样本集奉上_68 (09.15)

显示全部楼层 · 发表于 2018-9-16 16:12:44

可爱的360杀毒回来啦
93/100
余10 15 18 29 51 81 88 89

显示全部楼层 · 发表于 2018-9-16 17:13:58

www-tekeze 发表于 2018-9-16 14:00
10和18是dll，应该是白的，可检查下剩余文件是否有日期变当前的，那就被处理/修复过了，算成功。

PS ...

楼上说是重复报了，估计就是miss，2.
emsi是交给用户做判断，应该不会主动修复

显示全部楼层 · 发表于 2018-9-16 18:18:34

火绒94/100

显示全部楼层 · 发表于 2018-9-16 18:24:51

为什么我只有80个文件？

【扫描信息】

开始时间:2018-9-16 08:21:22
扫描用时:00:00:02
扫描类型:指定位置杀毒
扫描引擎:管家云查杀引擎管家反病毒引擎管家系统修复引擎 Bitdefender本地查杀引擎
扫描状态:扫描完成

【扫描结果】

扫描文件数:80
发现风险数:72
已处理风险数:72

---------------------
2018-9-16 08:21:26 MD5:5250ffd622bdb2fe2aa316637396ea24 D:\下载\新建文件夹\VirusSamples_68\Samp(78).vir [Win32.Trojan.Inject.Auto]  [删除成功]
2018-9-16 08:21:26 MD5:0e8f8565e492b28d1e7235eaa331847b D:\下载\新建文件夹\VirusSamples_68\Samp(7).vir [Win32.Trojan.Generic.Ijf]  [删除成功]
2018-9-16 08:21:26 MD5:2a061b77ee04442f828bac039c2fb7ae D:\下载\新建文件夹\VirusSamples_68\Samp(57).vir --> DeliveryDetails/DeliveryDetails.js --> (INFECTED_JS) [JS:Trojan.JS.Agent.PZE]  [删除成功]
2018-9-16 08:21:26 MD5:c64ec19d65fb887f98a7dfe5d0df32fb D:\下载\新建文件夹\VirusSamples_68\Samp(46).vir [Win32.Trojan.Generic.Sxek]  [删除成功]
2018-9-16 08:21:26 MD5:4f5b1b849a306e2434155b9ffe490aaf D:\下载\新建文件夹\VirusSamples_68\Samp(90).vir [Win32.Trojan.Dovs.Pfjv]  [删除成功]
2018-9-16 08:21:26 MD5:07da5d3088a13d4db7d5300e84b11ca4 D:\下载\新建文件夹\VirusSamples_68\Samp(86).vir [Win32.Trojan-downloader.Quant.Hpi]  [删除成功]
2018-9-16 08:21:27 MD5:0f39d6a0c0eb66514317ae739b937121 D:\下载\新建文件夹\VirusSamples_68\Samp(68).vir [Win32.Trojan.Crypt.Gvp]  [删除成功]
2018-9-16 08:21:27 MD5:4c84acd1b403ea4eff125f257811fc6a D:\下载\新建文件夹\VirusSamples_68\Samp(58).vir [Win32.Trojan.Propagate.Pfjo]  [删除成功]
2018-9-16 08:21:27 MD5:b1982dd5d6193212679e5abbe32f7d32 D:\下载\新建文件夹\VirusSamples_68\Samp(11).vir [Win32.Trojan.Generic.Pefo]  [删除成功]
2018-9-16 08:21:27 MD5:e40e0ff435a5b02caaeeed44b439d299 D:\下载\新建文件夹\VirusSamples_68\Samp(74).vir [Win32.Trojan.Atraps.Aguo]  [删除成功]
2018-9-16 08:21:27 MD5:ca6f1ece5c9f9e0eba2e31c2ca36d1d4 D:\下载\新建文件夹\VirusSamples_68\Samp(55).vir [Win32.Trojan.Generic.Szln]  [删除成功]
2018-9-16 08:21:27 MD5:cfcf635cb7494f6d9875809f1b9534a2 D:\下载\新建文件夹\VirusSamples_68\Samp(75).vir --> 565901.docm --> word/vbaProject.bin [W97m.Downloader.FRP]  [删除成功]
2018-9-16 08:21:27 MD5:43d3aaa9d618dc040ba59b3306c0dcf0 D:\下载\新建文件夹\VirusSamples_68\Samp(43).vir [Win32.Trojan.Generic.Pdwd]  [删除成功]
2018-9-16 08:21:27 MD5:d95c6954f3b9a7bfcba11917f0f4993d D:\下载\新建文件夹\VirusSamples_68\Samp(89).vir [Virus.Win32.Dropper.c]  [清除成功]
2018-9-16 08:21:27 MD5:aeef34ae3d88694ad03ffde13d7bd9db D:\下载\新建文件夹\VirusSamples_68\Samp(83).vir [Win32.Trojan.Generic.Lscl]  [删除成功]
2018-9-16 08:21:28 MD5:6d8908dec88558fd0ca40c58dd519580 D:\下载\新建文件夹\VirusSamples_68\Samp(64).vir [Win32.Trojan.Generic.Wrqv]  [删除成功]
2018-9-16 08:21:28 MD5:51a82ceb6c114d71acfe3c329ba306c0 D:\下载\新建文件夹\VirusSamples_68\Samp(17).vir [Win32.Trojan.Raas.Auto]  [删除成功]
2018-9-16 08:21:28 MD5:dd1825bf192e3b5013ce11dfe562ddc5 D:\下载\新建文件夹\VirusSamples_68\Samp(95).vir [Win32.Trojan.Inject.Auto]  [删除成功]
2018-9-16 08:21:28 MD5:ded0683cb618bfd94c31cb528c5ad2b5 D:\下载\新建文件夹\VirusSamples_68\Samp(71).vir [Win32.Trojan.Raas.Auto]  [删除成功]
2018-9-16 08:21:28 MD5:67d50090fde245b42a64789930e01877 D:\下载\新建文件夹\VirusSamples_68\Samp(51).vir --> fdScrGdJ.class [Java.Exploit.CVE-2012-4681.T]  [删除成功]
2018-9-16 08:21:28 MD5:d5cafc493edbe06ff50fc015d304f019 D:\下载\新建文件夹\VirusSamples_68\Samp(52).vir [Win32.Trojan.Inject.Auto]  [删除成功]
2018-9-16 08:21:28 MD5:1197d73224d0b5b8591fefd966c64a7e D:\下载\新建文件夹\VirusSamples_68\Samp(93).vir [Win32.Backdoor.Cridex.Dwtj]  [删除成功]
2018-9-16 08:21:28 MD5:a7179986b91e72a8811f1aa1bf5582f9 D:\下载\新建文件夹\VirusSamples_68\Samp(9).vir [Win32.Trojan.Win32.Rtojan.nsis.alpa.dcjp]  [删除成功]
2018-9-16 08:21:28 MD5:ec36a39a23b2544181943ae5ec20d9ce D:\下载\新建文件夹\VirusSamples_68\Samp(49).vir [Exploit.SWF.Agent.EL]  [删除成功]
2018-9-16 08:21:28 MD5:2f33e2e2c1ca96fbb9245fc37e530ea8 D:\下载\新建文件夹\VirusSamples_68\Samp(8).vir [Win32.Virus.Patched.Hssp]  [删除成功]
2018-9-16 08:21:29 MD5:fe1eef838bb143e0c7049fc5326dacea D:\下载\新建文件夹\VirusSamples_68\Samp(61).vir [Win32.Trojan.Raas.Auto]  [删除成功]
2018-9-16 08:21:29 MD5:3b1adf236cab06bf5c48da9b743993fa D:\下载\新建文件夹\VirusSamples_68\Samp(13).vir [Win32.Trojan.Generic.Ljkk]  [删除成功]
2018-9-16 08:21:29 MD5:0a5fac5e7053f0b849e207e9dd532192 D:\下载\新建文件夹\VirusSamples_68\Samp(77).vir [Win32.Trojan.Generic.Fsh]  [删除成功]
2018-9-16 08:21:29 MD5:dec6be0c2f8f1284935f5a4a522b4347 D:\下载\新建文件夹\VirusSamples_68\Samp(69).vir [Win32.Trojan.Raasj.Auto]  [删除成功]
2018-9-16 08:21:29 MD5:065713ee6a98377c9b0ddf8e20e1dab4 D:\下载\新建文件夹\VirusSamples_68\Samp(60).vir [Trojan.GenericKD.5288128]  [删除成功]
2018-9-16 08:21:29 MD5:1a7ca978edb4806c4fbbff56c81610e5 D:\下载\新建文件夹\VirusSamples_68\Samp(45).vir [Win32.Trojan.Generic.Dzkm]  [删除成功]
2018-9-16 08:21:29 MD5:58fdd2d9c05d625677a4ac9adfe13c4f D:\下载\新建文件夹\VirusSamples_68\Samp(100).vir [Win32.Trojan-spy.Panda.Szmb]  [删除成功]
2018-9-16 08:21:29 MD5:2cfa01c8d6285b9732b289474c52c9f6 D:\下载\新建文件夹\VirusSamples_68\Samp(85).vir [Win32.Trojan.Vbkrypt.Hwdm]  [删除成功]
2018-9-16 08:21:29 MD5:9823589908ccc174461725cf31188b9e D:\下载\新建文件夹\VirusSamples_68\Samp(99).vir [Trojan.JS.Downloader.IGE]  [删除成功]
2018-9-16 08:21:29 MD5:224f7692f2225f59f5fce710cdfb32d1 D:\下载\新建文件夹\VirusSamples_68\Samp(67).vir [Win32.Trojan.Raas.Auto]  [删除成功]
2018-9-16 08:21:30 MD5:778ecc620c2fbea260c7c2c1ec15b387 D:\下载\新建文件夹\VirusSamples_68\Samp(56).vir [Win32.Trojan.Filelocker.Aiio]  [删除成功]
2018-9-16 08:21:30 MD5:1906b171a386a1a9db87ea6ac002ff52 D:\下载\新建文件夹\VirusSamples_68\Samp(92).vir [Win32.Trojan.Raas.Auto]  [删除成功]
2018-9-16 08:21:30 MD5:1014353eec3a0f01c16629758af708f3 D:\下载\新建文件夹\VirusSamples_68\Samp(73).vir [Win32.Backdoor.Baifenbai.Pois]  [删除成功]
2018-9-16 08:21:30 MD5:c1f990c47d4bf323583e0ee98bf964e3 D:\下载\新建文件夹\VirusSamples_68\Samp(50).vir [Trojan.Downloader.JS.SA]  [删除成功]
2018-9-16 08:21:30 MD5:94e09df541b09800a69d6fde7d33714e D:\下载\新建文件夹\VirusSamples_68\Samp(54).vir [Win32.Trojan.Generic.Hviu]  [删除成功]
2018-9-16 08:21:30 MD5:ac6e2117fa6a681e0cdbb8abb0e9ce64 D:\下载\新建文件夹\VirusSamples_68\Samp(81).vir [VB:Trojan.Valyria.2188]  [删除成功]
2018-9-16 08:21:30 MD5:2af00b7e9e89f45b9d5d0e261d389ad2 D:\下载\新建文件夹\VirusSamples_68\Samp(41).vir [Win32.Trojan.Generic.Hvjk]  [删除成功]
2018-9-16 08:21:30 MD5:6ec3008c0193c8d182382d8cfad83070 D:\下载\新建文件夹\VirusSamples_68\Samp(19).vir [Script.SWF.C80]  [删除成功]
2018-9-16 08:21:30 MD5:1ac7d6ab2647b09963852458b5c8d222 D:\下载\新建文件夹\VirusSamples_68\Samp(82).vir [Win32.Trojan.Inject.Auto]  [删除成功]
2018-9-16 08:21:30 MD5:4bc0dfb77f055f04fa9871f41f7d9cf8 D:\下载\新建文件夹\VirusSamples_68\Samp(63).vir [Win32.Trojan.Raas.Auto]  [删除成功]
2018-9-16 08:21:31 MD5:94cdf4babe88f84fc6c0db65320e10ce D:\下载\新建文件夹\VirusSamples_68\Samp(16).vir [Win32.Trojan-spy.Zbot.Hupp]  [删除成功]
2018-9-16 08:21:31 MD5:ca004ebbb6bb255d9332e0d52e70e8d2 D:\下载\新建文件夹\VirusSamples_68\Samp(94).vir [Win32.Trojan.Filecoder.Sxdw]  [删除成功]
2018-9-16 08:21:31 MD5:5325d9eabaad0ae40d2c586e6bae6467 D:\下载\新建文件夹\VirusSamples_68\Samp(70).vir [Win32.Trojan.Raas.Auto]  [删除成功]
2018-9-16 08:21:31 MD5:67d50090fde245b42a64789930e01877 D:\下载\新建文件夹\VirusSamples_68\Samp(51).vir --> JMJgllxR.class [Java.Exploit.CVE-2012-4681.X]  [删除成功]
2018-9-16 08:21:31 MD5:8fbe9a961300fb62df587ed708160655 D:\下载\新建文件夹\VirusSamples_68\Samp(48).vir [Win32.Trojan.Agent.Eflm]  [删除成功]
2018-9-16 08:21:31 MD5:7b4919517c6bdff4e18e21b342059023 D:\下载\新建文件夹\VirusSamples_68\Samp(91).vir [Win32.Trojan.Generic.Aiij]  [删除成功]
2018-9-16 08:21:31 MD5:507ac563a0bb2a22e570c298b5e7b981 D:\下载\新建文件夹\VirusSamples_68\Samp(87).vir [Win32.Trojan-spy.Panda.Stkk]  [删除成功]
2018-9-16 08:21:31 MD5:99ac9d3db0cca4d04d78da33cdd83d52 D:\下载\新建文件夹\VirusSamples_68\Samp(29).vir [Script.SWF.C95]  [删除成功]
2018-9-16 08:21:31 MD5:19127d5f095707b6f3b6b027d7704743 D:\下载\新建文件夹\VirusSamples_68\Samp(59).vir [Win32.Trojan.Cryptxxx.Dwte]  [删除成功]
2018-9-16 08:21:31 MD5:35a7aed6a016266a54075320ef4367e3 D:\下载\新建文件夹\VirusSamples_68\Samp(12).vir [Win32.Trojan.Trojan.Win32.Ursnif.tnm.ipnv]  [删除成功]
2018-9-16 08:21:32 MD5:0b43b22d9bfc8d9effc674ef3297cf84 D:\下载\新建文件夹\VirusSamples_68\Samp(76).vir [Win32.Trojan.Inject.Auto]  [删除成功]
2018-9-16 08:21:32 MD5:f5be0e5e4473e4f56f66d447c8c3fd27 D:\下载\新建文件夹\VirusSamples_68\Samp(65).vir --> DeliveryDetails/DeliveryDetails.js --> (INFECTED_JS) [JS:Trojan.JS.Agent.PZE]  [删除成功]
2018-9-16 08:21:32 MD5:0753958bc237a679db7f78fd7b34f3f8 D:\下载\新建文件夹\VirusSamples_68\Samp(44).vir [Win32.Trojan.Inject.Auto]  [删除成功]
2018-9-16 08:21:32 MD5:88850d71bffbd9d2277f6f2778c521d1 D:\下载\新建文件夹\VirusSamples_68\Samp(15).vir [Script.SWF.C93]  [删除成功]
2018-9-16 08:21:32 MD5:42ff69221da2db0d64bc25c147873dfc D:\下载\新建文件夹\VirusSamples_68\Samp(84).vir [Win32.Backdoor.Androm.Pegl]  [删除成功]
2018-9-16 08:21:32 MD5:9690f8387d2adfa3e55fa53ba77e7f2c D:\下载\新建文件夹\VirusSamples_68\Samp(42).vir --> Scan(799).jse [Trojan.Script.Agent.JX]  [删除成功]
2018-9-16 08:21:32 MD5:ba2c1af39c53030d9982549302388799 D:\下载\新建文件夹\VirusSamples_68\Samp(66).vir [Win32.Trojan.Agent.Pezk]  [删除成功]
2018-9-16 08:21:32 MD5:c1cc8c9966eaa385ded2fe3781fd4303 D:\下载\新建文件夹\VirusSamples_68\Samp(97).vir [Win32.Trojan.Raas.Auto]  [删除成功]
2018-9-16 08:21:32 MD5:0ca87bf0b3b9d44ac2d11b0c312b988f D:\下载\新建文件夹\VirusSamples_68\Samp(72).vir [Win32.Trojan.Vbkrypt.Iiy]  [删除成功]
2018-9-16 08:21:32 MD5:9ba42c93385f529d5a48e6f0680c82fa D:\下载\新建文件夹\VirusSamples_68\Samp(5).vir [Exploit.SWF.Agent.FD]  [删除成功]
2018-9-16 08:21:33 MD5:735ebb3f10616e53ad226ac4e324c1ff D:\下载\新建文件夹\VirusSamples_68\Samp(53).vir [Win32.Trojan.Agent.Afrq]  [删除成功]
2018-9-16 08:21:33 MD5:dac4eae4fda6693fa56d2a6126ff02df D:\下载\新建文件夹\VirusSamples_68\Samp(96).vir [Exploit.SWF.Agent.BS]  [删除成功]
2018-9-16 08:21:33 MD5:734742976718f70f938d625bc4046f8f D:\下载\新建文件夹\VirusSamples_68\Samp(47).vir [Win32.Trojan-spy.Small.Afhn]  [删除成功]
2018-9-16 08:21:33 MD5:284502b3d92a62fd026c8532d9603b18 D:\下载\新建文件夹\VirusSamples_68\Samp(2).vir [Exploit.SWF.Agent.EM]  [删除成功]
2018-9-16 08:21:33 MD5:0fa5717545bd3b7175d4ced031c286ff D:\下载\新建文件夹\VirusSamples_68\Samp(80).vir [Msil.Exploit.Cve-2016-0034.Jmj]  [删除成功]
2018-9-16 08:21:33 MD5:c2c2d3a5f24e17a13bd8ba599be2fb7f D:\下载\新建文件夹\VirusSamples_68\Samp(62).vir [Win32.Trojan.Bp-ransomware.Ejqz]  [删除成功]
2018-9-16 08:21:33 MD5:d6df4e333c1466ec65ab932989d15b56 D:\下载\新建文件夹\VirusSamples_68\Samp(14).vir [Win32.Trojan-downloader.Dapato.Wtnr]  [删除成功]
---------------------

显示全部楼层 · 发表于 2018-9-16 22:03:22

JAYSIR 发表于 2018-9-16 17:13
楼上说是重复报了，估计就是miss，2.
emsi是交给用户做判断，应该不会主动修复

嗯，应该是他说的那种，日志里有两次，因为51和98是压缩文件，报两次也正常。

显示全部楼层 · 发表于 2018-9-16 22:04:44

萧萧先生发表于 2018-9-16 18:24
为什么我只有80个文件？

解压过程当中被杀了？总共100个样本肯定不会错。

显示全部楼层 · 发表于 2018-9-16 22:07:24

照例上个火绒入库后的，之前报78X，现在报94 (含修复4个) 。。

显示全部楼层 · 发表于 2018-9-17 10:29:18

www-tekeze 发表于 2018-9-15 21:50
额，VT上#10只有蜘蛛一家报，搞错了吧。。 https://www.virustotal.com/#/fil ... 4c4dd910e/det ...

没有搞错，放心

仔细看VT的详情和社区评价。

详细描述中：
[tr=transparent]Copyright
[tr=transparent]Copyright (c) 2016, NetSupport Ltd

[tr=transparent]Product
[tr=transparent]NetSupport Manager

[tr]Description
[tr=transparent]NetSupport TCP Transport

[tr]Original Name
[tr=transparent]tcctl32.dll

[tr]Internal Name
[tr=transparent]tcctl32

[tr]File Version
[tr=transparent]V12.10F15

[tr]Date Signed
[tr=transparent]9:10 AM 12/7/2016

NetSupport Manager确实是PC远程控制软件。
蜘蛛报Program.RemoteAdmin.**** 没错的

非常准。

显示全部楼层 · 发表于 2018-9-17 11:17:04

Llano_心情发表于 2018-9-17 10:29
没有搞错，放心

仔细看VT的详情和社区评价。

合法的远控软件很多哈。。。直到现在VT上仍只有蜘蛛一家报，那意味着其他各大厂商都漏杀？？另外看楼上，火绒入库后也不报这个#10，而火绒入库是由人工把关，反正我是比较信赖的。。

显示全部楼层 · 发表于 2018-9-17 11:49:48

www-tekeze 发表于 2018-9-17 11:17
合法的远控软件很多哈。。。直到现在VT上仍只有蜘蛛一家报，那意味着其他各大厂商都漏杀？？另外看楼上， ...

嗯，蜘蛛对这个东西的定义也是风险程序。威胁级别不算是高的。
其实远程控制软件多少都和黑色软件有些相似，主要就是看加不加白，不加白正常安全软件都会报的。

[病毒样本] 样本集奉上_68 (09.15)

评分

本帖子中包含更多资源

本帖子中包含更多资源