收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 样本集奉上_65 (09.08)
1 ...34567891011下一页
返回列表 发新帖
楼主: www-tekeze
 收起左侧

[病毒样本] 样本集奉上_65 (09.08)

  [复制链接]
lkjx21
发表于 2018-9-9 19:46:59 来自手机 | 显示全部楼层
www-tekeze 发表于 2018-9-8 23:27
数字的软件设置好了确实也不流氓,但TX管家也一样啊,换火绒前我连续用过毒霸三年多,设置好也不流氓。。 ...

不是不是,某个版本升级后,你关掉的广告设置它会替你打开的……十分贴心……  贴马哥的

评分

参与人数 1人气 +1 收起 理由
www-tekeze + 1 神马都是浮云

查看全部评分

回复

举报

www-tekeze
 楼主| 发表于 2018-9-9 21:00:53 | 显示全部楼层
√×√×√√× 发表于 2018-9-9 16:29
囧,我也从国内卫士暂时又回到火绒了,最近发现国内卫士好像跟墙有点猫腻,只要有大数据量的匿名访问网卡 ...


喜欢就用,不喜欢就换。。。可以加个“模拟SEP规则”,加强下防火墙,火绒论坛有。
回复

举报

killmatt01
发表于 2018-9-9 22:29:46 | 显示全部楼层
191196846 发表于 2018-9-9 09:35
自制的

以后完善了再发布

原来如此 厉害了
回复

举报

www-tekeze
 楼主| 发表于 2018-9-9 23:14:02 | 显示全部楼层
killmatt01 发表于 2018-9-9 22:29
原来如此 厉害了

看名字叫“VT Smart Scanner”,我相信核心功能只是个统计程序,不可能是真正的杀毒引擎,那种的技术含量你懂的。。。1. 扫描样本时首先自动上传VT。 2. 统计VT检出结果 (但给大厂分配较高权重,比如ESET、卡巴、BD等大厂,一家顶5家甚至更多的小厂),最终就是统计,想检测率高的话,100分是满分,那不到50分都可以报毒,呵呵。。。
回复

举报

killmatt01
发表于 2018-9-10 03:22:01 | 显示全部楼层
www-tekeze 发表于 2018-9-9 23:14
看名字叫“VT Smart Scanner”,我相信核心功能只是个统计程序,不可能是真正的杀毒引擎,那种的技术含量 ...

猜到一些 但至少我目前还无法独立写这种程序。。。so
回复

举报

Llano_心情
发表于 2018-9-10 09:07:32 | 显示全部楼层
本帖最后由 Llano_心情 于 2018-9-10 09:27 编辑
  1. Start scanning
  2. -----------------------------------------------------------------------------
  3. Command line used:-rpcep:\pipe\CBDBA630 -rpcpr:np

  5. Limit the use of the computer resources to 100%
  6. Instances used for this session: 10
  7. Object(s) to scan:
  8. - C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M


  11. >C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(1)M.vir - packed by PESTUB
  12. >>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(1)M.vir - packed by PESTUB
  13. >C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(10)M.vir - packed by PESTUB
  14. >C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(11)M.vir - packed by PESTUB
  15. >>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(10)M.vir - packed by PESTUB
  16. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(13)M.vir - infected with Trojan.PWS.Spy.20721
  17. >>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(11)M.vir - packed by PESTUB
  18. >>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(1)M.vir - packed by FLY-CODE
  19. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(13)M.vir - infected
  20. >C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(14)M.vir - packed by PESTUB
  21. >C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(18)M.vir - packed by PESTUB
  22. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(15)M.vir - infected with Trojan.Obfuscated.based.1
  23. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(15)M.vir - infected
  24. >>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(14)M.vir - packed by PESTUB
  25. >>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(18)M.vir - packed by PESTUB
  26. >C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(17)M.vir - packed by PESTUB
  27. >C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(19)M.vir - packed by PESTUB
  28. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(2)M.vir - Ok
  29. >>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(18)M.vir - packed by FLY-CODE
  30. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(20)M.vir - infected with Trojan.Emotet.303
  31. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(20)M.vir - infected
  32. >C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(16)M.vir - packed by PESTUB
  33. >>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(11)M.vir - packed by FLY-CODE
  34. >>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(16)M.vir - packed by PESTUB
  35. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(12)M.vir - Ok
  36. >>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(17)M.vir - packed by PESTUB
  37. >>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(10)M.vir - packed by PESTUB
  38. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(22)M.vir - infected with Trojan.Obfuscated.based.1
  39. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(22)M.vir - infected
  40. >>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(14)M.vir - packed by FLY-CODE
  41. >>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(19)M.vir - packed by PESTUB
  42. >C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(21)M.vir - packed by PESTUB
  43. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(18)M.vir - Ok
  44. >>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(21)M.vir - packed by PESTUB
  45. >>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(17)M.vir - packed by FLY-CODE
  46. >>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(16)M.vir - packed by FLY-CODE
  47. >>>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(14)M.vir - packed by ZPROTECT
  48. >C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(24)M.vir - packed by PESTUB
  49. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(23)M.vir - infected with Trojan.Obfuscated.based.1
  50. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(23)M.vir - infected
  51. >>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(24)M.vir - packed by PESTUB
  52. >C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(25)M.vir - packed by PESTUB
  53. >>>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(16)M.vir - packed by ZPROTECT
  54. >>>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(17)M.vir - packed by ZPROTECT
  55. >>>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(11)M.vir - packed by ZPROTECT
  56. >>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(21)M.vir - packed by FLY-CODE
  57. >>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(24)M.vir - packed by FLY-CODE
  58. >>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(19)M.vir - packed by FLY-CODE
  59. >>>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(10)M.vir - packed by FLY-CODE
  60. >>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(25)M.vir - packed by PESTUB
  61. >>>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(1)M.vir - packed by ZPROTECT
  62. >>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(25)M.vir - packed by FLY-CODE
  63. >>>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(24)M.vir - packed by ZPROTECT
  64. >>>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(21)M.vir - packed by ZPROTECT
  65. >>>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(19)M.vir - packed by ZPROTECT
  66. >>>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(25)M.vir - packed by ZPROTECT
  67. >>>>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(10)M.vir - packed by ZPROTECT
  68. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(17)M.vir - Ok
  69. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(26)M.vir - infected with Trojan.Obfuscated.based.1
  70. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(26)M.vir - infected
  71. >C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(27)M.vir - packed by PESTUB
  72. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(11)M.vir - infected with Trojan.ChanitorENT.34
  73. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(11)M.vir - infected
  74. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(28)M.vir - infected with Trojan.Obfuscated.based.1
  75. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(28)M.vir - infected
  76. >>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(27)M.vir - packed by FLY-CODE
  77. >C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(29)M.vir - packed by PESTUB
  78. >>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(29)M.vir - packed by PESTUB
  79. >>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(27)M.vir - packed by ZPROTECT
  80. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(21)M.vir - infected with Trojan.ChanitorENT.34
  81. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(21)M.vir - infected
  82. >>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(29)M.vir - packed by FLY-CODE
  83. >C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(3)M.vir - packed by PESTUB
  84. >>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(3)M.vir - packed by PESTUB
  85. >>>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(29)M.vir - packed by ZPROTECT
  86. >>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(3)M.vir - packed by FLY-CODE
  87. >>>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(3)M.vir - packed by ZPROTECT
  88. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(24)M.vir - infected with Trojan.MulDrop8.34221
  89. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(24)M.vir - infected
  90. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(30)M.vir - infected with Trojan.Winlock.9260
  91. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(30)M.vir - infected
  92. >C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(31)M.vir - packed by PESTUB
  93. >>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(31)M.vir - packed by PESTUB
  94. >>>>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(14)M.vir - packed by UPX
  95. >>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(31)M.vir - packed by FLY-CODE
  96. >>>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(31)M.vir - packed by ZPROTECT
  97. >>>>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(25)M.vir - packed by UPX
  98. >>>>>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(25)M.vir - packed by FLY-CODE
  99. >>>>>>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(25)M.vir - packed by BINARYRES
  100. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(25)M.vir - is hacktool program Tool.HideProc.27
  101. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(25)M.vir - infected
  102. >C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(32)M.vir - packed by PESTUB
  103. >>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(32)M.vir - packed by PESTUB
  104. >>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(32)M.vir - packed by FLY-CODE
  105. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(14)M.vir - Ok
  106. >>>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(32)M.vir - packed by ZPROTECT
  107. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(10)M.vir - infected with Trojan.PWS.Panda.13495
  108. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(10)M.vir - infected
  109. >C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(4)M.vir - packed by PESTUB
  110. >>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(4)M.vir - packed by PESTUB
  111. >C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(33)M.vir - packed by PESTUB
  112. >>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(33)M.vir - packed by PESTUB
  113. >>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(4)M.vir - packed by FLY-CODE
  114. >>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(33)M.vir - packed by FLY-CODE
  115. >>>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(33)M.vir - packed by ZPROTECT
  116. >>>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(4)M.vir - packed by ZPROTECT
  117. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(16)M.vir - infected with Trojan.MulDrop8.35154
  118. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(16)M.vir - infected
  119. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(3)M.vir - Ok
  120. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(5)M.vir - infected with Trojan.Obfuscated.based.1
  121. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(5)M.vir - infected
  122. >C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(6)M.vir - packed by PESTUB
  123. >C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(7)M.vir - packed by PESTUB
  124. >>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(6)M.vir - packed by PESTUB
  125. >>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(7)M.vir - packed by PESTUB
  126. >>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(6)M.vir - packed by FLY-CODE
  127. >>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(7)M.vir - packed by FLY-CODE
  128. >>>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(6)M.vir - packed by ZPROTECT
  129. >>>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(7)M.vir - packed by ZPROTECT
  130. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(27)M.vir - infected with Trojan.ChanitorENT.34
  131. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(27)M.vir - infected
  132. >C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(8)M.vir - packed by PESTUB
  133. >>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(8)M.vir - packed by PESTUB
  134. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(1)M.vir - Ok
  135. >C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(9)M.vir - packed by PESTUB
  136. >>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(9)M.vir - packed by PESTUB
  137. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(19)M.vir - Ok
  138. >>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(8)M.vir - packed by FLY-CODE
  139. >>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(9)M.vir - packed by FLY-CODE
  140. >>>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(9)M.vir - packed by ZPROTECT
  141. >>>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(8)M.vir - packed by ZPROTECT
  142. >>>>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(6)M.vir - packed by FLY-CODE
  143. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(33)M.vir - Ok
  144. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(7)M.vir - infected with Trojan.Encoder.11198
  145. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(7)M.vir - infected
  146. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(29)M.vir - Ok
  147. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(32)M.vir - infected with Trojan.Encoder.14922
  148. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(32)M.vir - infected
  149. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(8)M.vir - infected with Trojan.Bankfraud.2005
  150. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(8)M.vir - infected
  151. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(9)M.vir - infected with Trojan.Encoder.3976
  152. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(9)M.vir - infected
  153. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(31)M.vir - infected with BackDoor.Wirenet.351
  154. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(31)M.vir - infected
  155. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(6)M.vir - Ok
  156. >>>>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(4)M.vir is AUTOIT container
  157. >>>>>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(4)M.vir\Users\WIN-PC\AppData\Local\AutoIt v3\Aut2Exe\aut595F.tmp.tok - packed by ASCRIPT
  158. C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(4)M.vir - container

  160. Total 13790654 bytes in 33 files scanned (34 objects)
  161. Total 12 files (13 objects) are clean
  162. Total 21 files are infected
  163. Scan time is 00:00:07.249
复制代码
以上补个蜘蛛扫描器(旧毒库)的日志

下面是Samp(25)M这个样本的日志。。。果然是解壳狂魔
>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(25)M.vir - packed by PESTUB

>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(25)M.vir - packed by PESTUB

>>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(25)M.vir - packed by FLY-CODE

>>>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(25)M.vir - packed by ZPROTECT

>>>>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(25)M.vir - packed by UPX

>>>>>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(25)M.vir - packed by FLY-CODE

>>>>>>>C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(25)M.vir - packed by BINARYRES

C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(25)M.vir - is hacktool program Tool.HideProc.27

C:\Users\llanoMe\Desktop\VirusSamples_65\VirusSamples_65M\Samp(25)M.vir - infected


看来PESTUB解壳优先级别高于FLY-CODE?或者说对于未知壳一般先由PESTUB来尝试?





评分

参与人数 1人气 +1 收起 理由
www-tekeze + 1 感谢解答: )

查看全部评分

回复

举报

www-tekeze
 楼主| 发表于 2018-9-10 12:43:20 | 显示全部楼层
killmatt01 发表于 2018-9-10 03:22
猜到一些 但至少我目前还无法独立写这种程序。。。so

上传应该分两种,首先只是上传哈希,如果VT库里能命中,则进入结果统计,如果不能命中则上传实体文件。。。我是干硬件仪器仪表的,无线电领域千差万别,Code世界也一样,你的专业取向也许不适合编这种程序,但也不奇怪,别灰心。。。
回复

举报

www-tekeze
 楼主| 发表于 2018-9-10 12:45:38 | 显示全部楼层
本帖最后由 www-tekeze 于 2018-9-10 12:46 编辑
Llano_心情 发表于 2018-9-10 09:07
以上补个蜘蛛扫描器(旧毒库)的日志

下面是Samp(25)M这个样本的日志。。。果然是解壳狂魔[ ...

看到了,by很多种壳,果然是解壳狂魔。。    但详细的我不懂啊。。
回复

举报

心心相印
发表于 2018-9-10 16:02:38 | 显示全部楼层
FSSA S:余9个,M:余1个,Total:73/83

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

心心相印
发表于 2018-9-10 16:21:06 | 显示全部楼层
FSSA拦截了,关了防护才可以

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

下一页 »
1 ...34567891011下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-4-30 16:24 , Processed in 0.103973 second(s), 16 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表