查看: 2899|回复: 27
收起左侧

[病毒样本] #PACKAGE 0831

[复制链接]
Jerry.Lin
发表于 2018-8-31 18:54:10 | 显示全部楼层 |阅读模式
蓝奏

Total : 14


#勿传VT
#在样本有效期内(24小时),建议无需手动上报样本至厂商,便于其他人测试行为拦截,响应速度等
#样本序号以收集时间顺序排序,越大代表越接近现在时间

启用VT自动分类系统
Original MD5FileNameVerdict
b602f3be8f909ce0e55762cc2e3e1bf30831(8).exeBackdoor.Generic
24dd8492d6e7880df898d0307edc1a1f0831(7).exeTrojan.Banker
8bad5c02f76e7a2295e2be9bc4bb5eb90831(14).exeTrojan.Generic
7282db38e23f8d4400a7f7930587e7c00831(13).exeTrojan.Generic
831d2dea28af74e68b4eccb6d257c6ae0831(9).exeTrojan.Generic
54537f59479b1d4731511159ce8ec1150831(1).exeTrojan.Generic
dee80e0f698c56bbf259228c840202d30831(4).exeTrojan.Generic
1094c3a0009b27df7b4f64d4b6886f120831(3).exeTrojan.Generic
8d9733522d4935db85506bc5240a03aa0831(12).exeTrojan.Generic
ecd55afd25c806ce0703ceb3a79411bf0831(6).exeTrojan.PasswordStealer
73c2dd3ef85f24dbaae61a804cb317410831(2).exeTrojan.PasswordStealer
85c52df4d2565499090d09fb763adf200831(5).exeTrojan.Spy
a190cca98ed25d90bbf43e76f28ed9a50831(11).exeUnknown
f33964ac11ec65f592f871987ab895060831(10).exeUnknown



回帖格式建议


杀软名称 + 时间
查杀数量+查杀率


例如:
XXX 20:39
Samples(5/10) 50%


静影沉璧
发表于 2018-8-31 18:56:51 | 显示全部楼层
本帖最后由 静影沉璧 于 2018-8-31 19:29 编辑

BD2019
时间:19:03
扫描:12/14
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\PACKAGE 0831\0831(2).exeTrojan.GenericKD.40436503Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\PACKAGE 0831\0831(4).exeTrojan.GenericKD.40437721Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\PACKAGE 0831\0831(6).exeTrojan.GenericKDZ.47014Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\PACKAGE 0831\0831(3).exeGen:Variant.Injector.131Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\PACKAGE 0831\0831(12).exeTrojan.GenericKD.40437641Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\PACKAGE 0831\0831(8).exeTrojan.Agent.DDYNDeleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\PACKAGE 0831\0831(9).exeGen:Variant.Razy.381045Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\PACKAGE 0831\0831(1).exeTrojan.GenericKD.40437281Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\PACKAGE 0831\0831(14).exeTrojan.GenericKD.40437584Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\PACKAGE 0831\0831(5).exeGen:Variant.Graftor.513728Deleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\PACKAGE 0831\0831(7).exeGen:Suspicious.Cloud.8.lu1@am6EXJpiDeleted
C:\Users\Administrator.SXCSXC-AJKJJUBR\Desktop\PACKAGE 0831\0831(10).exeGen:Suspicious.Cloud.4.ly1@aCUSUcmDeleted
双击:2/14
The file c:\users\administrator.sxcsxc-ajkjjubr\desktop\package 0831\0831(11).exe is infected with Atc4.Detection and was moved to quarantine. It is recommended that you run a System Scan to make sure your system is clean.
The file c:\users\administrator.sxcsxc-ajkjjubr\desktop\package 0831\0831(13).exe is infected with Gen:Suspicious.Cloud.8.Om1@aaI7DQpi and was moved to quarantine. It is recommended that you run a System Scan to make sure your system is clean.
Total:14/14 100%

command360
发表于 2018-8-31 18:57:05 | 显示全部楼层
本帖最后由 command360 于 2018-9-1 08:04 编辑

火绒 18:59
扫描   3/14 21.4%
病毒名 病毒ID 处理结果
0831(7).exe HEUR:VirTool/Obfuscator.gen!L e5545ef0e01350 已处理
0831(10).exe HVM:VirTool/Obfuscator.gen!A b27d4294cde6a1ec 已处理
0831(14).exe HVM:VirTool/Obfuscator.gen!A b27d4294cde6a1ec 已处理

双击剩余样本
0831(1).exe---修改启动项,允许或阻止均退出
0831(2).exe---常驻内存
0831(3).exe---无法运行
0831(4).exe---一会后退出
0831(5).exe---创建子进程cscript.exe,自身退出,cscript.exe常驻内存
0831(6).exe---出错退出
0831(8).exe---一会后退出
0831(9).exe---创建进程installed.exe,该进程再次创建子进程vbc.exe,之后vbc.exe退出,原父进程【0831(9).exe】退出,installed.exe常驻内存
0831(11).exe---创建进程adobe.exe,该进程常驻内存
0831(12).exe---无法运行
0831(13).exe---常驻内存,一会后退出

火绒主防一个都没有报……
静影沉璧
发表于 2018-8-31 18:57:09 | 显示全部楼层
本帖最后由 静影沉璧 于 2018-8-31 19:31 编辑

Avira Antivirus Pro:
时间:19:02-19:10
扫描:14/14=100%
  1. 08/31/2018,19-02-28        [INFO]        FP 报告文件 'C:\Users\Administrator\Desktop\PACKAGE 0831\0831(1).exe' 的“无误报”状态
  2. 08/31/2018,19-02-28        [INFO]        文件 'C:\Users\Administrator\Desktop\PACKAGE 0831\0831(1).exe' 已上传至 Protection Cloud 并已进行分析。 SHA256 = C7093EEA6ACE5F557E5A2B3D11C788E66B43A7527B25B8389B1F2E793C15AD6E
  3. 08/31/2018,19-02-28        [INFO]        C:\Users\Administrator\Desktop\PACKAGE 0831\0831(1).exe
  4. 08/31/2018,19-02-28        [INFO]        [DETECTION] file contains 'TR/Autoit.c7093e'
  5. 08/31/2018,19-02-40        [INFO]        FP 报告文件 'C:\Users\Administrator\Desktop\PACKAGE 0831\0831(10).exe' 的“无误报”状态
  6. 08/31/2018,19-02-40        [INFO]        文件 'C:\Users\Administrator\Desktop\PACKAGE 0831\0831(10).exe' 已上传至 Protection Cloud 并已进行分析。 SHA256 = 9647949248CBF2E02DE90E0EC772D97DD4FE66AC8D1E92ED7B4795F8696739FD
  7. 08/31/2018,19-02-40        [INFO]        C:\Users\Administrator\Desktop\PACKAGE 0831\0831(10).exe
  8. 08/31/2018,19-02-40        [INFO]        [DETECTION] file contains 'TR/Crypt.ZPACK.Gen8'
  9. 08/31/2018,19-02-40        [INFO]        FP 报告文件 'C:\Users\Administrator\Desktop\PACKAGE 0831\0831(11).exe' 的“无误报”状态
  10. 08/31/2018,19-02-40        [INFO]        C:\Users\Administrator\Desktop\PACKAGE 0831\0831(11).exe
  11. 08/31/2018,19-02-40        [INFO]        [DETECTION] file contains 'TR/ATRAPS.Gen'
  12. 08/31/2018,19-02-40        [INFO]        FP 报告文件 'C:\Users\Administrator\Desktop\PACKAGE 0831\0831(12).exe' 的“无误报”状态
  13. 08/31/2018,19-02-40        [INFO]        C:\Users\Administrator\Desktop\PACKAGE 0831\0831(12).exe
  14. 08/31/2018,19-02-40        [INFO]        [DETECTION] file contains 'TR/Injector.ukffv'
  15. 08/31/2018,19-02-40        [INFO]        FP 报告文件 'C:\Users\Administrator\Desktop\PACKAGE 0831\0831(13).exe' 的“无误报”状态
  16. 08/31/2018,19-02-40        [INFO]        C:\Users\Administrator\Desktop\PACKAGE 0831\0831(13).exe
  17. 08/31/2018,19-02-40        [INFO]        [DETECTION] file contains 'TR/Crypt.XPACK.Gen'
  18. 08/31/2018,19-02-41        [INFO]        FP 报告文件 'C:\Users\Administrator\Desktop\PACKAGE 0831\0831(14).exe' 的“无误报”状态
  19. 08/31/2018,19-02-41        [INFO]        C:\Users\Administrator\Desktop\PACKAGE 0831\0831(14).exe
  20. 08/31/2018,19-02-41        [INFO]        [DETECTION] file contains 'TR/AD.Ursnif.vvvng'
  21. 08/31/2018,19-02-41        [INFO]        FP 报告文件 'C:\Users\Administrator\Desktop\PACKAGE 0831\0831(2).exe' 的“无误报”状态
  22. 08/31/2018,19-02-41        [INFO]        C:\Users\Administrator\Desktop\PACKAGE 0831\0831(2).exe
  23. 08/31/2018,19-02-41        [INFO]        [DETECTION] file contains 'TR/AD.Nanocore.mzltf'
  24. 08/31/2018,19-02-41        [INFO]        FP 报告文件 'C:\Users\Administrator\Desktop\PACKAGE 0831\0831(3).exe' 的“无误报”状态
  25. 08/31/2018,19-02-41        [INFO]        C:\Users\Administrator\Desktop\PACKAGE 0831\0831(3).exe
  26. 08/31/2018,19-02-41        [INFO]        [DETECTION] file contains 'TR/Injector.vqxvx'
  27. 08/31/2018,19-02-53        [INFO]        FP 报告文件 'C:\Users\Administrator\Desktop\PACKAGE 0831\0831(4).exe' 的“无误报”状态
  28. 08/31/2018,19-02-53        [INFO]        文件 'C:\Users\Administrator\Desktop\PACKAGE 0831\0831(4).exe' 已上传至 Protection Cloud 并已进行分析。 SHA256 = 6101AE3D2DC0943E13B6A757AAC71695022959F6FBDDC13B9DA716DC53A3212D
  29. 08/31/2018,19-02-53        [INFO]        C:\Users\Administrator\Desktop\PACKAGE 0831\0831(4).exe
  30. 08/31/2018,19-02-53        [INFO]        [DETECTION] file contains 'TR/Injector.6101ae'
  31. 08/31/2018,19-03-05        [INFO]        FP 报告文件 'C:\Users\Administrator\Desktop\PACKAGE 0831\0831(5).exe' 的“无误报”状态
  32. 08/31/2018,19-03-05        [INFO]        文件 'C:\Users\Administrator\Desktop\PACKAGE 0831\0831(5).exe' 已上传至 Protection Cloud 并已进行分析。 SHA256 = E5E29CE943A5A7A93FD45CDF07D242D812521B695354F51CEACBD19421F519B1
  33. 08/31/2018,19-03-05        [INFO]        C:\Users\Administrator\Desktop\PACKAGE 0831\0831(5).exe
  34. 08/31/2018,19-03-05        [INFO]        [DETECTION] file contains 'TR/Dropper.VB.Gen'
  35. 08/31/2018,19-03-06        [INFO]        FP 报告文件 'C:\Users\Administrator\Desktop\PACKAGE 0831\0831(6).exe' 的“无误报”状态
  36. 08/31/2018,19-03-06        [INFO]        C:\Users\Administrator\Desktop\PACKAGE 0831\0831(6).exe
  37. 08/31/2018,19-03-06        [INFO]        [DETECTION] file contains 'TR/Dropper.Gen'
  38. 08/31/2018,19-03-21        [INFO]        FP 报告文件 'C:\Users\Administrator\Desktop\PACKAGE 0831\0831(7).exe' 的“无误报”状态
  39. 08/31/2018,19-03-21        [INFO]        文件 'C:\Users\Administrator\Desktop\PACKAGE 0831\0831(7).exe' 已上传至 Protection Cloud 并已进行分析。 SHA256 = 7BA15FB3A63642A4A6AE6EC5921DF0DA0DFB1A4B7291D77961699C7A56907D79
  40. 08/31/2018,19-03-21        [INFO]        C:\Users\Administrator\Desktop\PACKAGE 0831\0831(7).exe
  41. 08/31/2018,19-03-21        [INFO]        [DETECTION] file contains 'TR/Crypt.EPACK.Gen8'
  42. 08/31/2018,19-03-37        [INFO]        FP 报告文件 'C:\Users\Administrator\Desktop\PACKAGE 0831\0831(8).exe' 的“无误报”状态
  43. 08/31/2018,19-03-37        [INFO]        文件 'C:\Users\Administrator\Desktop\PACKAGE 0831\0831(8).exe' 已上传至 Protection Cloud 并已进行分析。 SHA256 = 6560A86131185C499FD523BDDB1759338650478AEBEE6159597F0E74445C68A2
  44. 08/31/2018,19-03-37        [INFO]        C:\Users\Administrator\Desktop\PACKAGE 0831\0831(8).exe
  45. 08/31/2018,19-03-37        [INFO]        [DETECTION] file contains 'DR/Delphi.6560a8'
  46. 08/31/2018,19-03-38        [INFO]        FP 报告文件 'C:\Users\Administrator\Desktop\PACKAGE 0831\0831(9).exe' 的“无误报”状态
  47. 08/31/2018,19-03-38        [INFO]        C:\Users\Administrator\Desktop\PACKAGE 0831\0831(9).exe
  48. 08/31/2018,19-03-38        [INFO]        [DETECTION] file contains 'TR/ATRAPS.Gen'
  49. 08/31/2018,19-05-20        [INFO]        repair.rdf loaded (version: 1.0.44.38)
  50. 08/31/2018,19-05-22        [INFO]        Repair of Generic started.
  51. 08/31/2018,19-05-24        [INFO]        Send Mixpanel event succeed
  52. 08/31/2018,19-05-38        [INFO]        Repair of Generic finished successfully.
  53. 08/31/2018,19-05-38        [INFO]        Repair of TR/Autoit.c7093e started.
  54. 08/31/2018,19-05-44        [INFO]        Send Mixpanel event succeed
  55. 08/31/2018,19-05-50        [INFO]        Send Mixpanel event succeed
  56. 08/31/2018,19-05-58        [ERROR]        Error in calling script function Repair: Runtime error. Script file is invalid!
  57. 08/31/2018,19-05-58        [ERROR]        Repair of TR/Autoit.c7093e failed.
  58. 08/31/2018,19-05-58        [INFO]        C:\Users\Administrator\Desktop\PACKAGE 0831\0831(1).exe
  59. 08/31/2018,19-05-58        [INFO]        [ACTION] Clean
  60. 08/31/2018,19-05-58        [INFO]        Repair of TR/Crypt.ZPACK.Gen8 started.
  61. 08/31/2018,19-06-05        [INFO]        Send Mixpanel event succeed
  62. 08/31/2018,19-06-11        [INFO]        Send Mixpanel event succeed
  63. 08/31/2018,19-06-19        [ERROR]        Error in calling script function Repair: Runtime error. Script file is invalid!
  64. 08/31/2018,19-06-19        [ERROR]        Repair of TR/Crypt.ZPACK.Gen8 failed.
  65. 08/31/2018,19-06-19        [INFO]        C:\Users\Administrator\Desktop\PACKAGE 0831\0831(10).exe
  66. 08/31/2018,19-06-19        [INFO]        [ACTION] Clean
  67. 08/31/2018,19-06-19        [INFO]        Repair of TR/ATRAPS.Gen started.
  68. 08/31/2018,19-06-25        [INFO]        Send Mixpanel event succeed
  69. 08/31/2018,19-06-32        [INFO]        Send Mixpanel event succeed
  70. 08/31/2018,19-06-40        [ERROR]        Error in calling script function Repair: Runtime error. Script file is invalid!
  71. 08/31/2018,19-06-40        [ERROR]        Repair of TR/ATRAPS.Gen failed.
  72. 08/31/2018,19-06-40        [INFO]        C:\Users\Administrator\Desktop\PACKAGE 0831\0831(11).exe
  73. 08/31/2018,19-06-40        [INFO]        [ACTION] Clean
  74. 08/31/2018,19-06-40        [INFO]        Repair of TR/Injector.ukffv started.
  75. 08/31/2018,19-06-46        [INFO]        Send Mixpanel event succeed
  76. 08/31/2018,19-06-52        [INFO]        Send Mixpanel event succeed
  77. 08/31/2018,19-07-00        [ERROR]        Error in calling script function Repair: Runtime error. Script file is invalid!
  78. 08/31/2018,19-07-00        [ERROR]        Repair of TR/Injector.ukffv failed.
  79. 08/31/2018,19-07-00        [INFO]        C:\Users\Administrator\Desktop\PACKAGE 0831\0831(12).exe
  80. 08/31/2018,19-07-00        [INFO]        [ACTION] Clean
  81. 08/31/2018,19-07-00        [INFO]        Repair of TR/Crypt.XPACK.Gen started.
  82. 08/31/2018,19-07-06        [INFO]        Send Mixpanel event succeed
  83. 08/31/2018,19-07-13        [INFO]        Send Mixpanel event succeed
  84. 08/31/2018,19-07-21        [ERROR]        Error in calling script function Repair: Runtime error. Script file is invalid!
  85. 08/31/2018,19-07-21        [ERROR]        Repair of TR/Crypt.XPACK.Gen failed.
  86. 08/31/2018,19-07-21        [INFO]        C:\Users\Administrator\Desktop\PACKAGE 0831\0831(13).exe
  87. 08/31/2018,19-07-21        [INFO]        [ACTION] Clean
  88. 08/31/2018,19-07-21        [INFO]        Repair of TR/AD.Ursnif.vvvng started.
  89. 08/31/2018,19-07-27        [INFO]        Send Mixpanel event succeed
  90. 08/31/2018,19-07-33        [INFO]        Send Mixpanel event succeed
  91. 08/31/2018,19-07-41        [ERROR]        Error in calling script function Repair: Runtime error. Script file is invalid!
  92. 08/31/2018,19-07-41        [ERROR]        Repair of TR/AD.Ursnif.vvvng failed.
  93. 08/31/2018,19-07-41        [INFO]        C:\Users\Administrator\Desktop\PACKAGE 0831\0831(14).exe
  94. 08/31/2018,19-07-41        [INFO]        [ACTION] Clean
  95. 08/31/2018,19-07-41        [INFO]        Repair of TR/AD.Nanocore.mzltf started.
  96. 08/31/2018,19-07-47        [INFO]        Send Mixpanel event succeed
  97. 08/31/2018,19-07-53        [INFO]        Send Mixpanel event succeed
  98. 08/31/2018,19-08-01        [ERROR]        Error in calling script function Repair: Runtime error. Script file is invalid!
  99. 08/31/2018,19-08-01        [ERROR]        Repair of TR/AD.Nanocore.mzltf failed.
  100. 08/31/2018,19-08-01        [INFO]        C:\Users\Administrator\Desktop\PACKAGE 0831\0831(2).exe
  101. 08/31/2018,19-08-01        [INFO]        [ACTION] Clean
  102. 08/31/2018,19-08-01        [INFO]        Repair of TR/Injector.vqxvx started.
  103. 08/31/2018,19-08-08        [INFO]        Send Mixpanel event succeed
  104. 08/31/2018,19-08-14        [INFO]        Send Mixpanel event succeed
  105. 08/31/2018,19-08-22        [ERROR]        Error in calling script function Repair: Runtime error. Script file is invalid!
  106. 08/31/2018,19-08-22        [ERROR]        Repair of TR/Injector.vqxvx failed.
  107. 08/31/2018,19-08-22        [INFO]        C:\Users\Administrator\Desktop\PACKAGE 0831\0831(3).exe
  108. 08/31/2018,19-08-22        [INFO]        [ACTION] Clean
  109. 08/31/2018,19-08-22        [INFO]        Repair of TR/Injector.6101ae started.
  110. 08/31/2018,19-08-28        [INFO]        Send Mixpanel event succeed
  111. 08/31/2018,19-08-34        [INFO]        Send Mixpanel event succeed
  112. 08/31/2018,19-08-42        [ERROR]        Error in calling script function Repair: Runtime error. Script file is invalid!
  113. 08/31/2018,19-08-42        [ERROR]        Repair of TR/Injector.6101ae failed.
  114. 08/31/2018,19-08-42        [INFO]        C:\Users\Administrator\Desktop\PACKAGE 0831\0831(4).exe
  115. 08/31/2018,19-08-42        [INFO]        [ACTION] Clean
  116. 08/31/2018,19-08-42        [INFO]        Repair of TR/Dropper.VB.Gen started.
  117. 08/31/2018,19-08-48        [INFO]        Send Mixpanel event succeed
  118. 08/31/2018,19-08-54        [INFO]        Send Mixpanel event succeed
  119. 08/31/2018,19-09-02        [ERROR]        Error in calling script function Repair: Runtime error. Script file is invalid!
  120. 08/31/2018,19-09-02        [ERROR]        Repair of TR/Dropper.VB.Gen failed.
  121. 08/31/2018,19-09-02        [INFO]        C:\Users\Administrator\Desktop\PACKAGE 0831\0831(5).exe
  122. 08/31/2018,19-09-02        [INFO]        [ACTION] Clean
  123. 08/31/2018,19-09-02        [INFO]        Repair of TR/Dropper.Gen started.
  124. 08/31/2018,19-09-08        [INFO]        Send Mixpanel event succeed
  125. 08/31/2018,19-09-14        [INFO]        Send Mixpanel event succeed
  126. 08/31/2018,19-09-22        [ERROR]        Error in calling script function Repair: Runtime error. Script file is invalid!
  127. 08/31/2018,19-09-22        [ERROR]        Repair of TR/Dropper.Gen failed.
  128. 08/31/2018,19-09-22        [INFO]        C:\Users\Administrator\Desktop\PACKAGE 0831\0831(6).exe
  129. 08/31/2018,19-09-22        [INFO]        [ACTION] Clean
  130. 08/31/2018,19-09-22        [INFO]        Repair of TR/Crypt.EPACK.Gen8 started.
  131. 08/31/2018,19-09-28        [INFO]        Send Mixpanel event succeed
  132. 08/31/2018,19-09-34        [INFO]        Send Mixpanel event succeed
  133. 08/31/2018,19-09-42        [ERROR]        Error in calling script function Repair: Runtime error. Script file is invalid!
  134. 08/31/2018,19-09-42        [ERROR]        Repair of TR/Crypt.EPACK.Gen8 failed.
  135. 08/31/2018,19-09-42        [INFO]        C:\Users\Administrator\Desktop\PACKAGE 0831\0831(7).exe
  136. 08/31/2018,19-09-42        [INFO]        [ACTION] Clean
  137. 08/31/2018,19-09-42        [INFO]        Repair of DR/Delphi.6560a8 started.
  138. 08/31/2018,19-09-48        [INFO]        Send Mixpanel event succeed
  139. 08/31/2018,19-09-54        [INFO]        Send Mixpanel event succeed
  140. 08/31/2018,19-10-07        [INFO]        Repair of DR/Delphi.6560a8 finished successfully.
  141. 08/31/2018,19-10-07        [INFO]        C:\Users\Administrator\Desktop\PACKAGE 0831\0831(8).exe
  142. 08/31/2018,19-10-07        [INFO]        [ACTION] Clean
  143. 08/31/2018,19-10-08        [INFO]        Repair of TR/ATRAPS.Gen started.
  144. 08/31/2018,19-10-14        [INFO]        Send Mixpanel event succeed
  145. 08/31/2018,19-10-20        [INFO]        Send Mixpanel event succeed
  146. 08/31/2018,19-10-28        [ERROR]        Error in calling script function Repair: Runtime error. Script file is invalid!
  147. 08/31/2018,19-10-28        [ERROR]        Repair of TR/ATRAPS.Gen failed.
  148. 08/31/2018,19-10-28        [INFO]        C:\Users\Administrator\Desktop\PACKAGE 0831\0831(9).exe
  149. 08/31/2018,19-10-28        [INFO]        [ACTION] Clean
复制代码



静影沉璧
发表于 2018-8-31 18:57:27 | 显示全部楼层
本帖最后由 静影沉璧 于 2018-8-31 19:32 编辑

SEP:
时间:19:08
自动防护扫描:10/14

双击:SONAR干掉2个
备注:6号样本因为虚拟机系统无法安装NET 3.5而无法运行,4号样本则miss
Total:12/14 85.7%

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
静影沉璧
发表于 2018-8-31 19:01:16 | 显示全部楼层
本帖最后由 静影沉璧 于 2018-8-31 19:14 编辑

智量:时间:19:00
扫描:13/14  92.9%




本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
kfghyuan
发表于 2018-8-31 19:06:09 | 显示全部楼层
密码是啥
静影沉璧
发表于 2018-8-31 19:06:26 | 显示全部楼层

infected
小飞侠.net
发表于 2018-8-31 19:07:39 | 显示全部楼层
本帖最后由 小飞侠.net 于 2018-9-1 20:59 编辑



Emsisoft Emergency Kit - 版本 2018.6
上次更新: 2018-08-31 19:39:35
用户帐号: TECLAST\Admin
电脑名称: TECLAST
操作系统版本: Windows 10 x64


Emsisoft Emergency Kit 绿色免费版
(已开启)加入 Emsisoft 云、更新源:测试版
    Bitdefender(B)+Emsisoft(A) 双引擎

扫描设置:

扫描方式: 自定义扫描
对象: Rootkits, C:\Users\Admin\Desktop\AVtest100\PACKAGE 0831Obfuscator1916\

检测流氓软件(PUPs): On
扫描压缩包: On
扫描邮件存档: Off
ADS数据流: On
文件扩展名过滤: Off
直接磁盘访问: Off

扫描开始于:        2018-08-31 19:40:55
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0831Obfuscator1916\PACKAGE 0831\0831(12).exe         发现风险: Trojan.Injector (A) [295216]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0831Obfuscator1916\PACKAGE 0831\0831(13).exe         发现风险: Trojan.Injector (A) [295216]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0831Obfuscator1916\PACKAGE 0831\0831(2).exe         发现风险: Trojan.GenericKD.40436503 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0831Obfuscator1916\PACKAGE 0831\0831(1).exe         发现风险: Trojan.GenericKD.40437281 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0831Obfuscator1916\PACKAGE 0831\0831(3).exe         发现风险: Trojan.Injector (A) [295216]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0831Obfuscator1916\PACKAGE 0831\0831(4).exe         发现风险: Trojan.Injector (A) [295216]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0831Obfuscator1916\PACKAGE 0831\0831(14).exe         发现风险: Trojan.GenericKD.40437584 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0831Obfuscator1916\PACKAGE 0831\0831(6).exe         发现风险: Trojan.GenericKDZ.47014 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0831Obfuscator1916\PACKAGE 0831\0831(5).exe         发现风险: Gen:Variant.Graftor.513728 (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0831Obfuscator1916\PACKAGE 0831\0831(8).exe         发现风险: Trojan.Agent.DDYN (B) [krnl.xmd]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0831Obfuscator1916\PACKAGE 0831\0831(9).exe         发现风险: Gen:Variant.Razy.381045 (B) [krnl.xmd]

已扫描        608
发现        11--这进库也快喔

扫描完成后:        2018-08-31 19:41:06
扫描时间:        0:00:11



ESET Endpoint Security 64位(高级启发式(Y)+压缩文件(Y)+自解压加壳(Y)+DNA智能签名(Y)++(Windows 10 Creators Update(Redstone 4)....1803):

日志
正在扫描日志
检测引擎的版本: 17974P (20180831)
日期: 2018-08-31  时间: 19:33:29
已扫描的磁盘、文件夹和文件: C:\Users\Admin\Desktop\AVtest100\PACKAGE 0831Obfuscator1916
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0831Obfuscator1916\PACKAGE 0831\0831(1).exe > AUTOIT > script.bin - Win32/Injector.Autoit.DKJ 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0831Obfuscator1916\PACKAGE 0831\0831(10).exe - Win32/GenKryptik.CJSK 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0831Obfuscator1916\PACKAGE 0831\0831(11).exe - MSIL/Kryptik.PJF 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0831Obfuscator1916\PACKAGE 0831\0831(12).exe - Win32/Injector.EACT 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0831Obfuscator1916\PACKAGE 0831\0831(13).exe - Win32/Injector.EACT 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0831Obfuscator1916\PACKAGE 0831\0831(14).exe - Win32/GenKryptik.CJQO 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0831Obfuscator1916\PACKAGE 0831\0831(2).exe - MSIL/Kryptik.PJF 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0831Obfuscator1916\PACKAGE 0831\0831(3).exe - Win32/Injector.EACT 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0831Obfuscator1916\PACKAGE 0831\0831(4).exe - Win32/Injector.EACW 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0831Obfuscator1916\PACKAGE 0831\0831(5).exe - Win32/GenKryptik.CJLN 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0831Obfuscator1916\PACKAGE 0831\0831(6).exe - MSIL/Kryptik.NMB 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0831Obfuscator1916\PACKAGE 0831\0831(7).exe - Win32/GenKryptik.CJSC 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0831Obfuscator1916\PACKAGE 0831\0831(8).exe - Win32/Injector.EACX 特洛伊木马 的变种 - 通过删除清除 [1]
C:\Users\Admin\Desktop\AVtest100\PACKAGE 0831Obfuscator1916\PACKAGE 0831\0831(9).exe - MSIL/Spy.Agent.AUS 特洛伊木马 - 通过删除清除 [1]
已扫描的对象数: 15
发现的威胁数: 14
已清除对象数: 14---这速度进库太快了吧?
完成时间: 19:33:50  总扫描时间: 21 秒 (00:00:21)

备注:
[1] 由于对象中仅包含病毒主体,因此已被删除。



Dr.Web CureIt! 简体中文绿色免费版---( Windows 7 Ultimate with SP1 简体中文旗舰版....):


Anti-rootkit module version ( ver: 11.5.201806181, api: 8.07 )

Using 137803332 as Dr.Web (R) Key file

Time from server is: 2018-08-31 14:23:02
Using language: "Chinese-Simplified (简体中文)"
-----------------------------------------------------------------------------
Start scanning
-----------------------------------------------------------------------------
Command line used:-rpcep:\pipe\134EAD9E6 -rpcpr:np

Limit the use of the computer resources to 100%
Instances used for this session: 10
Object(s) to scan:
- C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831


C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(4).exe - Ok
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(3).exe - Ok
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(10).exe - Ok
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(2).exe - infected with Trojan.Nanocore.23
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(2).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(13).exe - infected with Trojan.PWS.Stealer.24511
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(13).exe - infected
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(12).exe - packed by FLY-CODE
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(5).exe - Ok
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(7).exe - packed by FLY-CODE
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(14).exe - Ok
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(12).exe - Ok
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(1).exe - infected with Trojan.PWS.Stealer.19347
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(1).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(8).exe - infected with Trojan.PWS.Stealer.18836
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(8).exe - infected
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(11).exe - Ok
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(9).exe - infected with Trojan.DownLoader26.39159
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(9).exe - infected
>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(6).exe is BINARYRES container
>>C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(6).exe\data001 is NET container
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(6).exe - container
C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(7).exe - Ok

Total 9032471 bytes in 14 files scanned (17 objects)
Total 9 files (12 objects) are clean
Total 5 files are infected
Scan time is 00:00:25.681

瑞星---(Windows 10 Creators Update(Redstone 4)....1803):云引擎(开)RDM+引擎(开)

瑞星反恶软引擎命令行扫描器(社区交流版)                 


编译于:Sep 22 2017   15:07:50

提示:
  - 本工具供社区交流使用,请勿用于其他用途
  - 本工具没有恶意软件删除、清除、隔离功能
  - 本工具包含开发中的新特性,结果仅供参考

* 命令行中的选项开关:-output-json -log=C:\瑞星RDM+引擎\ScanLog_180831194603.log
* 获取恶软签名库最新版本 ...
* 下载恶软签名库配置文件 ...
* 创建恶软签名库升级组件 ...
* 计算并下载增量文件 ...
* 升级恶软签名库 ...
* 恶软签名库升级成功
* 扫描目标 : (1) C:\Users\Admin\Desktop\AVtest100\PACKAGE 0831Obfuscator1916

* 加载恶软签名库: C:\瑞星RDM+引擎/malware.rmd
* 恶软签名库加载成功,发布序号为 4866
* 读取恶软签名库配置 ...
* 云辅助扫描组件初始化失败.
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
* 初始化引擎环境 ...
扫描开始: Fri Aug 31 19:46:22 2018

{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0831Obfuscator1916\\PACKAGE 0831\\0831(3).exe","infect":{"engine":"rdmk","signature":"cmRtazpZs2q1CH3Fru8ueqHOV9EC","threat":"Trojan.Injector!8.C4"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0831Obfuscator1916\\PACKAGE 0831\\0831(11).exe","infect":{"engine":"rdmk","signature":"cmRtazq1k/1Ko43wpDzvjYxLF6sL","threat":"Malware.Heuristic!ET#95%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0831Obfuscator1916\\PACKAGE 0831\\0831(10).exe","infect":{"engine":"rdmk","signature":"cmRtazqOsTFB0ws2wRP8/GIUMEQQ","threat":"Malware.Heuristic!ET#92%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0831Obfuscator1916\\PACKAGE 0831\\0831(2).exe","infect":{"engine":"rdmk","signature":"cmRtazrPOrzUUe+0cu2a08kKPj1U","threat":"Malware.Heuristic!ET#91%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0831Obfuscator1916\\PACKAGE 0831\\0831(13).exe","infect":{"engine":"rdmk","signature":"cmRtazp9bkcYj6ZdVSTkCezblIWA","threat":"Trojan.Injector!8.C4"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0831Obfuscator1916\\PACKAGE 0831\\0831(12).exe","infect":{"engine":"rdmk","signature":"cmRtazokJLCYIXGmK7rtSSGXI3Sp","threat":"Trojan.Injector!8.C4"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0831Obfuscator1916\\PACKAGE 0831\\0831(1).exe","infect":{"engine":"rdmk","signature":"cmRtazqUBirmaxPYPZTQMRYn9JR0","threat":"Malware.Heuristic!ET#90%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0831Obfuscator1916\\PACKAGE 0831\\0831(4).exe","infect":{"engine":"rdmk","signature":"cmRtazp97PqgzI9syr9ShD6tR5xU","threat":"Malware.Heuristic!ET#88%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0831Obfuscator1916\\PACKAGE 0831\\0831(7).exe","infect":{"engine":"tfe","signature":"dGZlOgOBz5HIObyPOA","threat":"Trojan.Fuerboos!8.EFC8"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0831Obfuscator1916\\PACKAGE 0831\\0831(5).exe","infect":{"engine":"rdmk","signature":"cmRtazrhqkNYIB/lPU2FPMmvx9DL","threat":"Malware.Heuristic!ET#88%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0831Obfuscator1916\\PACKAGE 0831\\0831(9).exe","infect":{"engine":"rdmk","signature":"cmRtazp6UgORE8ITqWExldXC7MwP","threat":"Malware.Heuristic!ET#95%"},"type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0831Obfuscator1916\\PACKAGE 0831\\0831(6).exe","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0831Obfuscator1916\\PACKAGE 0831\\0831(14).exe","type":"scan"}
{"filename":"C:\\Users\\Admin\\Desktop\\AVtest100\\PACKAGE 0831Obfuscator1916\\PACKAGE 0831\\0831(8).exe","type":"scan"}

扫描结束: Fri Aug 31 19:46:23 2018

总扫描耗时: 0:0:976(m:s:ms)
总扫描对象: 14
总扫描文件: 14
总恶意文件: 11
有效检出率: 78.57%



火绒安全---( Windows 7 Ultimate with SP1 简体中文旗舰版....):

病毒库:2018-08-30 18:42
开始时间:2018-08-31 19:11
总计用时:00:00:18
扫描对象:92个
扫描文件:14个
发现风险:3个
已处理风险:0个
发现系统修复项:0个
处理系统修复项:0个

病毒详情

风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(10).exe, 病毒名:HVM:VirTool/Obfuscator.gen!A, 病毒ID:[b27d4294cde6a1ec], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(7).exe, 病毒名:HEUR:VirTool/Obfuscator.gen!L, 病毒ID:[e5545ef0e01350], 处理结果:已忽略
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(14).exe, 病毒名:HVM:VirTool/Obfuscator.gen!A, 病毒ID:[b27d4294cde6a1ec], 处理结果:已忽略

文件名称: C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831.zip
文件大小: 5.01 MB (5,260,078 字节)
修改时间: 2018年08月31日,19:08:46
MD5: F18092EF7C2A6F9BBAA2E813DBD1CE57
SHA1: 0A78C0184FBC4542588997716D45900310F24927
SHA256: EFE63F2B3F63F045DDF54A70D90F3118D603FE4D7E618C42F3A032EAFC606204
CRC32: 0BE6A4F5
计算时间: 0.28s




火绒安全---( Windows 7 Ultimate with SP1 简体中文旗舰版....):

病毒库:2018-09-01 16:10
开始时间:2018-09-01 20:57
总计用时:00:00:04
扫描对象:16个
扫描文件:14个
发现风险:14个
已处理风险:14个
发现系统修复项:0个
处理系统修复项:0个

病毒详情

风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(1).exe, 病毒名:Trojan/Generic!ED5DAA016E82C6F2, 病毒ID:[ed5daa016e82c6f2], 处理结果:已处理
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(12).exe, 病毒名:Trojan/Generic!F1FE203899C90B6C, 病毒ID:[f1fe203899c90b6c], 处理结果:已处理
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(11).exe, 病毒名:Trojan/Generic!89012C9F5B1449E2, 病毒ID:[89012c9f5b1449e2], 处理结果:已处理
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(2).exe, 病毒名:Trojan/Generic!BD17A94037B73EA7, 病毒ID:[bd17a94037b73ea7], 处理结果:已处理
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(13).exe, 病毒名:Trojan/Generic!C35A49429C1DE93F, 病毒ID:[c35a49429c1de93f], 处理结果:已处理
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(3).exe, 病毒名:Trojan/Generic!B4CC12E1D6B17D8E, 病毒ID:[b4cc12e1d6b17d8e], 处理结果:已处理
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(4).exe, 病毒名:Trojan/Generic!EB5B5BAFBABF9811, 病毒ID:[eb5b5bafbabf9811], 处理结果:已处理
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(10).exe, 病毒名:HVM:VirTool/Obfuscator.gen!A, 病毒ID:[b27d4294cde6a1ec], 处理结果:已处理
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(6).exe, 病毒名:Trojan/Generic!23671DF49E251680, 病毒ID:[23671df49e251680], 处理结果:已处理
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(5).exe, 病毒名:Trojan/Generic!81724CA2DE3E4C46, 病毒ID:[81724ca2de3e4c46], 处理结果:已处理
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(7).exe, 病毒名:HEUR:VirTool/Obfuscator.gen!L, 病毒ID:[e5545ef0e01350], 处理结果:已处理
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(8).exe, 病毒名:Trojan/Generic!6788F058A229BF4B, 病毒ID:[6788f058a229bf4b], 处理结果:已处理
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(9).exe, 病毒名:Trojan/Generic!08FFA81E22C98704, 病毒ID:[8ffa81e22c98704], 处理结果:已处理
风险路径:C:\Users\xfxnet2000\Desktop\MX Player Pro\175418360\145802370\479704092\AVTest100\PACKAGE 0831\0831(14).exe, 病毒名:HVM:VirTool/Obfuscator.gen!A, 病毒ID:[b27d4294cde6a1ec], 处理结果:已处理




a445441
发表于 2018-8-31 19:14:37 | 显示全部楼层
本帖最后由 a445441 于 2018-8-31 20:09 编辑

微点win7     2/14=14.2%
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-3-29 20:49 , Processed in 0.143806 second(s), 17 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表