.       Age  . . . . . . . : 0.0 days (2018-07-06 16:43:24)
  48.       Entropy  . . . . . : 8.0
  49.       SHA-256  . . . . . : 96BF28072BE4B08A7E90A2721C9F21E7236C5301666F8A7948277F1439D51916
  50.     > Bitdefender  . . . : Trojan.GenericKD.30700042



复制代码




本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
ynghaos
发表于 2018-7-6 16:47:12 | 显示全部楼层
BD+NS杀41
ynghaos
发表于 2018-7-6 16:48:29 | 显示全部楼层

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
www-tekeze
 楼主| 发表于 2018-7-6 16:55:28 | 显示全部楼层

够厉害! 上个样本集ESET没测modified,不知情况如何? 这次试试呗。。
191196846
发表于 2018-7-6 16:56:33 | 显示全部楼层
www-tekeze 发表于 2018-7-6 16:55
够厉害! 上个样本集ESET没测modified,不知情况如何? 这次试试呗。。

不会有任何差别
www-tekeze
 楼主| 发表于 2018-7-6 16:57:41 | 显示全部楼层
本帖最后由 www-tekeze 于 2018-7-6 16:58 编辑

这是BD的吗,只杀了36个,单独用NS试试呢。。
www-tekeze
 楼主| 发表于 2018-7-6 16:58:16 | 显示全部楼层

再试试修改MD5后的。。
www-tekeze
 楼主| 发表于 2018-7-6 17:00:26 | 显示全部楼层

呵呵,我可不信。。    PS:上个样本集我已试过,少了4个还是5个。
fzshot
发表于 2018-7-6 17:03:40 | 显示全部楼层
本帖最后由 fzshot 于 2018-7-6 03:10 编辑

Avira 28/50 56%

  1. Start of the scan: 2018-07-06 05:01:58
  2. 07/06/2018,05-01-58        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\Samp (1).vir'
  3. 07/06/2018,05-01-58        [INFO]        c:\users\**\desktop\infected\Samp (1).vir
  4. 07/06/2018,05-01-58        [INFO]        [DETECTION] file contains 'Adware/Qjwmonkey.mljdv'
  5. 07/06/2018,05-01-58        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\Samp (10).vir'
  6. 07/06/2018,05-01-58        [INFO]        c:\users\**\desktop\infected\Samp (10).vir
  7. 07/06/2018,05-01-58        [INFO]        [DETECTION] file contains 'Adware/Coupons.xxfcr'
  8. 07/06/2018,05-01-58        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\Samp (11).vir'
  9. 07/06/2018,05-01-58        [INFO]        c:\users\**\desktop\infected\Samp (11).vir
  10. 07/06/2018,05-01-58        [INFO]        [DETECTION] file contains 'Linux/Mirai.xmyph'
  11. 07/06/2018,05-01-58        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\Samp (13).vir'
  12. 07/06/2018,05-01-58        [INFO]        c:\users\**\desktop\infected\Samp (13).vir
  13. 07/06/2018,05-01-58        [INFO]        [DETECTION] file contains 'TR/Agent.zwuqq'
  14. 07/06/2018,05-01-58        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\Samp (14).vir'
  15. 07/06/2018,05-01-58        [INFO]        c:\users\**\desktop\infected\Samp (14).vir
  16. 07/06/2018,05-01-58        [INFO]        [DETECTION] file contains 'HEUR/AGEN.1016828'
  17. 07/06/2018,05-01-58        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\Samp (16).vir'
  18. 07/06/2018,05-01-58        [INFO]        c:\users\**\desktop\infected\Samp (16).vir
  19. 07/06/2018,05-01-58        [INFO]        [DETECTION] file contains 'HEUR/AGEN.1002341'
  20. 07/06/2018,05-01-58        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\Samp (17).vir'
  21. 07/06/2018,05-01-58        [INFO]        c:\users\**\desktop\infected\Samp (17).vir
  22. 07/06/2018,05-01-58        [INFO]        [DETECTION] file contains 'TR/PowerShell.Gen'
  23. 07/06/2018,05-01-58        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\Samp (2).vir'
  24. 07/06/2018,05-01-58        [INFO]        The file 'c:\users\**\desktop\infected\Samp (2).vir' was scanned with the Protection Cloud. SHA256 = E79D40C7E9799BF1ACFFAEAFD18A29CE914B8714F9CD3B7076A4AA3D2785A966
  25. 07/06/2018,05-01-58        [INFO]        c:\users\**\desktop\infected\Samp (2).vir
  26. 07/06/2018,05-01-58        [INFO]        [DETECTION] file contains 'PUA/InstallCore'
  27. 07/06/2018,05-01-58        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\Samp (20).vir'
  28. 07/06/2018,05-01-58        [INFO]        c:\users\**\desktop\infected\Samp (20).vir
  29. 07/06/2018,05-01-58        [INFO]        [DETECTION] file contains 'Adware/Dotdo.bmkdt'
  30. 07/06/2018,05-01-58        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\Samp (22).vir'
  31. 07/06/2018,05-01-58        [INFO]        c:\users\**\desktop\infected\Samp (22).vir
  32. 07/06/2018,05-01-58        [INFO]        [DETECTION] file contains 'PUA/IStartSurf.Gen7'
  33. 07/06/2018,05-01-59        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\Samp (23).vir'
  34. 07/06/2018,05-01-59        [INFO]        The file 'c:\users\**\desktop\infected\Samp (23).vir' was scanned with the Protection Cloud. SHA256 = 93EB41F1593C044EB981AD1FA83A0008B50E5E138AC4AA83F9E15CD6A4291995
  35. 07/06/2018,05-01-59        [INFO]        c:\users\**\desktop\infected\Samp (23).vir
  36. 07/06/2018,05-01-59        [INFO]        [DETECTION] file contains 'HEUR/APC'
  37. 07/06/2018,05-01-59        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\Samp (24).vir'
  38. 07/06/2018,05-01-59        [INFO]        c:\users\**\desktop\infected\Samp (24).vir
  39. 07/06/2018,05-01-59        [INFO]        [DETECTION] file contains 'Adware/Coupons.xxfcr'
  40. 07/06/2018,05-01-59        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\Samp (25).vir'
  41. 07/06/2018,05-01-59        [INFO]        c:\users\**\desktop\infected\Samp (25).vir
  42. 07/06/2018,05-01-59        [INFO]        [DETECTION] file contains 'TR/BrowserPwdStealer.gyfuo'
  43. 07/06/2018,05-01-59        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\Samp (28).vir'
  44. 07/06/2018,05-01-59        [INFO]        c:\users\**\desktop\infected\Samp (28).vir
  45. 07/06/2018,05-01-59        [INFO]        [DETECTION] file contains 'PUA/FusionCore.fkh'
  46. 07/06/2018,05-01-59        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\Samp (29).vir'
  47. 07/06/2018,05-01-59        [INFO]        c:\users\**\desktop\infected\Samp (29).vir
  48. 07/06/2018,05-01-59        [INFO]        [DETECTION] file contains 'TR/Graftor.43190.253'
  49. 07/06/2018,05-01-59        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\Samp (30).vir'
  50. 07/06/2018,05-01-59        [INFO]        c:\users\**\desktop\infected\Samp (30).vir
  51. 07/06/2018,05-01-59        [INFO]        [DETECTION] file contains 'TR/Agent.ijyfr'
  52. 07/06/2018,05-01-59        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\Samp (31).vir'
  53. 07/06/2018,05-01-59        [INFO]        c:\users\**\desktop\infected\Samp (31).vir
  54. 07/06/2018,05-01-59        [INFO]        [DETECTION] file contains 'Adware/Coupons.xxfcr'
  55. 07/06/2018,05-01-59        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\Samp (33).vir'
  56. 07/06/2018,05-01-59        [INFO]        c:\users\**\desktop\infected\Samp (33).vir
  57. 07/06/2018,05-01-59        [INFO]        [DETECTION] file contains 'TR/NukeSped.lnspa'
  58. 07/06/2018,05-01-59        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\Samp (38).vir'
  59. 07/06/2018,05-01-59        [INFO]        c:\users\**\desktop\infected\Samp (38).vir
  60. 07/06/2018,05-01-59        [INFO]        [DETECTION] file contains 'PUA/ICLoader.Gen7'
  61. 07/06/2018,05-02-00        [INFO]        The file 'c:\users\**\desktop\infected\Samp (40).vir' was scanned with the Protection Cloud. SHA256 = C130982342656AD1B4D588B0E985EC9D6169F279BBB748CD09727A3E96622FD2
  62. 07/06/2018,05-02-00        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\Samp (41).vir'
  63. 07/06/2018,05-02-00        [INFO]        c:\users\**\desktop\infected\Samp (41).vir
  64. 07/06/2018,05-02-00        [INFO]        [DETECTION] file contains 'TR/Keylogger.aci'
  65. 07/06/2018,05-02-00        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\Samp (42).vir'
  66. 07/06/2018,05-02-00        [INFO]        The file 'c:\users\**\desktop\infected\Samp (42).vir' was scanned with the Protection Cloud. SHA256 = 0B1E920548DD4E54751F15AB5D5F9A97866B0D09CD97D00964FB5849B4A21C4A
  67. 07/06/2018,05-02-00        [INFO]        c:\users\**\desktop\infected\Samp (42).vir
  68. 07/06/2018,05-02-00        [INFO]        [DETECTION] file contains 'PUA/InstallCore'
  69. 07/06/2018,05-02-00        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\Samp (43).vir'
  70. 07/06/2018,05-02-00        [INFO]        c:\users\**\desktop\infected\Samp (43).vir
  71. 07/06/2018,05-02-00        [INFO]        [DETECTION] file contains 'TR/PowerShell.Gen'
  72. 07/06/2018,05-02-00        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\Samp (44).vir'
  73. 07/06/2018,05-02-00        [INFO]        c:\users\**\desktop\infected\Samp (44).vir
  74. 07/06/2018,05-02-00        [INFO]        [DETECTION] file contains 'TR/SPY.KeyLogger.mnafq'
  75. 07/06/2018,05-02-00        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\Samp (46).vir'
  76. 07/06/2018,05-02-00        [INFO]        c:\users\**\desktop\infected\Samp (46).vir
  77. 07/06/2018,05-02-00        [INFO]        [DETECTION] file contains 'TR/Bladabindi.rguvg'
  78. 07/06/2018,05-02-00        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\Samp (47).vir'
  79. 07/06/2018,05-02-00        [INFO]        c:\users\**\desktop\infected\Samp (47).vir
  80. 07/06/2018,05-02-00        [INFO]        [DETECTION] file contains 'Adware/DealPly.rqiis'
  81. 07/06/2018,05-02-00        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\Samp (49).vir'
  82. 07/06/2018,05-02-00        [INFO]        c:\users\**\desktop\infected\Samp (49).vir
  83. 07/06/2018,05-02-00        [INFO]        [DETECTION] file contains 'TR/Bulta.fvfwd'
  84. 07/06/2018,05-02-00        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\Samp (8).vir'
  85. 07/06/2018,05-02-00        [INFO]        c:\users\**\desktop\infected\Samp (8).vir
  86. 07/06/2018,05-02-00        [INFO]        [DETECTION] file contains 'Adware/RunBooster.Gen7'
  87. 07/06/2018,05-02-00        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected\Samp (9).vir'
  88. 07/06/2018,05-02-00        [INFO]        c:\users\**\desktop\infected\Samp (9).vir
  89. 07/06/2018,05-02-00        [INFO]        [DETECTION] file contains 'TR/Downloader.Gen'
复制代码


修改MD5 30/50 60% 神奇的多了两个。。。 15和26
  1. Start of the scan: 2018-07-06 05:05:22
  2. 07/06/2018,05-05-23        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected_m\Samp-M_(1).vir'
  3. 07/06/2018,05-05-23        [INFO]        c:\users\**\desktop\infected_m\Samp-M_(1).vir
  4. 07/06/2018,05-05-23        [INFO]        [DETECTION] file contains 'Adware/Qjwmonkey.mljdv'
  5. 07/06/2018,05-05-23        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected_m\Samp-M_(10).vir'
  6. 07/06/2018,05-05-23        [INFO]        c:\users\**\desktop\infected_m\Samp-M_(10).vir
  7. 07/06/2018,05-05-23        [INFO]        [DETECTION] file contains 'Adware/Coupons.xxfcr'
  8. 07/06/2018,05-05-23        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected_m\Samp-M_(13).vir'
  9. 07/06/2018,05-05-23        [INFO]        c:\users\**\desktop\infected_m\Samp-M_(13).vir
  10. 07/06/2018,05-05-23        [INFO]        [DETECTION] file contains 'TR/Agent.zwuqq'
  11. 07/06/2018,05-05-23        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected_m\Samp-M_(14).vir'
  12. 07/06/2018,05-05-23        [INFO]        c:\users\**\desktop\infected_m\Samp-M_(14).vir
  13. 07/06/2018,05-05-23        [INFO]        [DETECTION] file contains 'HEUR/AGEN.1016828'
  14. 07/06/2018,05-05-43        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected_m\Samp-M_(15).vir'
  15. 07/06/2018,05-05-43        [INFO]        The file 'c:\users\**\desktop\infected_m\Samp-M_(15).vir' has been uploaded to the Protection Cloud and analyzed. SHA256 = C57C4ECD3EF5A64FF9FE4B39F7587174FD47F466CC5743BD089EFB70C9293A57
  16. 07/06/2018,05-05-43        [INFO]        c:\users\**\desktop\infected_m\Samp-M_(15).vir
  17. 07/06/2018,05-05-43        [INFO]        [DETECTION] file contains 'Adware/Zdengo.c57c4e'
  18. 07/06/2018,05-05-57        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected_m\Samp-M_(16).vir'
  19. 07/06/2018,05-05-57        [INFO]        The file 'c:\users\**\desktop\infected_m\Samp-M_(16).vir' has been uploaded to the Protection Cloud and analyzed. SHA256 = 595F23D2FC0EC701FC7D6742C55745CB65E67C29F3CF25424EE870E88922F091
  20. 07/06/2018,05-05-57        [INFO]        c:\users\**\desktop\infected_m\Samp-M_(16).vir
  21. 07/06/2018,05-05-57        [INFO]        [DETECTION] file contains 'TR/Spy.Gen8'
  22. 07/06/2018,05-05-57        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected_m\Samp-M_(17).vir'
  23. 07/06/2018,05-05-57        [INFO]        c:\users\**\desktop\infected_m\Samp-M_(17).vir
  24. 07/06/2018,05-05-57        [INFO]        [DETECTION] file contains 'TR/PowerShell.Gen'
  25. 07/06/2018,05-06-11        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected_m\Samp-M_(2).vir'
  26. 07/06/2018,05-06-11        [INFO]        The file 'c:\users\**\desktop\infected_m\Samp-M_(2).vir' has been uploaded to the Protection Cloud and analyzed. SHA256 = E8F00AB434B4D52F819812B0704F1DBCA4923C7F1E3B28A9F336D2E7DFAFA05B
  27. 07/06/2018,05-06-11        [INFO]        c:\users\**\desktop\infected_m\Samp-M_(2).vir
  28. 07/06/2018,05-06-11        [INFO]        [DETECTION] file contains 'PUA/InstallCore'
  29. 07/06/2018,05-06-11        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected_m\Samp-M_(20).vir'
  30. 07/06/2018,05-06-11        [INFO]        c:\users\**\desktop\infected_m\Samp-M_(20).vir
  31. 07/06/2018,05-06-11        [INFO]        [DETECTION] file contains 'Adware/Dotdo.bmkdt'
  32. 07/06/2018,05-06-11        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected_m\Samp-M_(22).vir'
  33. 07/06/2018,05-06-11        [INFO]        c:\users\**\desktop\infected_m\Samp-M_(22).vir
  34. 07/06/2018,05-06-11        [INFO]        [DETECTION] file contains 'PUA/IStartSurf.Gen7'
  35. 07/06/2018,05-06-12        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected_m\Samp-M_(23).vir'
  36. 07/06/2018,05-06-12        [INFO]        c:\users\**\desktop\infected_m\Samp-M_(23).vir
  37. 07/06/2018,05-06-12        [INFO]        [DETECTION] file contains 'HEUR/AGEN.1019877'
  38. 07/06/2018,05-06-12        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected_m\Samp-M_(24).vir'
  39. 07/06/2018,05-06-12        [INFO]        c:\users\**\desktop\infected_m\Samp-M_(24).vir
  40. 07/06/2018,05-06-12        [INFO]        [DETECTION] file contains 'Adware/Coupons.xxfcr'
  41. 07/06/2018,05-06-12        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected_m\Samp-M_(25).vir'
  42. 07/06/2018,05-06-12        [INFO]        c:\users\**\desktop\infected_m\Samp-M_(25).vir
  43. 07/06/2018,05-06-12        [INFO]        [DETECTION] file contains 'TR/BrowserPwdStealer.gyfuo'
  44. 07/06/2018,05-06-13        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected_m\Samp-M_(26).vir'
  45. 07/06/2018,05-06-13        [INFO]        c:\users\**\desktop\infected_m\Samp-M_(26).vir
  46. 07/06/2018,05-06-13        [INFO]        [DETECTION] file contains 'Adware/Relevant.wqskv'
  47. 07/06/2018,05-06-13        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected_m\Samp-M_(28).vir'
  48. 07/06/2018,05-06-13        [INFO]        The file 'c:\users\**\desktop\infected_m\Samp-M_(28).vir' was scanned with the Protection Cloud. SHA256 = 498C3E8A654F3305DAB28B3CFEE0A5881157B869922DBF49E7068CD2A3D59F66
  49. 07/06/2018,05-06-13        [INFO]        c:\users\**\desktop\infected_m\Samp-M_(28).vir
  50. 07/06/2018,05-06-13        [INFO]        [DETECTION] file contains 'PUA/Fusion'
  51. 07/06/2018,05-06-13        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected_m\Samp-M_(29).vir'
  52. 07/06/2018,05-06-13        [INFO]        c:\users\**\desktop\infected_m\Samp-M_(29).vir
  53. 07/06/2018,05-06-13        [INFO]        [DETECTION] file contains 'TR/Graftor.43190.253'
  54. 07/06/2018,05-06-13        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected_m\Samp-M_(30).vir'
  55. 07/06/2018,05-06-13        [INFO]        c:\users\**\desktop\infected_m\Samp-M_(30).vir
  56. 07/06/2018,05-06-13        [INFO]        [DETECTION] file contains 'TR/Agent.ijyfr'
  57. 07/06/2018,05-06-14        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected_m\Samp-M_(31).vir'
  58. 07/06/2018,05-06-14        [INFO]        c:\users\**\desktop\infected_m\Samp-M_(31).vir
  59. 07/06/2018,05-06-14        [INFO]        [DETECTION] file contains 'Adware/Coupons.xxfcr'
  60. 07/06/2018,05-06-35        [INFO]        The file 'c:\users\**\desktop\infected_m\Samp-M_(32).vir' was scanned with the Protection Cloud. SHA256 = 3076B1CCFA76C8E99BBCCAA2602B36ED66E0D49051128F3122C0932C9A8ACD7A
  61. 07/06/2018,05-06-35        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected_m\Samp-M_(33).vir'
  62. 07/06/2018,05-06-35        [INFO]        c:\users\**\desktop\infected_m\Samp-M_(33).vir
  63. 07/06/2018,05-06-35        [INFO]        [DETECTION] file contains 'TR/NukeSped.lnspa'
  64. 07/06/2018,05-06-36        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected_m\Samp-M_(38).vir'
  65. 07/06/2018,05-06-36        [INFO]        c:\users\**\desktop\infected_m\Samp-M_(38).vir
  66. 07/06/2018,05-06-36        [INFO]        [DETECTION] file contains 'PUA/ICLoader.Gen7'
  67. 07/06/2018,05-06-48        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected_m\Samp-M_(40).vir'
  68. 07/06/2018,05-06-48        [INFO]        The file 'c:\users\**\desktop\infected_m\Samp-M_(40).vir' has been uploaded to the Protection Cloud and analyzed. SHA256 = E877A9CEB0F0753712425BD12BC833585F95E6265BD1B4F2D3B84B63314AB30F
  69. 07/06/2018,05-06-48        [INFO]        c:\users\**\desktop\infected_m\Samp-M_(40).vir
  70. 07/06/2018,05-06-48        [INFO]        [DETECTION] file contains 'Adware/Agent.e877a9'
  71. 07/06/2018,05-06-48        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected_m\Samp-M_(41).vir'
  72. 07/06/2018,05-06-48        [INFO]        c:\users\**\desktop\infected_m\Samp-M_(41).vir
  73. 07/06/2018,05-06-48        [INFO]        [DETECTION] file contains 'TR/Keylogger.aci'
  74. 07/06/2018,05-07-02        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected_m\Samp-M_(42).vir'
  75. 07/06/2018,05-07-02        [INFO]        The file 'c:\users\**\desktop\infected_m\Samp-M_(42).vir' has been uploaded to the Protection Cloud and analyzed. SHA256 = C0329E199E5CF7F12D832638E46F3156F5F0ACC3CDF59D3AA1F9C7EBFE159685
  76. 07/06/2018,05-07-02        [INFO]        c:\users\**\desktop\infected_m\Samp-M_(42).vir
  77. 07/06/2018,05-07-02        [INFO]        [DETECTION] file contains 'PUA/InstallCore'
  78. 07/06/2018,05-07-02        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected_m\Samp-M_(43).vir'
  79. 07/06/2018,05-07-02        [INFO]        c:\users\**\desktop\infected_m\Samp-M_(43).vir
  80. 07/06/2018,05-07-02        [INFO]        [DETECTION] file contains 'TR/PowerShell.Gen'
  81. 07/06/2018,05-07-03        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected_m\Samp-M_(44).vir'
  82. 07/06/2018,05-07-03        [INFO]        c:\users\**\desktop\infected_m\Samp-M_(44).vir
  83. 07/06/2018,05-07-03        [INFO]        [DETECTION] file contains 'TR/SPY.KeyLogger.mnafq'
  84. 07/06/2018,05-07-03        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected_m\Samp-M_(46).vir'
  85. 07/06/2018,05-07-03        [INFO]        c:\users\**\desktop\infected_m\Samp-M_(46).vir
  86. 07/06/2018,05-07-03        [INFO]        [DETECTION] file contains 'TR/Bladabindi.rguvg'
  87. 07/06/2018,05-07-03        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected_m\Samp-M_(47).vir'
  88. 07/06/2018,05-07-03        [INFO]        c:\users\**\desktop\infected_m\Samp-M_(47).vir
  89. 07/06/2018,05-07-03        [INFO]        [DETECTION] file contains 'Adware/DealPly.rqiis'
  90. 07/06/2018,05-07-03        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected_m\Samp-M_(49).vir'
  91. 07/06/2018,05-07-03        [INFO]        c:\users\**\desktop\infected_m\Samp-M_(49).vir
  92. 07/06/2018,05-07-03        [INFO]        [DETECTION] file contains 'TR/Bulta.fvfwd'
  93. 07/06/2018,05-07-03        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected_m\Samp-M_(8).vir'
  94. 07/06/2018,05-07-03        [INFO]        c:\users\**\desktop\infected_m\Samp-M_(8).vir
  95. 07/06/2018,05-07-03        [INFO]        [DETECTION] file contains 'Adware/RunBooster.Gen7'
  96. 07/06/2018,05-07-03        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\infected_m\Samp-M_(9).vir'
  97. 07/06/2018,05-07-03        [INFO]        c:\users\**\desktop\infected_m\Samp-M_(9).vir
  98. 07/06/2018,05-07-03        [INFO]        [DETECTION] file contains 'TR/Downloader.Gen'
复制代码



您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛|优惠券| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 苏ICP备07004770号 ) GMT+8, 2018-7-18 10:57 , Processed in 0.116923 second(s), 20 queries .

快速回复 返回顶部 返回列表