收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 #PACKAGE 0802
123456789下一页
返回列表 发新帖
楼主: Jerry.Lin
 收起左侧

[病毒样本] #PACKAGE 0802

  [复制链接]
ELOHIM
发表于 2018-8-2 19:25:04 | 显示全部楼层
沙丁鱼VX 发表于 2018-8-2 19:02
Avira

25/26,余1

爱红伞。。
没毛病。
不过楼主样本有没有白的灰的误报的??
一会儿再扫扫看看有没有放过的?
回复

举报

帝辛
发表于 2018-8-2 19:27:24 | 显示全部楼层
Karna 发表于 2018-8-2 19:18
卡巴扫描直接卡住了,很醉人
======================================================
19:17 卡巴 ...

卡巴遇到强壳就这样。如果SE会资源管理器直接卡死。可能没用国内的SE壳吧
回复

举报

YU2711
发表于 2018-8-2 19:30:53 | 显示全部楼层
本帖最后由 YU2711 于 2018-8-2 21:18 编辑

Emsisoft  扫描(15/26)  19:29   
Emsisoft Anti-Malware - 版本 2018.7
最后更新: 2018/8/2 下午 07:07:11
发起者: User
电脑名称: USER
操作系统版本: Windows 10x64

扫描设置:

扫描方式:
对象: C:\Users\Use\Documents\EGDownloads\PACKAGE 0802

检测流氓软件(PUPs): 开
扫描存档: 开
扫描邮件档案: 关
ADS数据流扫描: 开
文件扩展名过滤: 关
直接磁盘访问: 关

扫描开始:    2018/8/2 下午 07:25:13
C:\Users\Use\Documents\EGDownloads\PACKAGE 0802\0802(23).exe -> (NSIS o) -> zlib_solid_nsis0000      Gen:Variant.Nemesis.313 (B) [krnl.xmd]
C:\Users\Use\Documents\EGDownloads\PACKAGE 0802\0802(1).exe      Trojan.GenericKD.31140542 (B) [krnl.xmd]
C:\Users\Use\Documents\EGDownloads\PACKAGE 0802\0802(13).exe      Trojan.GenericKD.31142668 (B) [krnl.xmd]
C:\Users\Use\Documents\EGDownloads\PACKAGE 0802\0802(10).exe      Gen:Variant.Jaik.28255 (B) [krnl.xmd]
C:\Users\Use\Documents\EGDownloads\PACKAGE 0802\0802(17).exe      Trojan.Injector (A) [294905]
C:\Users\Use\Documents\EGDownloads\PACKAGE 0802\0802(18).exe      Trojan.Injector (A) [294905]
C:\Users\Use\Documents\EGDownloads\PACKAGE 0802\0802(16).exe      Generic.Ransom.GandCrab4.DBA40220 (B) [krnl.xmd]
C:\Users\Use\Documents\EGDownloads\PACKAGE 0802\0802(19).exe      Trojan.GenericKD.40360645 (B) [krnl.xmd]
C:\Users\Use\Documents\EGDownloads\PACKAGE 0802\0802(2).exe      Trojan.GenericKD.40359478 (B) [krnl.xmd]
C:\Users\Use\Documents\EGDownloads\PACKAGE 0802\0802(22).exe      Gen:Variant.Razy.323165 (B) [krnl.xmd]
C:\Users\Use\Documents\EGDownloads\PACKAGE 0802\0802(24).exe      Trojan.Injector (A) [294905]
C:\Users\Use\Documents\EGDownloads\PACKAGE 0802\0802(25).exe      Trojan.GenericKD.40360836 (B) [krnl.xmd]
C:\Users\Use\Documents\EGDownloads\PACKAGE 0802\0802(3).exe      Trojan.GenericKD.40330530 (B) [krnl.xmd]
C:\Users\Use\Documents\EGDownloads\PACKAGE 0802\0802(4).exe      Trojan.GenericKD.40357480 (B) [krnl.xmd]
C:\Users\Use\Documents\EGDownloads\PACKAGE 0802\0802(5).exe      Trojan.Injector (A) [294905]

扫描    26
发现    15

扫描结束:    2018/8/2 下午 07:25:15
扫描时间:    0:00:02

双击 20:56

6.14MISS


20封琐网址主体未杀
总:23/26

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x

评分

参与人数 1人气 +1 收起 理由
Jerry.Lin + 1 双击加分

查看全部评分

回复

举报

ELOHIM
发表于 2018-8-2 19:31:31 | 显示全部楼层
帝辛 发表于 2018-8-2 19:27
卡巴遇到强壳就这样。如果SE会资源管理器直接卡死。可能没用国内的SE壳吧

大佬,请提示哪个是SE壳的。。。谢谢
回复

举报

驭龙
发表于 2018-8-2 19:32:09 | 显示全部楼层
WD 高+保护,火狐下载 ,扫描19点31分
11/26=42.30%

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

沙丁鱼VX
发表于 2018-8-2 19:32:22 | 显示全部楼层
ELOHIM 发表于 2018-8-2 19:25
爱红伞。。
没毛病。
不过楼主样本有没有白的灰的误报的??

19:20再扫了一遍,剩下1号也撸掉了。
用红伞就是用个纯粹,现在根本不想去玩主防
回复

举报

ELOHIM
发表于 2018-8-2 19:33:47 | 显示全部楼层
沙丁鱼VX 发表于 2018-8-2 19:32
19:20再扫了一遍,剩下1号也撸掉了。
用红伞就是用个纯粹,现在根本不想去玩主防

en..
伞伞这方面的成绩的确看好。
回复

举报

杰伦J时代
发表于 2018-8-2 19:34:45 | 显示全部楼层
很烂!!!!!

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

Jirehlov1234
发表于 2018-8-2 19:35:51 | 显示全部楼层
BD19 19:00 扫描结果 16x
TIU:12323519

1 Trojan.GenericKD.31140542
2 Trojan.GenericKD.40359478
3 Trojan.GenericKD.40330530
4 Trojan.GenericKD.40357480
5 Gen:Variant.Razy.371940
10 Gen:Variant.Jaik.28255
12 Gen:Suspicious.Cloud.8.mq1@aWl2Yae
13 Trojan.GenericKD.31142668
15 Gen:Suspicious.Cloud.8.Hq1@aSaHREj
16 Generic.Ransom.GandCrab4.DBA4022
18 Trojan.GenericKD.40360866
19 Trojan.GenericKD.40360645
22 Gen:Variant.Razy.323165
23=>NSIS o)=>zlib_solid_nsis0000 Gen:Variant.Nemesis.313
24 Trojan.VB.Agent.AMG
25 Trojan.GenericKD.40360836







回复

举报

Jerry.Lin
 楼主| 发表于 2018-8-2 19:46:27 | 显示全部楼层
360TS  19:45

24/26

  1. 2018-08-02 19:43:47        C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0802\0802(9).exeThe file has been deleted. You could recover this file from quarantine as needed        HEUR/QVM19.1.E9FA.Malware.Gen
  2. 2018-08-02 19:43:47        C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0802\0802(8).exeThe file has been deleted. You could recover this file from quarantine as needed        HEUR/QVM03.0.E9FA.Malware.Gen
  3. 2018-08-02 19:43:45        C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0802\0802(5).exeThe file has been deleted. You could recover this file from quarantine as needed        HEUR/QVM03.0.E9FA.Malware.Gen
  4. 2018-08-02 19:43:45        C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0802\0802(3).exeThe file has been deleted. You could recover this file from quarantine as needed        Win32/Trojan.df3
  5. 2018-08-02 19:43:45        C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0802\0802(4).exeThe file has been deleted. You could recover this file from quarantine as needed        Win32/Trojan.2ff
  6. 2018-08-02 19:43:45        C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0802\0802(6).exeThe file has been deleted. You could recover this file from quarantine as needed        HEUR/QVM10.2.E9FA.Malware.Gen
  7. 2018-08-02 19:43:45        C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0802\0802(26).exeThe file has been deleted. You could recover this file from quarantine as needed        HEUR/QVM07.1.E9FA.Malware.Gen
  8. 2018-08-02 19:43:26        C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0802\0802(21).exeThe file has been deleted. You could recover this file from quarantine as needed        HEUR/QVM03.0.E9FA.Malware.Gen
  9. 2018-08-02 19:43:26        C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0802\0802(24).exeThe file has been deleted. You could recover this file from quarantine as needed        Win32/Trojan.2bb
  10. 2018-08-02 19:43:26        C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0802\0802(22).exeThe file has been deleted. You could recover this file from quarantine as needed        Win32/Trojan.2ff
  11. 2018-08-02 19:43:26        C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0802\0802(23).exeThe file has been deleted. You could recover this file from quarantine as needed        HEUR/QVM42.2.E9FA.Malware.Gen
  12. 2018-08-02 19:43:25        C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0802\0802(20).exeThe file has been deleted. You could recover this file from quarantine as needed        Win32/Trojan.d72
  13. 2018-08-02 19:43:25        C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0802\0802(18).exeThe file has been deleted. You could recover this file from quarantine as needed        HEUR/QVM03.0.E9FA.Malware.Gen
  14. 2018-08-02 19:43:25        C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0802\0802(19).exeThe file has been deleted. You could recover this file from quarantine as needed        HEUR/QVM03.0.E9FA.Malware.Gen
  15. 2018-08-02 19:43:25        C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0802\0802(2).exeThe file has been deleted. You could recover this file from quarantine as needed        Win32/Backdoor.6e0
  16. 2018-08-02 19:43:24        C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0802\0802(12).exeThe file has been deleted. You could recover this file from quarantine as needed        HEUR/QVM09.0.E9FA.Malware.Gen
  17. 2018-08-02 19:43:24        C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0802\0802(14).exeThe file has been deleted. You could recover this file from quarantine as needed        HEUR/QVM03.0.E9FA.Malware.Gen
  18. 2018-08-02 19:43:24        C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0802\0802(15).exeThe file has been deleted. You could recover this file from quarantine as needed        HEUR/QVM09.0.E9FA.Malware.Gen
  19. 2018-08-02 19:43:24        C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0802\0802(16).exeThe file has been deleted. You could recover this file from quarantine as needed        HEUR/QVM20.1.E9FA.Malware.Gen
  20. 2018-08-02 19:43:24        C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0802\0802(17).exeThe file has been deleted. You could recover this file from quarantine as needed        HEUR/QVM03.0.E9FA.Malware.Gen
  21. 2018-08-02 19:43:24        C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0802\0802(13).exeThe file has been deleted. You could recover this file from quarantine as needed        HEUR/QVM05.1.E9FA.Malware.Gen
  22. 2018-08-02 19:43:23        C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0802\0802(1).exeThe file has been deleted. You could recover this file from quarantine as needed        Win32/Trojan.2ff
  23. 2018-08-02 19:43:23        C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0802\0802(10).exeThe file has been deleted. You could recover this file from quarantine as needed        HEUR/QVM03.0.E9FA.Malware.Gen
  24. 2018-08-02 19:43:23        C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0802\0802(11).exeThe file has been deleted. You could recover this file from quarantine as needed        HEUR/QVM06.2.E9FA.Malware.Gen
复制代码
回复

举报

下一页 »
123456789下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-4-26 01:37 , Processed in 0.092693 second(s), 15 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表