【缉毒卫队测试包】第49期 20180713

Picca

www-tekeze 发表于 2018-7-13 23:39
你的怎么和2楼不一样？

启发——高

www00092

www-tekeze 发表于 2018-7-13 23:43
总共是9个样本，你的怎么只有8个？

我也不知道，杀完毒页面里有备注，可能是那句话原因

www-tekeze

wusiyuanjh 发表于 2018-7-13 23:44
xls表格启用宏后报错。。。这算是没写好病毒吗

这个被火绒报毒了，双击确实有个报错窗口。。。等智量官人来看看。。

www-tekeze

Karna 发表于 2018-7-13 23:44
启发——高

明白了。。

www-tekeze

www00092 发表于 2018-7-13 23:45
我也不知道，杀完毒页面里有备注，可能是那句话原因

刚回复完就看到你编辑过的了，可能是备注影响到你了。

petr0vic

Emsi
2/9

1. 180713\18071305.PWS.9bis.exe.infected          Trojan.Injector (A)
   
2. 180713\Modified\18071305.PWS.9bis.exe.infected          Trojan.Injector (A)

复制代码

Jirehlov1234

KIS19 6:00

4/9+m3/9+m双击1/9=8/9

18071302.DLE.Lunaedge.exe.infected  Trojan-Banker.Win32.Emotet.axij
18071301.PWS.Ucbug.exe.infected  not-a-virus:AdWare.Win32.Agent.gen
18071303.TR.Format(noob chinesehacker).exe.infected  Trojan.Win32.Diztakun.bjre
18071305.PWS.9bis.exe.infected  Backdoor.Win32.Androm.qcvh
Modified\18071301.PWS.Ucbug.exe.infected  not-a-virus:AdWare.Win32.Agent.gen
Modified\18071303.TR.Format(noob chinesehacker).exe.infected  HEUR:Trojan.Win32.Generic
Modified\18071305.PWS.9bis.exe.infected  HEUR:Trojan-PSW.Win32.Agent.gen

双击
18071302.DLE.Lunaedge.exe的衍生物vsixrouter.exe  PDM:Trojan.Win32.Badur.a
但不杀18071302.DLE.Lunaedge.exe

fzshot

Avira 8/9

1. Start of the scan: 2018-07-13 19:07:02
   
2. 07/13/2018,19-07-02        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\180713\modified\18071301.PWS.Ucbug.exe.infected'
   
3. 07/13/2018,19-07-02        [INFO]        c:\users\**\desktop\180713\modified\18071301.PWS.Ucbug.exe.infected
   
4. 07/13/2018,19-07-02        [INFO]        [DETECTION] file contains 'Adware/Agent.nopxi'
   
5. 07/13/2018,19-07-03        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\180713\modified\18071302.DLE.Lunaedge.exe.infected'
   
6. 07/13/2018,19-07-03        [INFO]        c:\users\**\desktop\180713\modified\18071302.DLE.Lunaedge.exe.infected
   
7. 07/13/2018,19-07-03        [INFO]        [DETECTION] file contains 'HEUR/AGEN.1010784'
   
8. 07/13/2018,19-07-03        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\180713\modified\18071303.TR.Format(noob chinesehacker).exe.infected'
   
9. 07/13/2018,19-07-03        [INFO]        c:\users\**\desktop\180713\modified\18071303.TR.Format(noob chinesehacker).exe.infected
   
10. 07/13/2018,19-07-03        [INFO]        [DETECTION] file contains 'TR/RedCap.hjsor'
    
11. 07/13/2018,19-07-04        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\180713\modified\18071305.PWS.9bis.exe.infected'
    
12. 07/13/2018,19-07-04        [INFO]        Successful Cloud SDK initialization and license check.
    
13. 07/13/2018,19-07-04        [INFO]        The file 'c:\users\**\desktop\180713\modified\18071305.PWS.9bis.exe.infected' was scanned with the Protection Cloud. SHA256 = F72069DDFE4394782A76B58921663B32AD957B5048F1F716F397C64CC7594BB0
    
14. 07/13/2018,19-07-04        [INFO]        c:\users\**\desktop\180713\modified\18071305.PWS.9bis.exe.infected
    
15. 07/13/2018,19-07-04        [INFO]        [DETECTION] file contains 'DR/Delphi.f72069'
    
16. 07/13/2018,19-07-05        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\180713\18071302.DLE.Lunaedge.exe.infected'
    
17. 07/13/2018,19-07-05        [INFO]        The file 'c:\users\**\desktop\180713\18071302.DLE.Lunaedge.exe.infected' was scanned with the Protection Cloud. SHA256 = 773DBA4375F27E9444E7C51755B6D070D3C18FCE223E5A52D37F173563B16290
    
18. 07/13/2018,19-07-05        [INFO]        c:\users\**\desktop\180713\18071302.DLE.Lunaedge.exe.infected
    
19. 07/13/2018,19-07-05        [INFO]        [DETECTION] file contains 'TR/AD.Emotet.B'
    
20. 07/13/2018,19-07-05        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\180713\18071303.TR.Format(noob chinesehacker).exe.infected'
    
21. 07/13/2018,19-07-05        [INFO]        c:\users\**\desktop\180713\18071303.TR.Format(noob chinesehacker).exe.infected
    
22. 07/13/2018,19-07-05        [INFO]        [DETECTION] file contains 'TR/RedCap.ojleh'
    
23. 07/13/2018,19-07-05        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\180713\18071304.VBA.3df4851.xls.infected'
    
24. 07/13/2018,19-07-05        [INFO]        c:\users\**\desktop\180713\18071304.VBA.3df4851.xls.infected
    
25. 07/13/2018,19-07-05        [INFO]        [DETECTION] file contains 'W2000M/Dldr.Agent.pdgj'
    
26. 07/13/2018,19-07-05        [INFO]        FP reports status 'NO False Positive' for file 'c:\users\**\desktop\180713\18071305.PWS.9bis.exe.infected'
    
27. 07/13/2018,19-07-05        [INFO]        The file 'c:\users\**\desktop\180713\18071305.PWS.9bis.exe.infected' was scanned with the Protection Cloud. SHA256 = 50C4968F49B90AE261330BBB0918BBFFEF373B0E9D904FACB6681706FDA51ED3
    
28. 07/13/2018,19-07-05        [INFO]        c:\users\**\desktop\180713\18071305.PWS.9bis.exe.infected
    
29. 07/13/2018,19-07-05        [INFO]        [DETECTION] file contains 'DR/Delphi.50c496'
    

复制代码

dolphin

费尔锁库
扫描2/9

双击2/7
Total 4/9

果团团

BD 8/9
MISS