楼主: www-tekeze
收起左侧

[病毒样本] 样本集奉上_19

  [复制链接]
嶝鄇
发表于 2018-7-13 09:56:01 | 显示全部楼层
360主动防御 发表于 2018-7-13 09:54
我联系国际版同事核实一下

感谢~
救命稻草
发表于 2018-7-13 09:58:21 | 显示全部楼层
就两种报毒名,前面一种后面一种。

{"filename":"F:\\VirusSamples_19\\Samp_VBS (10).vir","infect":{"engine":"md5","signature":"bWQ1Or6gHzM5CNyDcz8wiFwHV6I","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (105).vir","infect":{"engine":"md5","signature":"bWQ1Ouvj/gcZmol+F68XAm5WsPE","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (101).vir","infect":{"engine":"md5","signature":"bWQ1OhIuP9w75SCVK4UFifPczrE","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (103).vir","infect":{"engine":"md5","signature":"bWQ1OlnlJjUUQQWv3oPjva2AoBs","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (1).vir","infect":{"engine":"md5","signature":"bWQ1Ot93pqcV3wgMD7crInWw+70","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (104).vir","infect":{"engine":"md5","signature":"bWQ1OvJo5z/5PpYb91xuJ/Y+4ao","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (102).vir","infect":{"engine":"md5","signature":"bWQ1OkIdq4TNolNxJyIPFnye1Cs","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (100).vir","infect":{"engine":"md5","signature":"bWQ1OoOJpkoWXMxPu5b0hohemN8","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (11).vir","infect":{"engine":"md5","signature":"bWQ1OrONZoTLjbPIMQdNhOUGqok","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (106).vir","infect":{"engine":"md5","signature":"bWQ1Om1lnX2w+c8WyoTzPDmkx28","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (107).vir","infect":{"engine":"md5","signature":"bWQ1Oqeg+JYybFSU5YGEQDm+WDY","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (108).vir","infect":{"engine":"md5","signature":"bWQ1OiEyc0hPQn6Y96z7Ad5KS3I","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (109).vir","infect":{"engine":"md5","signature":"bWQ1Ov+JqbrzyX+taxaNR1YhdPk","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (110).vir","infect":{"engine":"md5","signature":"bWQ1OmJoKleVlMlORQRyjYMITRI","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (112).vir","infect":{"engine":"md5","signature":"bWQ1OlOj7F9snu7kdVnkLG0iztc","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (111).vir","infect":{"engine":"md5","signature":"bWQ1OhtFs1a98q+XW/wxaQAButE","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (113).vir","infect":{"engine":"md5","signature":"bWQ1Ol29VzgVQMBBW0lg4q67zQI","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (114).vir","infect":{"engine":"md5","signature":"bWQ1OjQiYgPlG9J/bLgDvBNUShc","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (115).vir","infect":{"engine":"md5","signature":"bWQ1Oq1ClBzD8OLQRxa476PSv1g","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (117).vir","infect":{"engine":"md5","signature":"bWQ1Os7AWiiWNkvDdbvHnkboWD0","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (119).vir","infect":{"engine":"md5","signature":"bWQ1OkWp50UN8JtLEFJYYZswlzU","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (118).vir","infect":{"engine":"md5","signature":"bWQ1Oqb2x4c+8im+sBAZmfOKpUk","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (12).vir","type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (116).vir","type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (120).vir","infect":{"engine":"md5","signature":"bWQ1OjkOTj7sIPYwVo2TujQyDAo","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (123).vir","infect":{"engine":"md5","signature":"bWQ1OuNWhwfSJcuRmbQEcMwbat8","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (124).vir","infect":{"engine":"md5","signature":"bWQ1OnRiYcnoc2IdxG29VWWEjzU","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (121).vir","infect":{"engine":"md5","signature":"bWQ1Old4+8sHfHgxD560+LvQ4WY","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (122).vir","infect":{"engine":"md5","signature":"bWQ1OjClDdW0EQZlgeucr7faXMM","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (125).vir","infect":{"engine":"md5","signature":"bWQ1OjeLM4iUzwq8zH2RVcnj39w","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (126).vir","infect":{"engine":"md5","signature":"bWQ1Olq8fYsrCviG0rLCJBKnSZs","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (127).vir","infect":{"engine":"md5","signature":"bWQ1OtnYOCrK05qDKaUGNOe7NEI","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (128).vir","infect":{"engine":"md5","signature":"bWQ1OkRzS5MCbEjW6HQQJe0SuTA","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (132).vir","infect":{"engine":"md5","signature":"bWQ1OuBHg7iC0JWellGjp3dasuM","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (13).vir","infect":{"engine":"classic","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (130).vir","infect":{"engine":"md5","signature":"bWQ1OuN/7/R2fNdf7bkYGi02vOM","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (129).vir","infect":{"engine":"md5","signature":"bWQ1Oj+Qw3mmCp6OVCv8fjiEu2A","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (131).vir","infect":{"engine":"md5","signature":"bWQ1OiKi/0mh7rm3T7MxsINcX0M","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (133).vir","infect":{"engine":"md5","signature":"bWQ1OvBZu0Nr/2YfrabjAaKwtpk","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (134).vir","infect":{"engine":"md5","signature":"bWQ1OvCtMqe7Nu+LVNcufu1q1nw","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (135).vir","infect":{"engine":"md5","signature":"bWQ1OkqEs8rqzJVPzZY4FyrSYbk","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (136).vir","infect":{"engine":"md5","signature":"bWQ1Os0hsdb1vGyXESbyLdsG7xQ","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (139).vir","infect":{"engine":"md5","signature":"bWQ1Op9n5y6UHbv5N01nBvbMFc4","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (137).vir","infect":{"engine":"md5","signature":"bWQ1OoeLmofnxvC4oRfO74z3IaY","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (140).vir","infect":{"engine":"md5","signature":"bWQ1OvIlv+8tJMF7sz/EjBQuMII","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (14).vir","infect":{"engine":"md5","signature":"bWQ1OuFabQ3CWZrg5cx2nge308A","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (138).vir","infect":{"engine":"md5","signature":"bWQ1Oj81Z7KiGPg7Q3W0UHTbvp0","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (141).vir","infect":{"engine":"md5","signature":"bWQ1OjHz1efhQMcC3M8jkHI4ZBQ","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (142).vir","infect":{"engine":"md5","signature":"bWQ1OgfmJuojVBEGZf98TZGNDkg","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (143).vir","infect":{"engine":"md5","signature":"bWQ1On3Wq/1wpCQROaqHrHEgs5E","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (144).vir","infect":{"engine":"md5","signature":"bWQ1OsYqC+33KJ28GnzOorHXCF4","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (146).vir","infect":{"engine":"md5","signature":"bWQ1Ot8KDYdqeEwhasUaamBPrU8","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (145).vir","infect":{"engine":"md5","signature":"bWQ1Osr9zbvJNkAejLK+wplNxlw","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (148).vir","infect":{"engine":"md5","signature":"bWQ1OrBw0PqT3gsLQ0nxPCuNyQY","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (147).vir","infect":{"engine":"md5","signature":"bWQ1OkzQGD2hxl5NKzCl1pWqIHM","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (149).vir","infect":{"engine":"md5","signature":"bWQ1OnlzCaMDBGE2qgLKzyzfiB8","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (15).vir","infect":{"engine":"md5","signature":"bWQ1OrR4j/Oy+tahV8XPzLri1Zo","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (152).vir","infect":{"engine":"md5","signature":"bWQ1Os4+iDZyU6XDGgIrJoQCc30","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (153).vir","infect":{"engine":"md5","signature":"bWQ1OrIqHquxsLffSdxqJPB22SM","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (154).vir","infect":{"engine":"md5","signature":"bWQ1OmDFfJQu2bfBfaaV7ry49AM","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (155).vir","infect":{"engine":"md5","signature":"bWQ1OoKHzONreCzZhXYELsyzDUQ","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (151).vir","infect":{"engine":"md5","signature":"bWQ1Og80F4Uc1shbcMdyDQ9DqVM","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (150).vir","infect":{"engine":"md5","signature":"bWQ1OpjEYs9TGpwoMXGvLNzLLkI","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (156).vir","infect":{"engine":"md5","signature":"bWQ1OlP8w7yyW5ochKgb3vXq994","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (157).vir","infect":{"engine":"md5","signature":"bWQ1OgUzyXpON67rPBzZgEsAm8o","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (158).vir","infect":{"engine":"md5","signature":"bWQ1Oln/bGzyRrQn5LlxeXyYgso","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (159).vir","infect":{"engine":"md5","signature":"bWQ1Ov17CKNmZAC6FjPr5OUZWzk","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (16).vir","infect":{"engine":"md5","signature":"bWQ1OkKKz1/jLQmYtLBnoaFpBc8","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (18).vir","infect":{"engine":"md5","signature":"bWQ1OjVEnW84Cum/3l32BuSI2lQ","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (160).vir","infect":{"engine":"md5","signature":"bWQ1OqAxuj7QXknF57yH/Q96LX4","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (17).vir","infect":{"engine":"md5","signature":"bWQ1OvujVsgZ0lCUKVVUBQD+ZXk","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (19).vir","infect":{"engine":"md5","signature":"bWQ1OlIJyNS8pUeqHIo7CmagY4k","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (2).vir","infect":{"engine":"md5","signature":"bWQ1Ogip04/r7CQAtuFIJjD72T8","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (22).vir","type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (20).vir","infect":{"engine":"md5","signature":"bWQ1Okriu3ur0G/mpRUoFuXhQiM","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (24).vir","infect":{"engine":"md5","signature":"bWQ1OhtRJadit7HP57Plq5Xs1DU","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (21).vir","infect":{"engine":"md5","signature":"bWQ1Oi2MF5+whHsyLzWUK/BSPYI","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (23).vir","infect":{"engine":"md5","signature":"bWQ1OunYCLEAJqM9duiFbVcVg+c","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (25).vir","infect":{"engine":"md5","signature":"bWQ1OmPdW1TXx/g2jvNk9GWOp48","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (26).vir","infect":{"engine":"md5","signature":"bWQ1OsjwHV0ugSTXWsY8FgWpqLY","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (27).vir","infect":{"engine":"md5","signature":"bWQ1OkgQhBdsSlQyeWeyKzxKqzU","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (3).vir","infect":{"engine":"md5","signature":"bWQ1OiRGvcWVwZxBO9166qI3VGE","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (29).vir","infect":{"engine":"md5","signature":"bWQ1OgidVahqj8Cr7CiBUttSfyw","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (30).vir","infect":{"engine":"md5","signature":"bWQ1OvSA2vARt5fjXtBGYz2xNWk","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (31).vir","infect":{"engine":"md5","signature":"bWQ1OiabMRQegIKFDaszM0THKLQ","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (28).vir","infect":{"engine":"md5","signature":"bWQ1Ov0hP3Rn+3jpAb2f9K3vjck","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (32).vir","infect":{"engine":"md5","signature":"bWQ1OiEtiBYsechUZRq8kxX+phY","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (33).vir","infect":{"engine":"md5","signature":"bWQ1OusQG0xkcGnioM23lCmWrQ0","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (34).vir","infect":{"engine":"md5","signature":"bWQ1Ot54YLcNJP7kARt3gZlBOrM","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (35).vir","infect":{"engine":"md5","signature":"bWQ1OmZeImU1NyqzX6YiHSCkZNo","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (38).vir","infect":{"engine":"md5","signature":"bWQ1Om/h5W+3fuYhNUP6L8MzQ60","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (37).vir","infect":{"engine":"md5","signature":"bWQ1OrQuQzSedyZCK14u743SvQQ","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (36).vir","infect":{"engine":"md5","signature":"bWQ1OjoVW2cI699TZU1drYbdfwA","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (39).vir","infect":{"engine":"md5","signature":"bWQ1OpO3fYw/ycF6oTj3yK1bSM4","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (44).vir","type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (40).vir","infect":{"engine":"md5","signature":"bWQ1OjcaH9G83hEAO0kYXwaxMsQ","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (4).vir","infect":{"engine":"md5","signature":"bWQ1Ol50BXuxMKSvsIDQLcv7nyg","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (41).vir","infect":{"engine":"md5","signature":"bWQ1OmnO3jJMcerWtmRofuqe5qQ","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (43).vir","infect":{"engine":"md5","signature":"bWQ1OmosPAKOc/T6QsSGKsWv18o","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (46).vir","type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (42).vir","infect":{"engine":"md5","signature":"bWQ1OowYFUm5XmdmZxEcuciP9SE","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (48).vir","infect":{"engine":"md5","signature":"bWQ1OrMYvSdHyubN77Djr1QwvWE","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (49).vir","infect":{"engine":"md5","signature":"bWQ1Op34IgwN4HLxRxrc/0gkVzA","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (45).vir","infect":{"engine":"md5","signature":"bWQ1Op+EBlEfagY0F2JPOpAlNMc","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (47).vir","infect":{"engine":"md5","signature":"bWQ1Og6/pz7aww6JSQ2Sm43eZKM","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (5).vir","infect":{"engine":"md5","signature":"bWQ1OqUH0Wyd++rNsPpkY06yQ7A","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (50).vir","infect":{"engine":"md5","signature":"bWQ1OseKHTfiDuE9BypGhOtMaiY","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (51).vir","infect":{"engine":"md5","signature":"bWQ1OmXBEfWVGzssk2fKReyOiOw","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (52).vir","infect":{"engine":"md5","signature":"bWQ1OqIA0+qA8fqKily8TLyjH+4","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (53).vir","infect":{"engine":"md5","signature":"bWQ1Ohvsm2dmVoRAWkyhDDFVYGU","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (54).vir","infect":{"engine":"md5","signature":"bWQ1OoPt2rZJpF/vZi5aX66Cj3g","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (55).vir","infect":{"engine":"md5","signature":"bWQ1OrmgpS14uizrED7DPPVrpME","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (56).vir","infect":{"engine":"md5","signature":"bWQ1Oj1ulAhO8UWYpk+r0PbCPQ8","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (57).vir","infect":{"engine":"md5","signature":"bWQ1OvClFcgm1QonBpcrZHvuryA","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (58).vir","infect":{"engine":"md5","signature":"bWQ1OtG+Xi8kG35WcygLgapqPr4","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (59).vir","infect":{"engine":"md5","signature":"bWQ1Om+dIvRctA978x8hVu/uSrw","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (6).vir","infect":{"engine":"md5","signature":"bWQ1OvWWIZrCP5SHLlesz8uHeUU","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (60).vir","infect":{"engine":"md5","signature":"bWQ1OmGhkfJUdgYTVAGzHHyJ6gg","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (62).vir","infect":{"engine":"md5","signature":"bWQ1OpcD+kTHPCK64HCa1vHZ5oE","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (63).vir","infect":{"engine":"md5","signature":"bWQ1OkuMiIOU1oKxy0t1fyW6xJc","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (61).vir","infect":{"engine":"md5","signature":"bWQ1Ojsl5gJsYXFI4h8RfGZE5Ew","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (65).vir","infect":{"engine":"md5","signature":"bWQ1OhbdgLd/C/guHIQiXbAi5T0","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (64).vir","infect":{"engine":"md5","signature":"bWQ1Ogtz2cf5RbMU41+MRZ/fynw","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (67).vir","infect":{"engine":"md5","signature":"bWQ1Ok8yyZVpDmQ+QgryYvB8Zyk","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (66).vir","infect":{"engine":"md5","signature":"bWQ1Ok7R1CSaHP5h9w68b4tD6dM","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (68).vir","infect":{"engine":"md5","signature":"bWQ1OnLhZffpITdfYYdb0UHqJPU","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (7).vir","infect":{"engine":"md5","signature":"bWQ1Oiq308aYRtFvnYO7fXCuq60","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (69).vir","infect":{"engine":"md5","signature":"bWQ1OsvIdKSZdc8HghvAGgxYZ2k","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (70).vir","infect":{"engine":"md5","signature":"bWQ1Os0SRNDt5ZQlBJiOASzhx/A","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (72).vir","infect":{"engine":"md5","signature":"bWQ1OnTHjOwGnBDhONNVYQxhnwA","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (73).vir","infect":{"engine":"md5","signature":"bWQ1OkrnhBJbvTTusOq7UTBhuHk","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (74).vir","infect":{"engine":"md5","signature":"bWQ1OkdTwwavi0N3MQK6HmsSUJ4","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (71).vir","infect":{"engine":"md5","signature":"bWQ1OnZ3fK3RgWFBPMcil/yS2fw","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (75).vir","infect":{"engine":"md5","signature":"bWQ1OnZJaQrzsDd7ObOanf9/usQ","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (76).vir","infect":{"engine":"md5","signature":"bWQ1OkzvS3chPnoau82KY3fKzZI","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (8).vir","infect":{"engine":"md5","signature":"bWQ1OqyHwmHF9jyFaLJLbYt+2ZM","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (78).vir","infect":{"engine":"md5","signature":"bWQ1OvpLBwV2qWOzVE5aJkbJqLo","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (77).vir","type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (79).vir","infect":{"engine":"md5","signature":"bWQ1OgiX5VrE6BQpg304CCfyhds","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (80).vir","infect":{"engine":"md5","signature":"bWQ1OkOHOfZp7OgMruAzDljJTf4","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (82).vir","infect":{"engine":"md5","signature":"bWQ1OkAy9PCME2rPN9k3mN6e6NU","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (81).vir","type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (83).vir","infect":{"engine":"md5","signature":"bWQ1OqpZr2MF8IC/50y+0g8LtGU","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (84).vir","infect":{"engine":"md5","signature":"bWQ1OovAxiu71xU6lEdNhOOfAhA","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (86).vir","infect":{"engine":"md5","signature":"bWQ1Oj9lKg48T3FodnYwJ52y6jE","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (85).vir","infect":{"engine":"md5","signature":"bWQ1OtEeWD9/rwn3X1k76jKvtDk","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (87).vir","infect":{"engine":"md5","signature":"bWQ1OuX3zFP95M5TRKJUybbhWQ8","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (88).vir","infect":{"engine":"md5","signature":"bWQ1Oh5f13DUXzjbGSbb7hGeIhQ","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (89).vir","infect":{"engine":"md5","signature":"bWQ1OmvKvp+XloAp7ZAikXOTnxU","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (9).vir","infect":{"engine":"md5","signature":"bWQ1Ol7GlK8Jc6hH6SJVLRqdjoY","threat":"Trojan.Obufs/JS!1.A54E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (90).vir","infect":{"engine":"md5","signature":"bWQ1Ok7quKH8bSWfKrTFZiqbH1E","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (94).vir","infect":{"engine":"md5","signature":"bWQ1OrEv8SLcCZJ8MFo35G06SfA","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (91).vir","infect":{"engine":"md5","signature":"bWQ1OkyDxo2xKwwh5OqE5gHjuP4","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (95).vir","infect":{"engine":"md5","signature":"bWQ1Ol8PKViW+FcDip6ebKfqinA","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (92).vir","infect":{"engine":"md5","signature":"bWQ1Okam5WEqmsmdLimbyJrAy7g","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (93).vir","infect":{"engine":"md5","signature":"bWQ1OuE4XI2OWXwP/PkvNJA/BEE","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (96).vir","infect":{"engine":"md5","signature":"bWQ1Os801awGjSC6jsSlwLuJcCg","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (97).vir","infect":{"engine":"md5","signature":"bWQ1OqL7mPbe2+yKBtxwSHKB070","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (98).vir","infect":{"engine":"md5","signature":"bWQ1Ooqq7rOm9A7NIJCFfE31hSQ","threat":"Trojan.Agent!8.B1E"},"type":"scan"}
{"filename":"F:\\VirusSamples_19\\Samp_VBS (99).vir","infect":{"engine":"md5","signature":"bWQ1Oj2yG+jNYuhZLRtS0cNdFGE","threat":"Trojan.Agent!8.B1E"},"type":"scan"}

扫描结束: Fri Jul 13 09:54:24 2018

总扫描耗时: 0:1:745(m:s:ms)
总扫描对象: 160
总扫描文件: 160
总恶意文件: 153
有效检出率: 95.63%

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
歌德塔大蜘蛛
发表于 2018-7-13 09:59:14 | 显示全部楼层
BeatTrojan 发表于 2018-7-12 18:03
您好,无文件一般有这六种方式:

1. Classic memory injection 常规注入(CreateRemoteThread, OpenProc ...

关注一下,拭目以待
www-tekeze
 楼主| 发表于 2018-7-13 10:10:47 | 显示全部楼层
B100D1E55 发表于 2018-7-13 05:23
跟智量官方解释同理,这种vbs脚本大多是downloader,只有下载真正的payload并运行才有害。ESET为了低误报 ...

有智量官人和B神的解答,豁然开朗。。     努力水分,先欠着你的人气。。。
www-tekeze
 楼主| 发表于 2018-7-13 10:16:27 | 显示全部楼层
救命稻草 发表于 2018-7-13 09:58
就两种报毒名,前面一种后面一种。

{"filename":"F:\\VirusSamples_19\\Samp_VBS (10).vir","infect":{" ...

44楼云终端和V17只杀前面那种,社区版全杀了,同一家的但策略不一样。
B100D1E55
发表于 2018-7-13 10:45:13 | 显示全部楼层
www-tekeze 发表于 2018-7-13 10:16
44楼云终端和V17只杀前面那种,社区版全杀了,同一家的但策略不一样。

随便挑了一个沙箱跑了一下果然杀了



不过混淆做成这样也是非常努力了应该是做了个自动化工具弄这种解密路径



最好不要实机双击,因为这里面有一些会收集你电脑的硬件信息+UID然后发送到作者的服务器上(当然对方服务器也早已进了ESET黑名单)

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
275751198
发表于 2018-7-13 11:09:58 | 显示全部楼层
www-tekeze 发表于 2018-7-12 21:51
从源文件来说,100个是一个文件夹里的,大小都是85K,另外60个又是个文件夹的,大小都是5K,我把它们放到 ...

360自己的bug,后缀名不对就不报,跟你没关系
renyifei
发表于 2018-7-13 11:20:16 | 显示全部楼层
驭龙 发表于 2018-7-13 09:35
eset不是万能无敌的

我只是问一下他这次成绩1有些异常,并没有什么万能无敌之类的
www-tekeze
 楼主| 发表于 2018-7-13 11:22:02 | 显示全部楼层
B100D1E55 发表于 2018-7-13 10:45
随便挑了一个沙箱跑了一下果然杀了

挑的是后面那种ESET扫描不报的吧。。。“最好不要实机双击,因为......”,感谢提醒。。
www-tekeze
 楼主| 发表于 2018-7-13 11:26:04 | 显示全部楼层
275751198 发表于 2018-7-13 11:09
360自己的bug,后缀名不对就不报,跟你没关系

不会是玩通杀吧,等数字官人来看看。。。
之前算是借楼说话,解释下我并没动过MD5,因为修改日期相同,害怕有人心里范嘀咕。。
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-3-29 07:37 , Processed in 0.111219 second(s), 14 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表