收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 #PACKAGE 0821
12345下一页
返回列表 发新帖
楼主: Jerry.Lin
 收起左侧

[病毒样本] #PACKAGE 0821

  [复制链接]
dreams521
发表于 2018-8-21 19:18:10 | 显示全部楼层
本帖最后由 dreams521 于 2018-8-21 19:58 编辑

卡巴19:20
Samples(17/28) 60.7%




21.08.2018 19.19.12;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\0821(21).exe;C:\Users\Administrator\Desktop\123\0821(21).exe;HEUR:Trojan.Win32.Agent.gen;木马程序;08/21/2018 19:19:12
21.08.2018 19.19.11;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\0821(28).exe;C:\Users\Administrator\Desktop\123\0821(28).exe;HEUR:Trojan.Win32.Generic;木马程序;08/21/2018 19:19:11
21.08.2018 19.19.10;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\0821(26).exe;C:\Users\Administrator\Desktop\123\0821(26).exe;HEUR:Backdoor.Win32.Agent.gen;木马程序;08/21/2018 19:19:10
21.08.2018 19.19.10;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\0821(27).exe;C:\Users\Administrator\Desktop\123\0821(27).exe;VHO:Trojan-Spy.Win32.Ursnif.gen;木马程序;08/21/2018 19:19:10
21.08.2018 19.19.10;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\0821(20).exe;C:\Users\Administrator\Desktop\123\0821(20).exe;HEUR:Backdoor.Win32.Agent.gen;木马程序;08/21/2018 19:19:10
21.08.2018 19.19.08;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\0821(3).exe;C:\Users\Administrator\Desktop\123\0821(3).exe;HEUR:Trojan.MSIL.Agent.gen;木马程序;08/21/2018 19:19:08
21.08.2018 19.19.08;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\0821(5).exe;C:\Users\Administrator\Desktop\123\0821(5).exe;HEUR:Trojan.MSIL.Agent.gen;木马程序;08/21/2018 19:19:08
21.08.2018 19.19.08;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\0821(2).exe;C:\Users\Administrator\Desktop\123\0821(2).exe;HEUR:Trojan.MSIL.Agent.gen;木马程序;08/21/2018 19:19:08
21.08.2018 19.19.08;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\0821(19).exe;C:\Users\Administrator\Desktop\123\0821(19).exe;HEUR:Trojan.MSIL.Agent.gen;木马程序;08/21/2018 19:19:08
21.08.2018 19.19.07;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\0821(17).exe;C:\Users\Administrator\Desktop\123\0821(17).exe;HEUR:Trojan.Win32.Generic;木马程序;08/21/2018 19:19:07
21.08.2018 19.19.07;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\0821(8).exe;C:\Users\Administrator\Desktop\123\0821(8).exe;Trojan-PSW.Win32.Coins.hqu;木马程序;08/21/2018 19:19:07
21.08.2018 19.19.07;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\0821(16).exe;C:\Users\Administrator\Desktop\123\0821(16).exe;HEUR:Backdoor.Win32.Agent.gen;木马程序;08/21/2018 19:19:07
21.08.2018 19.19.07;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\0821(15).exe;C:\Users\Administrator\Desktop\123\0821(15).exe;HEUR:Trojan.Win32.Agent.gen;木马程序;08/21/2018 19:19:07
21.08.2018 19.19.06;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\0821(9).exe;C:\Users\Administrator\Desktop\123\0821(9).exe;HEUR:Backdoor.Win32.Agent.gen;木马程序;08/21/2018 19:19:06
21.08.2018 19.19.06;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\0821(11).exe;C:\Users\Administrator\Desktop\123\0821(11).exe;Trojan.MSIL.Inject.acaje;木马程序;08/21/2018 19:19:06
21.08.2018 19.19.06;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\0821(12).exe;C:\Users\Administrator\Desktop\123\0821(12).exe;VHO:Backdoor.Win32.Androm.gen;木马程序;08/21/2018 19:19:06
21.08.2018 19.19.06;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\123\0821(10).exe;C:\Users\Administrator\Desktop\123\0821(10).exe;Trojan.MSIL.Inject.acajc;木马程序;08/21/2018 19:19:06



剩余样本



双击剩余样本:




1号样本:双击停止工作(实机!-忘开影子啦!!!)
4号样本:双击后删除自身,关联C:\Windows\SysWOW64\owinoobe.exe进行外联下载C:\Windows\SysWOW64\97lHtQ1J.exe VHO:Trojan-
Banker.Win32.Emotet.gen.
6号样本:双击驻留内存,无明显行为.十分钟左右退出内存并删除自身.
7号样本:PDM:Trojan.Win32.Generic
13号样本:释放衍生物c:\users\administrator\appdata\local\temp\datemonitor\datemonitor.exe;PDM:Trojan.Win32.Generic;回滚后主体未清除
14号样本:PDM:Trojan.Win32.Generic
18号样本:PDM:Trojan.Win32.Badur.a
22号样本:和13号样本相同.
23号样本:和1号样本相同.
24号样本:双击后无明显行为,1分钟左右退出内存删除自身.
25号样本:同1号和23号样本相同.

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x

评分

参与人数 2人气 +2 收起 理由
dongwenqi + 1 版区有你更精彩: )
Jerry.Lin + 1 版区有你更精彩: )

查看全部评分

回复

举报

Jerry.Lin
 楼主| 发表于 2018-8-21 19:19:32 | 显示全部楼层
本帖最后由 191196846 于 2018-8-21 19:21 编辑

ESET
27/28

剩余6.EXE
  1. Time;Scanner;Object type;Object;Threat;Action;User;Information;Hash;First seen here
  2. 2018/8/21 19:19:58;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0821\0821(16).exe;a variant of Win32/Injector.DZXL trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;73E86E2A2BB38F21EDC7AD5611D3848F604187E9;
  3. 2018/8/21 19:19:58;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0821\0821(12).exe;a variant of MSIL/Kryptik.PCF trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;4A0630C7E076037F51D5CE33C5E9975ED9EC8C95;2018/8/21 19:19:48
  4. 2018/8/21 19:19:58;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0821\0821(18).exe;a variant of Win32/Kryptik.GKAF trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;645B25844DDA97D166A9BFBF60FFE7BDB9519BA7;2018/8/21 19:19:48
  5. 2018/8/21 19:19:58;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0821\0821(11).exe;a variant of Win32/Injector.DZXQ trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;B7AE90CFB659B38A8156BEE9C2D1418408EBE1C1;2018/8/21 19:19:48
  6. 2018/8/21 19:19:58;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0821\0821(10).exe;a variant of Win32/Injector.DZXG trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;D4DBCAB6A8E08F477E46DF4FEF8C3A081C33DBFC;2018/8/21 19:19:48
  7. 2018/8/21 19:19:58;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0821\0821(17).exe;a variant of Win32/NukeSped.AS trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;316B3D56CE324D5432A4BB8752E43F0A4D0C935A;2018/8/21 19:19:48
  8. 2018/8/21 19:20:00;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0821\0821(2).exe;a variant of Win32/Injector.DZXO trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;8439D85C0201AB744B455B778F26EE41ACF84666;2018/8/21 19:19:48
  9. 2018/8/21 19:20:00;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0821\0821(14).exe;a variant of Win32/Kryptik.GJZX trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;E20E096765FB95D234DE95A2A5E46148D0A5D98C;2018/8/21 19:19:48
  10. 2018/8/21 19:20:03;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0821\0821(20).exe;a variant of MSIL/GenKryptik.CISZ trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;9F10DEF80FD342FC2D1F7A1D4E91F2A2F1553C25;2018/8/21 19:19:48
  11. 2018/8/21 19:20:06;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0821\0821(15).exe;a variant of Win32/Injector.DZXH trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;5136518786090EA007D4FB13E3C6BFE2DD3202D4;2018/8/21 19:19:48
  12. 2018/8/21 19:20:08;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0821\0821(22).exe;a variant of Win32/Injector.DZXQ trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;B3219C69FB88EF02764471AF0152C6C0DD63C9F9;2018/8/21 19:19:48
  13. 2018/8/21 19:20:09;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0821\0821(19).exe;a variant of Win32/Injector.DZXO trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;8422FE96ADEE61DF660CC39EBC19BBBB8D0EB47F;2018/8/21 19:19:48
  14. 2018/8/21 19:20:10;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0821\0821(23).exe;a variant of Win32/Injector.DZXQ trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;C556127A569BA6AAB5B6014944C0423A276755D9;2018/8/21 19:19:48
  15. 2018/8/21 19:20:12;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0821\0821(13).exe;a variant of Win32/Injector.DZXQ trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;DF3F20031A30AF4754DC0E4AF6E26A7DCDCC1A52;2018/8/21 19:19:48
  16. 2018/8/21 19:20:16;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0821\0821(21).exe;a variant of MSIL/TrojanDropper.Agent.DNB trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;5EE3C5A450F5B5A549F16F5E86178B9A96DC01A1;2018/8/21 19:19:48
  17. 2018/8/21 19:20:16;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0821\0821(1).exe;a variant of Win32/GenKryptik.CIKK trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;C81FBB2340D4B57A57678CE02AE47B8B279FF417;2018/8/21 19:19:47
  18. 2018/8/21 19:20:17;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0821\0821(27).exe;a variant of Win32/GenKryptik.CITC trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;6F1CD49C69F066B58F58C74FE65F3BBED95BD982;2018/8/21 19:19:59
  19. 2018/8/21 19:20:18;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0821\0821(3).exe;a variant of Win32/Injector.DZXO trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;DCCD9F566527D9648645017D45194B9413B91ECC;2018/8/21 19:19:59
  20. 2018/8/21 19:20:20;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0821\0821(5).exe;a variant of Win32/Injector.DZXO trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;1BAF72BCFBF25B29896003EFCB937EF1A0DE9C2A;2018/8/21 19:19:59
  21. 2018/8/21 19:20:21;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0821\0821(25).exe;a variant of Win32/Injector.DZXG trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;54081716EF96361E733CDEE411044FCA45D15516;2018/8/21 19:19:58
  22. 2018/8/21 19:20:22;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0821\0821(4).exe;a variant of Win32/Kryptik.GKAF trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;7E9DA0551EFB8CE8727DD620DC57ECBE8CCA248E;2018/8/21 19:19:59
  23. 2018/8/21 19:20:24;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0821\0821(8).exe;a variant of Win32/Injector.DZXG trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;B55376D3BCA8ADA70B652F48FE69301D4C0B06B1;2018/8/21 19:19:59
  24. 2018/8/21 19:20:24;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0821\0821(26).exe;a variant of Win32/Injector.DZXL trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;29AB97CAE1BF0F4083B4A5DCA586840F12583AB0;
  25. 2018/8/21 19:20:27;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0821\0821(24).exe;a variant of Win32/Kryptik.GJZV trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;5A43B18688627C820C26D0C72A0442ADA6FA5FD5;2018/8/21 19:19:58
  26. 2018/8/21 19:20:28;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0821\0821(28).exe;a variant of MSIL/GenKryptik.CITA trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;FDBA6549D64B75D7E18D6EAFA83E565C5BD37F15;2018/8/21 19:19:59
  27. 2018/8/21 19:20:29;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0821\0821(9).exe;a variant of Win32/Injector.DZXL trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;036851FEA37BFC2E67E0D301DA6C6254E2359C02;
  28. 2018/8/21 19:20:29;Real-time file system protection;file;C:\Users\zhong\Downloads\Compressed\VIRUS TEST\PACKAGE 0821\0821(7).exe;a variant of MSIL/Kryptik.PDU trojan;cleaned by deleting;DESKTOP-VPBE70N\zhong;Event occurred on a new file created by the application: C:\Program Files\WinRAR\WinRAR.exe (33F1554BA5E9F414C8A7DFD65A5831C513BD2DB2).;54311F16DD30D12A9A433FC56B0036A32E6F7DA5;2018/8/21 19:19:59
复制代码


回复

举报

WHALE-FALL
发表于 2018-8-21 19:24:30 | 显示全部楼层
本帖最后由 WHALE-FALL 于 2018-8-21 19:30 编辑
191196846 发表于 2018-8-21 19:19
ESET
27/28

6这我也报了
Log
D:\下载\样本专用\PACKAGE 0821\0821(6).exe - a variant of Win32/GenKryptik.CIUC trojan - cleaned by deleting [1]

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

WHALE-FALL
发表于 2018-8-21 19:36:00 | 显示全部楼层
WHALE-FALL 发表于 2018-8-21 19:08
3602分钟后二扫统计:25/28   89.3%  云上传中1和25 暂无风险 17低风险

360 三扫 26/28 补杀 1号

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

Jerry.Lin
 楼主| 发表于 2018-8-21 19:47:20 | 显示全部楼层
dreams521 发表于 2018-8-21 19:18
卡巴19:20
Samples(17/28) 60.7%

双击?
回复

举报

Jerry.Lin
 楼主| 发表于 2018-8-21 19:49:21 | 显示全部楼层
WHALE-FALL 发表于 2018-8-21 19:24
6这我也报了
Log
D:\下载\样本专用\PACKAGE 0821\0821(6).exe - a variant of Win32/GenKryptik. ...

我毒库应该是前一个版本的
回复

举报

YU2711
发表于 2018-8-21 19:52:42 | 显示全部楼层
红伞19:24

右扫27/28


  1. 08/21/2018,19-23-54        [INFO]        repair.rdf loaded (version: 1.0.44.0)
  2. 08/21/2018,19-23-57        [INFO]        Repair of Generic started.
  3. 08/21/2018,19-24-06        [INFO]        Repair of Generic finished successfully.
  4. 08/21/2018,19-24-06        [INFO]        Repair of TR/Crypt.XPACK.9a2fff started.
  5. 08/21/2018,19-25-13        [INFO]        Repair of TR/Crypt.XPACK.9a2fff finished successfully.
  6. 08/21/2018,19-25-14        [INFO]        c:\users\user\downloads\package 0821\0821(10).exe
  7. 08/21/2018,19-25-14        [INFO]        [ACTION] Clean
  8. 08/21/2018,19-25-14        [INFO]        Repair of TR/Dropper.VB.471dd8 started.
  9. 08/21/2018,19-26-06        [INFO]        Repair of TR/Dropper.VB.471dd8 finished successfully.
  10. 08/21/2018,19-26-06        [INFO]        c:\users\user\downloads\package 0821\0821(11).exe
  11. 08/21/2018,19-26-06        [INFO]        [ACTION] Clean
  12. 08/21/2018,19-26-06        [INFO]        Repair of TR/Dropper.MSIL.5beab4 started.
  13. 08/21/2018,19-26-59        [INFO]        Repair of TR/Dropper.MSIL.5beab4 finished successfully.
  14. 08/21/2018,19-26-59        [INFO]        c:\users\user\downloads\package 0821\0821(12).exe
  15. 08/21/2018,19-26-59        [INFO]        [ACTION] Clean
  16. 08/21/2018,19-26-59        [INFO]        Repair of TR/Dropper.VB.f66bd6 started.
  17. 08/21/2018,19-27-49        [INFO]        Repair of TR/Dropper.VB.f66bd6 finished successfully.
  18. 08/21/2018,19-27-49        [INFO]        c:\users\user\downloads\package 0821\0821(13).exe
  19. 08/21/2018,19-27-49        [INFO]        [ACTION] Clean
  20. 08/21/2018,19-27-49        [INFO]        Repair of TR/Crypt.ZPACK.0103c4 started.
  21. 08/21/2018,19-28-41        [INFO]        Repair of TR/Crypt.ZPACK.0103c4 finished successfully.
  22. 08/21/2018,19-28-41        [INFO]        c:\users\user\downloads\package 0821\0821(14).exe
  23. 08/21/2018,19-28-41        [INFO]        [ACTION] Clean
  24. 08/21/2018,19-28-41        [INFO]        Repair of TR/AD.Sagonaire.Y started.
  25. 08/21/2018,19-29-40        [INFO]        Repair of TR/AD.Sagonaire.Y finished successfully.
  26. 08/21/2018,19-29-40        [INFO]        c:\users\user\downloads\package 0821\0821(15).exe
  27. 08/21/2018,19-29-40        [INFO]        [ACTION] Clean
  28. 08/21/2018,19-29-40        [INFO]        Repair of TR/Dropper.Gen started.
  29. 08/21/2018,19-30-30        [INFO]        Repair of TR/Dropper.Gen finished successfully.
  30. 08/21/2018,19-30-30        [INFO]        c:\users\user\downloads\package 0821\0821(16).exe
  31. 08/21/2018,19-30-30        [INFO]        [ACTION] Clean
  32. 08/21/2018,19-30-30        [INFO]        Repair of HEUR/APC started.
  33. 08/21/2018,19-31-23        [INFO]        Repair of HEUR/APC finished successfully.
  34. 08/21/2018,19-31-23        [INFO]        c:\users\user\downloads\package 0821\0821(17).exe
  35. 08/21/2018,19-31-23        [INFO]        [ACTION] Clean
  36. 08/21/2018,19-31-23        [INFO]        Repair of TR/Crypt.XPACK.7f9e6a started.
  37. 08/21/2018,19-32-14        [INFO]        Repair of TR/Crypt.XPACK.7f9e6a finished successfully.
  38. 08/21/2018,19-32-14        [INFO]        c:\users\user\downloads\package 0821\0821(18).exe
  39. 08/21/2018,19-32-14        [INFO]        [ACTION] Clean
  40. 08/21/2018,19-32-14        [INFO]        Repair of TR/AD.HawkEyeKeylogger.591129 started.
  41. 08/21/2018,19-33-07        [INFO]        Repair of TR/AD.HawkEyeKeylogger.591129 finished successfully.
  42. 08/21/2018,19-33-07        [INFO]        c:\users\user\downloads\package 0821\0821(19).exe
  43. 08/21/2018,19-33-07        [INFO]        [ACTION] Clean
  44. 08/21/2018,19-33-07        [INFO]        Repair of TR/Injector.a1c5c5 started.
  45. 08/21/2018,19-34-00        [INFO]        Repair of TR/Injector.a1c5c5 finished successfully.
  46. 08/21/2018,19-34-00        [INFO]        c:\users\user\downloads\package 0821\0821(2).exe
  47. 08/21/2018,19-34-00        [INFO]        [ACTION] Clean
  48. 08/21/2018,19-34-00        [INFO]        Repair of TR/ATRAPS.Gen started.
  49. 08/21/2018,19-34-54        [INFO]        Repair of TR/ATRAPS.Gen finished successfully.
  50. 08/21/2018,19-34-54        [INFO]        c:\users\user\downloads\package 0821\0821(20).exe
  51. 08/21/2018,19-34-54        [INFO]        [ACTION] Clean
  52. 08/21/2018,19-34-54        [INFO]        Repair of TR/Dropper.MSIL.7e4b8e started.
  53. 08/21/2018,19-35-47        [INFO]        Repair of TR/Dropper.MSIL.7e4b8e finished successfully.
  54. 08/21/2018,19-35-47        [INFO]        c:\users\user\downloads\package 0821\0821(21).exe
  55. 08/21/2018,19-35-47        [INFO]        [ACTION] Clean
  56. 08/21/2018,19-35-47        [INFO]        Repair of TR/Dropper.VB.33b0c9 started.
  57. 08/21/2018,19-36-35        [INFO]        Repair of TR/Dropper.VB.33b0c9 finished successfully.
  58. 08/21/2018,19-36-35        [INFO]        c:\users\user\downloads\package 0821\0821(22).exe
  59. 08/21/2018,19-36-35        [INFO]        [ACTION] Clean
  60. 08/21/2018,19-36-35        [INFO]        Repair of TR/Dropper.VB.769061 started.
  61. 08/21/2018,19-37-24        [INFO]        Repair of TR/Dropper.VB.769061 finished successfully.
  62. 08/21/2018,19-37-24        [INFO]        c:\users\user\downloads\package 0821\0821(23).exe
  63. 08/21/2018,19-37-24        [INFO]        [ACTION] Clean
  64. 08/21/2018,19-37-24        [INFO]        Repair of TR/AD.Ursnif.Y started.
  65. 08/21/2018,19-38-12        [INFO]        Repair of TR/AD.Ursnif.Y finished successfully.
  66. 08/21/2018,19-38-12        [INFO]        c:\users\user\downloads\package 0821\0821(24).exe
  67. 08/21/2018,19-38-12        [INFO]        [ACTION] Clean
  68. 08/21/2018,19-38-13        [INFO]        Repair of TR/Injector.70e691 started.
  69. 08/21/2018,19-39-02        [INFO]        Repair of TR/Injector.70e691 finished successfully.
  70. 08/21/2018,19-39-02        [INFO]        c:\users\user\downloads\package 0821\0821(25).exe
  71. 08/21/2018,19-39-02        [INFO]        [ACTION] Clean
  72. 08/21/2018,19-39-02        [INFO]        Repair of TR/Dropper.Gen started.
  73. 08/21/2018,19-39-50        [INFO]        Repair of TR/Dropper.Gen finished successfully.
  74. 08/21/2018,19-39-50        [INFO]        c:\users\user\downloads\package 0821\0821(26).exe
  75. 08/21/2018,19-39-50        [INFO]        [ACTION] Clean
  76. 08/21/2018,19-39-50        [INFO]        Repair of TR/Crypt.XPACK.Gen7 started.
  77. 08/21/2018,19-40-39        [INFO]        Repair of TR/Crypt.XPACK.Gen7 finished successfully.
  78. 08/21/2018,19-40-39        [INFO]        c:\users\user\downloads\package 0821\0821(27).exe
  79. 08/21/2018,19-40-39        [INFO]        [ACTION] Clean
  80. 08/21/2018,19-40-39        [INFO]        Repair of TR/ATRAPS.Gen started.
  81. 08/21/2018,19-41-28        [INFO]        Repair of TR/ATRAPS.Gen finished successfully.
  82. 08/21/2018,19-41-28        [INFO]        c:\users\user\downloads\package 0821\0821(28).exe
  83. 08/21/2018,19-41-28        [INFO]        [ACTION] Clean
  84. 08/21/2018,19-41-28        [INFO]        Repair of TR/AD.LokiBot.5ea112 started.
  85. 08/21/2018,19-42-16        [INFO]        Repair of TR/AD.LokiBot.5ea112 finished successfully.
  86. 08/21/2018,19-42-16        [INFO]        c:\users\user\downloads\package 0821\0821(3).exe
  87. 08/21/2018,19-42-16        [INFO]        [ACTION] Clean
  88. 08/21/2018,19-42-16        [INFO]        Repair of TR/Crypt.XPACK.77d36e started.
  89. 08/21/2018,19-43-06        [INFO]        Repair of TR/Crypt.XPACK.77d36e finished successfully.
  90. 08/21/2018,19-43-06        [INFO]        c:\users\user\downloads\package 0821\0821(4).exe
  91. 08/21/2018,19-43-06        [INFO]        [ACTION] Clean
  92. 08/21/2018,19-43-06        [INFO]        Repair of TR/AD.Swotter.rkuyh started.
  93. 08/21/2018,19-43-55        [INFO]        Repair of TR/AD.Swotter.rkuyh finished successfully.
  94. 08/21/2018,19-43-55        [INFO]        c:\users\user\downloads\package 0821\0821(5).exe
  95. 08/21/2018,19-43-55        [INFO]        [ACTION] Clean
  96. 08/21/2018,19-43-55        [INFO]        Repair of TR/Crypt.XPACK.6ff8f8 started.
  97. 08/21/2018,19-44-43        [INFO]        Repair of TR/Crypt.XPACK.6ff8f8 finished successfully.
  98. 08/21/2018,19-44-43        [INFO]        c:\users\user\downloads\package 0821\0821(6).exe
  99. 08/21/2018,19-44-43        [INFO]        [ACTION] Clean
  100. 08/21/2018,19-44-43        [INFO]        Repair of TR/Dropper.Gen started.
  101. 08/21/2018,19-45-32        [INFO]        Repair of TR/Dropper.Gen finished successfully.
  102. 08/21/2018,19-45-32        [INFO]        c:\users\user\downloads\package 0821\0821(7).exe
  103. 08/21/2018,19-45-32        [INFO]        [ACTION] Clean
  104. 08/21/2018,19-45-32        [INFO]        Repair of TR/Crypt.XPACK.428cf0 started.
  105. 08/21/2018,19-46-23        [INFO]        Repair of TR/Crypt.XPACK.428cf0 finished successfully.
  106. 08/21/2018,19-46-23        [INFO]        c:\users\user\downloads\package 0821\0821(8).exe
  107. 08/21/2018,19-46-23        [INFO]        [ACTION] Clean
  108. 08/21/2018,19-46-23        [INFO]        Repair of TR/Dropper.Gen started.
  109. 08/21/2018,19-47-17        [INFO]        Repair of TR/Dropper.Gen finished successfully.
  110. 08/21/2018,19-47-17        [INFO]        c:\users\user\downloads\package 0821\0821(9).exe
  111. 08/21/2018,19-47-17        [INFO]        [ACTION] Clean
复制代码


回复

举报

dreams521
发表于 2018-8-21 19:58:44 | 显示全部楼层
191196846 发表于 2018-8-21 19:47
双击?

已完成
回复

举报

command360
发表于 2018-8-21 19:59:21 | 显示全部楼层
本帖最后由 command360 于 2018-8-21 20:01 编辑

火绒 4/28   14.3%

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

Jerry.Lin
 楼主| 发表于 2018-8-21 20:16:55 | 显示全部楼层
wangkaka 发表于 2018-8-21 19:00
eset(8月3日旧毒库):4/28 查杀率:14.3%

avast:13/28,查杀率:46.4%

变种多,这时候过扫描的话,行为防御就显得尤为关键了
回复

举报

下一页 »
12345下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-4-25 23:57 , Processed in 0.094546 second(s), 15 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表