样本集奉上_47

显示全部楼层 · 发表于 2018-8-17 20:11:03

89枚样本送上，已检查过没有重复文件，快来快来，扫描？双击？一概欢迎！

PS：1. 原始样本50枚，另有加UPX壳或修改MD5的39枚。查杀结果格式： S: xx/50，M: xx/39，Total: xx/89
2. 智量对脚本文本、压缩类的不报，这是目前官方的策略，因此检出率可能会偏低。

蓝奏云盘，下载挺快。。。 https://www.lanzous.com/i1o8s8j 密码：infected

显示全部楼层 · 发表于 2018-8-17 20:11:42

本帖最后由温馨小屋于 2018-8-17 20:25 编辑

Norton

S: 46/50，M: 33/39，Total: 79/89 88.2%

双击全miss，原来勒索信也单独算一个样本。。。

显示全部楼层 · 发表于 2018-8-17 20:11:48

本帖最后由静影沉璧于 2018-8-17 20:53 编辑

BD2019

----------扫描部分----------

S：实际：处理1+删除45=46/50
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(26).vir Win32.Parite.B Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(8).vir Trojan.GenericKD.5599573 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(35).vir Trojan.GenericKD.30601777 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(9).vir Trojan.GenericKD.30769825 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(6).vir Trojan.GenericKD.2066805 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(25).vir Gen:Variant.Graftor.496298 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(44).vir=>mefds33dsf44.dll Gen:Variant.MSILPerseus.6518 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(43).vir Trojan.GenericKD.6115340 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(23).vir Gen:Variant.Barys.55164 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(41).vir Gen:Variant.Symmi.46642 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(46).vir Trojan.GenericKD.2747220 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(14).vir Trojan.Agent.BKFN Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(32).vir VB:Trojan.Agent.COFZ Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(50).vir Trojan.Bedep64.Gen.1 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(48).vir Trojan.Generic.15261745 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(20).vir Gen:Variant.Symmi.88699 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(18).vir Generic.Malware.HV!bWk.9B20EB9E Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(36).vir Gen:Variant.Barys.59159 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(45).vir=>(objdata)=>(Embedded EXE g) Trojan.GenericKD.2894035 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(38).vir=>(AutoIT r)=>(AutoIT Script)=>(unicode) AIT:Trojan.Nymeria.929 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(27).vir Trojan.Agent.CAEH Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(24).vir Gen:Variant.Babar.852 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(42).vir Gen:Trojan.Heur2.JP.EmLfaWTPdDfI Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(17).vir=>Document(208).jse Trojan.Script.Agent.JX Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(7).vir=>1.23.dat Gen:Variant.Graftor.30697 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(16).vir Trojan.GenericKD.5829001 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(34).vir Trojan.GenericKD.5561467 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(49).vir=>(AutoIT r)=>(AutoIT Script)=>(unicode) AIT:Trojan.Nymeria.219 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(39).vir Trojan.GenericKD.5332766 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(49).vir=>(Dropped 0)=>(AutoIT r)=>(AutoIT Script)=>(unicode) AIT:Trojan.Nymeria.219 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(5).vir Win32.Parite.B Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(2).vir Gen:Variant.Zusy.105639 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(11).vir Gen:Variant.Kazy.753901 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(45).vir=>(objdata)=>(Package) Trojan.GenericKD.2894035 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(1).vir Gen:Variant.Symmi.39901 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(4).vir=>(Embedded EXE r) Gen:Trojan.Heur.cqW@yHaHhip Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(19).vir Gen:Trojan.Heur.GM.1400850000 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(37).vir Gen:Heur.PonyStealer.2 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(12).vir Gen:Variant.Graftor.150754 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(30).vir Trojan.GenericKD.3819042 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(31).vir Gen:Variant.Graftor.1359 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(22).vir Gen:Variant.Zusy.193118 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(40).vir Gen:Trojan.Zboter.2 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(4).vir=>(Embedded EXE 2r) Gen:Variant.Graftor.37795 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(29).vir Win32.Parite.B Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(15).vir Gen:Variant.Graftor.5291 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(33).vir Gen:Trojan.Sresmon.Gen.1 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(4).vir=>(Embedded EXE 3r) Gen:Variant.Graftor.37795 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(49).vir=>(Dropped 0)=>(AutoIT Script)=>(unicode) AIT:Trojan.Nymeria.219 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(38).vir=>(Dropped 0)=>(AutoIT r)=>(AutoIT Script)=>(unicode) AIT:Trojan.Nymeria.929 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(21).vir Trojan.GenericKD.5560645 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(38).vir=>(Dropped 0)=>(AutoIT Script)=>(unicode) AIT:Trojan.Nymeria.929 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\S\Samp(10).vir Trojan.NSIS.Androm.CM Deleted
M：实际27/39
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\M\Samp(17)M.vir Gen:Variant.Symmi.88699 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\M\Samp(35)M.vir Trojan.Agent.COKX Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\M\Samp(13)M.vir Gen:Variant.Graftor.135567 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\M\Samp(31)M.vir Gen:Heur.ManBat.1 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\M\Samp(21)M.vir Gen:Variant.Graftor.496298 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\M\Samp(32)M.vir=>(AutoIT r)=>(AutoIT Script)=>(unicode) AIT:Trojan.Nymeria.929 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\M\Samp(9)M.vir=>(Embedded EXE r) Gen:Variant.Strictor.3334 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\M\Samp(32)M.vir=>(Dropped 0)=>(AutoIT Script)=>(unicode) AIT:Trojan.Nymeria.929 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\M\Samp(6)M.vir Gen:Variant.Graftor.406203 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\M\Samp(8)M.vir=>(NSIS o)=>lzma_solid_nsis0005 Trojan.Ransom.Cerber.EW Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\M\Samp(16)M.vir Gen:Trojan.Heur.GM.1400850000 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\M\Samp(34)M.vir Gen:Trojan.Heur2.JP.EmLfa0kymRbI Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\M\Samp(12)M.vir Trojan.Agent.BKFN Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\M\Samp(30)M.vir Gen:Trojan.Heur2.JP.gmJfaSnTKTci Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\M\Samp(9)M.vir=>(Embedded EXE 2r) Gen:Variant.Strictor.2098 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\M\Samp(38)M.vir=>(Dropped 0)=>(AutoIT r)=>(AutoIT Script)=>(unicode) AIT:Trojan.Nymeria.219 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\M\Samp(3)M.vir Gen:Variant.Razy.314740 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\M\Samp(29)M.vir Trojan.GenericKD.30601777 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\M\Samp(8)M.vir=>(heurC) Zum.Ransom.NSIS.Cerber.1 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\M\Samp(36)M.vir=>(NSIS o)=>lzma_solid_nsis0003 Trojan.GenericKD.2744275 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\M\Samp(27)M.vir Gen:Variant.Graftor.1359 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\M\Samp(38)M.vir=>(AutoIT r)=>(AutoIT Script)=>(unicode) AIT:Trojan.Nymeria.219 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\M\Samp(20)M.vir Gen:Variant.Babar.852 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\M\Samp(4)M.vir Win32.Parite.B Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\M\Samp(1)M.vir Gen:Variant.Razy.75017 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\M\Samp(28)M.vir Gen:Trojan.Sresmon.Gen.1 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\M\Samp(32)M.vir=>(Dropped 0)=>(AutoIT r)=>(AutoIT Script)=>(unicode) AIT:Trojan.Nymeria.929 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\M\Samp(18)M.vir Gen:Variant.Jacard.136169 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\M\Samp(25)M.vir Win32.Parite.B Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\M\Samp(38)M.vir=>(Dropped 0)=>(AutoIT Script)=>(unicode) AIT:Trojan.Nymeria.219 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\M\Samp(23)M.vir Trojan.Agent.CAEH Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\M\Samp(15)M.vir Generic.Malware.HV!bWk.A092E024 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\M\Samp(22)M.vir Win32.Parite.B Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\M\Samp(36)M.vir=>(NSIS o)=>lzma_solid_nsis0000 Trojan.NSIS.Androm.7 Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\M\Samp(36)M.vir=>(heurC) Zum.Androm.3 Deleted

----------双击部分----------

The file c:\users\administrator\desktop\s\samp(3).exe is infected with Atc4.Detection and was moved to quarantine. It is recommended that you run a System Scan to make sure your system is clean.

The file c:\users\administrator\desktop\s\samp(13).exe is infected with Gen:Suspicious.Cloud.8.GmHfaSGgCYbb and was moved to quarantine. It is recommended that you run a System Scan to make sure your system is clean.

The file c:\users\administrator\desktop\s\samp(28).exe is infected with Atc4.Detection and was moved to quarantine. It is recommended that you run a System Scan to make sure your system is clean.

The file c:\users\administrator\desktop\m\samp(7)m.exe is infected with Atc4.Detection and was moved to quarantine. It is recommended that you run a System Scan to make sure your system is clean.

The file c:\users\administrator\desktop\m\samp(2)m.exe is infected with Gen:Suspicious.Cloud.8.gmJfaeu2ivj and was moved to quarantine. It is recommended that you run a System Scan to make sure your system is clean.

The file c:\users\administrator\desktop\m\samp(10)m.exe is infected with Gen:Suspicious.Cloud.8.gmKfaSTaojli and was moved to quarantine. It is recommended that you run a System Scan to make sure your system is clean.

The file c:\users\administrator\desktop\m\samp(11)m.exe is infected with Gen:Suspicious.Cloud.8.GmHfaSGgCYbb and was moved to quarantine. It is recommended that you run a System Scan to make sure your system is clean.

The file c:\users\administrator\desktop\m\samp(14)m.exe is infected with Atc4.Detection and was moved to quarantine. It is recommended that you run a System Scan to make sure your system is clean.

The file c:\users\administrator\desktop\m\samp(19)m.exe is infected with Gen:Suspicious.Cloud.8.bmGfaWNybPpi and was moved to quarantine. It is recommended that you run a System Scan to make sure your system is clean.

The file c:\users\administrator\desktop\m\samp(26)m.exe is infected with Atc4.Detection and was moved to quarantine. It is recommended that you run a System Scan to make sure your system is clean.

The file c:\users\administrator\desktop\m\samp(33)m.exe is infected with Atc4.Detection and was moved to quarantine. It is recommended that you run a System Scan to make sure your system is clean.

The file c:\users\administrator\desktop\m\samp(37)m.exe is infected with Atc4.Detection and was moved to quarantine. It is recommended that you run a System Scan to make sure your system is clean.

The file c:\users\administrator\desktop\m\samp(39)m.exe is infected with Atc4.Detection and was moved to quarantine. It is recommended that you run a System Scan to make sure your system is clean.

The file c:\users\administrator\desktop\m\samp(5)m.exe is infected with Atc4.Detection and was moved to quarantine. It is recommended that you run a System Scan to make sure your system is clean.

The file c:\users\administrator\desktop\m\samp(24)m.exe is infected with Atc4.Detection and was moved to quarantine. It is recommended that you run a System Scan to make sure your system is clean.

The file c:\users\administrator\desktop\s\samp(47).exe is infected with Atc4.Detection and was moved to quarantine. It is recommended that you run a System Scan to make sure your system is clean.

Total：89/89=100%

显示全部楼层 · 发表于 2018-8-17 20:12:04

本帖最后由静影沉璧于 2018-8-17 21:03 编辑

ESET Endpoint Antivirus：扫描：
S：45/50
M：34/39
Total:79/89 88.8%

显示全部楼层 · 发表于 2018-8-17 20:13:54

本帖最后由 dreams521 于 2018-8-17 20:34 编辑

卡巴 20:16
S: 38/50，M: 21/39，Total: 59/89 66% PS:发现有被修复的文件已标出,59+6/89 73%

17.08.2018 20.16.02;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(5).vir//data0000;C:\Users\Administrator\Desktop\123\Samp(5).vir//data0000;not-a-virus:RiskTool.Win32.WFPDisabler.a;可被入侵者利用以破坏您的计算机或个人数据的合法软件;08/17/2018 20:16:02
17.08.2018 20.16.02;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(5).vir;C:\Users\Administrator\Desktop\123\Samp(5).vir;08/17/2018 20:16:02
17.08.2018 20.15.54;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(4)M.vir//data0000;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(4)M.vir//data0000;not-a-virus:RiskTool.Win32.WFPDisabler.a;可被入侵者利用以破坏您的计算机或个人数据的合法软件;08/17/2018 20:15:54
17.08.2018 20.15.54;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(4)M.vir;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(4)M.vir;08/17/2018 20:15:54
17.08.2018 20.15.44;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(38)M.vir//script.au3;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(38)M.vir//script.au3;HEUR:Trojan.Script.Generic;木马程序;08/17/2018 20:15:44
17.08.2018 20.15.44;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(38)M.vir;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(38)M.vir;HEUR:Trojan.Script.Generic;木马程序;08/17/2018 20:15:44
17.08.2018 20.15.36;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(49).vir;C:\Users\Administrator\Desktop\123\Samp(49).vir;HEUR:Trojan.Script.Generic;木马程序;08/17/2018 20:15:36
17.08.2018 20.15.36;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(49).vir//script.au3;C:\Users\Administrator\Desktop\123\Samp(49).vir//script.au3;HEUR:Trojan.Script.Generic;木马程序;08/17/2018 20:15:36
17.08.2018 20.15.23;检测到的对象 ( 文件 ) 已被清除;C:\Users\Administrator\Desktop\123\Samp(28).vir;C:\Users\Administrator\Desktop\123\Samp(28).vir;Virus.Win32.Parite.b;病毒;08/17/2018 20:15:23
17.08.2018 20.15.19;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(25).vir;C:\Users\Administrator\Desktop\123\Samp(25).vir;Trojan-Spy.Win32.Noon.nbe;木马程序;08/17/2018 20:15:19
17.08.2018 20.15.19;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(26).vir;C:\Users\Administrator\Desktop\123\Samp(26).vir;UDS:DangerousObject.Multi.Generic;08/17/2018 20:15:19
17.08.2018 20.15.19;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(27).vir;C:\Users\Administrator\Desktop\123\Samp(27).vir;UDS:Trojan-Spy.Win32.Zbot.a;木马程序;08/17/2018 20:15:19
17.08.2018 20.15.18;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(30).vir;C:\Users\Administrator\Desktop\123\Samp(30).vir;UDS:DangerousObject.Multi.Generic;08/17/2018 20:15:18
17.08.2018 20.15.18;检测到的对象 ( 文件 ) 已被清除;C:\Users\Administrator\Desktop\123\Samp(29).vir;C:\Users\Administrator\Desktop\123\Samp(29).vir;Virus.Win32.Parite.b;病毒;08/17/2018 20:15:18
17.08.2018 20.15.18;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(32).vir;C:\Users\Administrator\Desktop\123\Samp(32).vir;HEUR:Trojan-Downloader.Script.Generic;木马程序;08/17/2018 20:15:18
17.08.2018 20.15.17;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(31).vir;C:\Users\Administrator\Desktop\123\Samp(31).vir;P2P-Worm.Win32.Palevo.cqmm;病毒;08/17/2018 20:15:17
17.08.2018 20.15.17;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(36).vir;C:\Users\Administrator\Desktop\123\Samp(36).vir;UDS:DangerousObject.Multi.Generic;08/17/2018 20:15:17
17.08.2018 20.15.17;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(33).vir;C:\Users\Administrator\Desktop\123\Samp(33).vir;HEUR:Trojan.Win32.Generic;木马程序;08/17/2018 20:15:17
17.08.2018 20.15.17;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(35).vir;C:\Users\Administrator\Desktop\123\Samp(35).vir;UDS:Trojan-Spy.Win32.Panda.sb;木马程序;08/17/2018 20:15:17
17.08.2018 20.15.17;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(37).vir;C:\Users\Administrator\Desktop\123\Samp(37).vir;Backdoor.Win32.Tofsee.yep;木马程序;08/17/2018 20:15:17
17.08.2018 20.15.16;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(39).vir;C:\Users\Administrator\Desktop\123\Samp(39).vir;Backdoor.MSIL.Agent.ybv;木马程序;08/17/2018 20:15:16
17.08.2018 20.15.16;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(40).vir;C:\Users\Administrator\Desktop\123\Samp(40).vir;HEUR:Trojan.Win32.Generic;木马程序;08/17/2018 20:15:16
17.08.2018 20.15.15;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(41).vir;C:\Users\Administrator\Desktop\123\Samp(41).vir;HEUR:Trojan.Win32.Generic;木马程序;08/17/2018 20:15:15
17.08.2018 20.15.15;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(42).vir;C:\Users\Administrator\Desktop\123\Samp(42).vir;HEUR:Trojan-Banker.Win32.NeutrinoPOS.gen;木马程序;08/17/2018 20:15:15
17.08.2018 20.15.15;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(43).vir;C:\Users\Administrator\Desktop\123\Samp(43).vir;HEUR:Trojan.Win32.Generic;木马程序;08/17/2018 20:15:15
17.08.2018 20.15.15;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(45).vir//Package//data0000;C:\Users\Administrator\Desktop\123\Samp(45).vir//Package//data0000;Trojan-PSW.Win32.Fareit.bium;木马程序;08/17/2018 20:15:15
17.08.2018 20.15.15;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(45).vir//Package;C:\Users\Administrator\Desktop\123\Samp(45).vir//Package;UDS:DangerousObject.Multi.Generic;08/17/2018 20:15:15
17.08.2018 20.15.15;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(45).vir;C:\Users\Administrator\Desktop\123\Samp(45).vir;HEUR:Trojan.Win32.Generic;木马程序;08/17/2018 20:15:15
17.08.2018 20.15.15;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(44).vir;C:\Users\Administrator\Desktop\123\Samp(44).vir;UDS:DangerousObject.Multi.Generic;08/17/2018 20:15:15
17.08.2018 20.15.14;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(46).vir;C:\Users\Administrator\Desktop\123\Samp(46).vir;HEUR:Trojan-Ransom.Win32.Agent.gen;木马程序;08/17/2018 20:15:14
17.08.2018 20.15.14;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(48).vir;C:\Users\Administrator\Desktop\123\Samp(48).vir;HEUR:Trojan.Win32.Generic;木马程序;08/17/2018 20:15:14
17.08.2018 20.15.14;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(50).vir;C:\Users\Administrator\Desktop\123\Samp(50).vir;Trojan.Win64.Crypt.gc;木马程序;08/17/2018 20:15:14
17.08.2018 20.15.13;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(1)M.vir;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(1)M.vir;HEUR:Trojan.Win32.Generic;木马程序;08/17/2018 20:15:13
17.08.2018 20.15.13;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(13)M.vir;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(13)M.vir;Trojan-GameThief.Win32.Magania.dhxd;木马程序;08/17/2018 20:15:13
17.08.2018 20.15.13;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(15)M.vir;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(15)M.vir;HEUR:Backdoor.Win32.Generic;木马程序;08/17/2018 20:15:13
17.08.2018 20.15.13;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(16)M.vir;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(16)M.vir;HEUR:Backdoor.Win32.Generic;木马程序;08/17/2018 20:15:13
17.08.2018 20.15.12;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(18)M.vir;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(18)M.vir;Trojan-Dropper.Win32.Injector.ozkn;木马程序;08/17/2018 20:15:12
17.08.2018 20.15.12;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(21)M.vir;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(21)M.vir;Trojan-Spy.Win32.Noon.nbe;木马程序;08/17/2018 20:15:12
17.08.2018 20.15.10;检测到的对象 ( 文件 ) 已被清除;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(24)M.vir;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(24)M.vir;Virus.Win32.Parite.b;病毒;08/17/2018 20:15:10
17.08.2018 20.15.07;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(22)M.vir;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(22)M.vir;UDS:DangerousObject.Multi.Generic;08/17/2018 20:15:07
17.08.2018 20.15.05;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(33)M.vir;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(33)M.vir;HEUR:Trojan-Downloader.Win32.Generic;木马程序;08/17/2018 20:15:05
17.08.2018 20.15.05;检测到的对象 ( 文件 ) 已被清除;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(25)M.vir;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(25)M.vir;Virus.Win32.Parite.b;病毒;08/17/2018 20:15:05
17.08.2018 20.15.04;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(2).vir;C:\Users\Administrator\Desktop\123\Samp(2).vir;HEUR:Trojan.Win32.Generic;木马程序;08/17/2018 20:15:04
17.08.2018 20.15.03;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(27)M.vir;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(27)M.vir;P2P-Worm.Win32.Palevo.cqmm;病毒;08/17/2018 20:15:03
17.08.2018 20.15.03;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(28)M.vir;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(28)M.vir;HEUR:Trojan.Win32.Generic;木马程序;08/17/2018 20:15:03
17.08.2018 20.15.03;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(3)M.vir;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(3)M.vir;Trojan-GameThief.Win32.Magania.uaqr;木马程序;08/17/2018 20:15:03
17.08.2018 20.15.03;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(31)M.vir;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(31)M.vir;Backdoor.Win32.Tofsee.yep;木马程序;08/17/2018 20:15:03
17.08.2018 20.15.03;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(34)M.vir;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(34)M.vir;HEUR:Trojan-Banker.Win32.NeutrinoPOS.gen;木马程序;08/17/2018 20:15:03
17.08.2018 20.15.02;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(36)M.vir;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(36)M.vir;HEUR:Trojan-Ransom.Win32.Agent.gen;木马程序;08/17/2018 20:15:02
17.08.2018 20.15.01;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(23).vir//data0002;C:\Users\Administrator\Desktop\123\Samp(23).vir//data0002;HEUR:Exploit.Script.Generic;木马程序;08/17/2018 20:15:01
17.08.2018 20.15.01;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(23).vir;C:\Users\Administrator\Desktop\123\Samp(23).vir;HEUR:Trojan.Win32.Generic;木马程序;08/17/2018 20:15:01
17.08.2018 20.15.00;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(22).vir;C:\Users\Administrator\Desktop\123\Samp(22).vir;HEUR:Trojan.Win32.Generic;木马程序;08/17/2018 20:15:00
17.08.2018 20.15.00;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(19).vir;C:\Users\Administrator\Desktop\123\Samp(19).vir;HEUR:Backdoor.Win32.Generic;木马程序;08/17/2018 20:15:00
17.08.2018 20.15.00;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(18).vir;C:\Users\Administrator\Desktop\123\Samp(18).vir;HEUR:Backdoor.Win32.Generic;木马程序;08/17/2018 20:15:00
17.08.2018 20.14.59;检测到的对象 ( 文件 ) 已被清除;C:\Users\Administrator\Desktop\123\Samp(17).vir;C:\Users\Administrator\Desktop\123\Samp(17).vir;08/17/2018 20:14:59
17.08.2018 20.14.59;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(17).vir//Document(208).jse;C:\Users\Administrator\Desktop\123\Samp(17).vir//Document(208).jse;Trojan-Downloader.JS.Agent.asdfxs;木马程序;08/17/2018 20:14:59
17.08.2018 20.14.59;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(15).vir;C:\Users\Administrator\Desktop\123\Samp(15).vir;Trojan-GameThief.Win32.Magania.dhxd;木马程序;08/17/2018 20:14:59
17.08.2018 20.14.59;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(14).vir;C:\Users\Administrator\Desktop\123\Samp(14).vir;HEUR:Trojan.Win32.Generic;木马程序;08/17/2018 20:14:59
17.08.2018 20.14.59;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(39)M.vir;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(39)M.vir;Trojan.Win64.Crypt.gc;木马程序;08/17/2018 20:14:59
17.08.2018 20.14.58;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(5)M.vir;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(5)M.vir;HEUR:Trojan.Win32.Generic;木马程序;08/17/2018 20:14:58
17.08.2018 20.14.58;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(12).vir;C:\Users\Administrator\Desktop\123\Samp(12).vir;HEUR:Trojan.Win32.Generic;木马程序;08/17/2018 20:14:58
17.08.2018 20.14.58;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(6)M.vir;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(6)M.vir;Backdoor.Win32.Androm.nqkm;木马程序;08/17/2018 20:14:58
17.08.2018 20.14.58;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(11).vir;C:\Users\Administrator\Desktop\123\Samp(11).vir;Trojan.Win32.Agent.xfzn;木马程序;08/17/2018 20:14:58
17.08.2018 20.14.58;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(10).vir;C:\Users\Administrator\Desktop\123\Samp(10).vir;HEUR:Trojan-Ransom.Win32.Agent.gen;木马程序;08/17/2018 20:14:58
17.08.2018 20.14.58;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(9).vir;C:\Users\Administrator\Desktop\123\Samp(9).vir;HEUR:Trojan.Win32.Generic;木马程序;08/17/2018 20:14:58
17.08.2018 20.14.58;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(8).vir;C:\Users\Administrator\Desktop\123\Samp(8).vir;Backdoor.Win32.Androm.nqkm;木马程序;08/17/2018 20:14:58
17.08.2018 20.14.58;检测到的对象 ( 文件 ) 已被清除;C:\Users\Administrator\Desktop\123\Samp(7).vir;C:\Users\Administrator\Desktop\123\Samp(7).vir;08/17/2018 20:14:58
17.08.2018 20.14.58;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(7).vir//1.23.dat;C:\Users\Administrator\Desktop\123\Samp(7).vir//1.23.dat;HEUR:Backdoor.Win32.Generic;木马程序;08/17/2018 20:14:58
17.08.2018 20.14.58;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(6).vir;C:\Users\Administrator\Desktop\123\Samp(6).vir;Trojan.Win32.Yakes.ijfj;木马程序;08/17/2018 20:14:58
17.08.2018 20.14.57;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(4).vir;C:\Users\Administrator\Desktop\123\Samp(4).vir;Trojan-GameThief.Win32.Magania.uaqr;木马程序;08/17/2018 20:14:57
17.08.2018 20.14.57;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(8)M.vir;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(8)M.vir;HEUR:Trojan-Ransom.Win32.Agent.gen;木马程序;08/17/2018 20:14:57
17.08.2018 20.14.57;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(9)M.vir;C:\Users\Administrator\Desktop\123\VirusSamples_47M\Samp(9)M.vir;Trojan.Win32.Agent.xfzn;木马程序;08/17/2018 20:14:57
17.08.2018 20.14.57;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(16).vir;C:\Users\Administrator\Desktop\123\Samp(16).vir;UDS:Trojan-Dropper.Win32.Injector.sb;木马程序;08/17/2018 20:14:57
17.08.2018 20.14.57;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\Samp(1).vir;C:\Users\Administrator\Desktop\123\Samp(1).vir;HEUR:Trojan.Win32.Generic;木马程序;08/17/2018 20:14:57

剩余样本

显示全部楼层 · 发表于 2018-8-17 20:14:54

本帖最后由梦想起航. 于 2018-8-17 20:27 编辑

金山 S: 34/50，M: 28/39，Total: 62/89

显示全部楼层 · 发表于 2018-8-17 20:21:22

本帖最后由 191196846 于 2018-8-17 20:27 编辑

ESET 文件信誉

TOO OLD TO BE VALID TEST SAMPLES

显示全部楼层 · 发表于 2018-8-17 20:22:49

安天智甲，S: 31/50，M: 6/39，Total: 37/89，41.6% 。。

显示全部楼层 · 发表于 2018-8-17 20:30:23

温馨小屋发表于 2018-8-17 20:11
Norton

S: 46/50，M: 33/39，Total: 79/89 88.2%

有些安软就会报勒索信，之前有个帖子B大还说过这个事。。。但这种勒索信并非纯文本，是Html的里面有链接。

显示全部楼层 · 发表于 2018-8-17 20:32:35

本帖最后由 chenQK 于 2018-8-17 20:38 编辑

S: 31/50，M: 28/39，Total: 59/89
剩余文件时这样的但是监控搞定了 65个

[病毒样本] 样本集奉上_47

评分

本帖子中包含更多资源

评分

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源