收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 【开放测试】卡饭病毒样本包 第十七期 20181118-19
12345678下一页
返回列表 发新帖
楼主: Jerry.Lin
 收起左侧

[病毒样本] 【开放测试】卡饭病毒样本包 第十七期 20181118-19

  [复制链接]
generalbasic008
发表于 2018-11-19 21:24:57 | 显示全部楼层
本帖最后由 generalbasic008 于 2018-11-19 21:28 编辑

测试环境:WIN7 SP1  64
测试产品:EIS12
病毒库版本:12.0.27
测试项目:扫描
测试配置:标准
结果:扫描(37/42) = 88.09%
回复

举报

Eset小粉絲
发表于 2018-11-19 21:25:51 | 显示全部楼层
本帖最后由 Eset小粉絲 于 2018-11-19 21:48 编辑

测试环境:Windows 10 Version 1803 OS Build 17134.407
测试产品:卡巴斯基 Kaspersky 2019
病毒库版本:20181119 5:20pm
测试项目:Context menu scan + Real time protection
测试配置:Recommended + Disabled KSN (Pure Database Detection)
结果: 26/42
回复

举报

Jerry.Lin
 楼主| 发表于 2018-11-19 21:31:38 | 显示全部楼层
taroyoo 发表于 2018-11-19 21:03
测试环境:WIN10 LTSC 2019  64 虚拟机
测试产品:BD 2019
病毒库版本:20181119

提供下ATD拦截日志或截图~
回复

举报

qqq75860255
发表于 2018-11-19 21:35:12 | 显示全部楼层
好!!!!!!!!!!!!!!!!!!!!

评分

参与人数 1经验 -20 收起 理由
Jerry.Lin -20 抱歉,这个帖子按规定属于恶意灌水

查看全部评分

回复

举报

pal家族
发表于 2018-11-19 21:38:12 | 显示全部楼层
小Q机器人 发表于 2018-11-19 21:11
虚拟机  win10专业版  64

1. 测试环境:WIN10  64 虚拟机

a/b=b分之a。。。。。。
回复

举报

YU2711
发表于 2018-11-19 21:46:39 | 显示全部楼层
本帖最后由 YU2711 于 2018-11-20 02:02 编辑

测试环境:WIN10 x64 17134.407 教育版  实机影子
测试产品:Trend Micro15.0.1204
病毒库版本:18646.005.95
测试项目:扫描+执行
测试配置:防护等级中 普通
结果:扫描(17/42) + 执行(19/42)= 总计 (36/42)85.7%
MIss:
Kafan_Sample_2ede00bf70a7ccb9bdfc557580d48a453e37c1ed6d50cb92a99d4072192283e4.exe
Kafan_Sample_c22e55998bef3ebe5bdbabab3a452e548abe2362a94797c3bbfebc502c452220.exe
出错.缺少:
Kafan_Sample_4c85fce4f7630dda213bafc2f842dd131dfc5f087be7c6a75f4ad2ca378904d0.exe
Kafan_Sample_7a7d1d01371068b61227b32bb2e33ffac7b5208f810930dd60519db7b6365785.exe
Kafan_Sample_afa74d3dc3f8c43fc7fd50c5d4a09b70a6e9f28773f8524d56bb52dddcd6b634.exe
Kafan_Sample_c4fb7745588d2070b7ed6505565093cd62bd496983e6b7d3da288db8a8d2b65a.exe
截图:



本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x

评分

参与人数 1经验 +20 收起 理由
Jerry.Lin + 20 版区有你更精彩: )

查看全部评分

回复

举报

静影沉璧
发表于 2018-11-19 21:52:22 | 显示全部楼层
小Q机器人 发表于 2018-11-19 21:11
虚拟机  win10专业版  64

1. 测试环境:WIN10  64 虚拟机
结果:扫描(42/42) + 执行(42/42)= 总计 (42/42)100%
结果:扫描(25/42) + 执行(25/42)= 总计 (25/42)59.5%
结果:扫描(36/42) + 执行(36/42)= 总计 (36/42)85.71%
扫描数+执行数超过样本总量……
回复

举报

bbs2811125
发表于 2018-11-19 21:53:47 | 显示全部楼层
本帖最后由 bbs2811125 于 2018-11-19 22:05 编辑

测试环境:WIN7 SP1  64 实机
测试产品:ESET Antivirus 11.2
病毒库版本:18405P
测试项目:扫描
测试配置:高启发+严格清除
结果:扫描(40/42) = 总计 (40/42)95.23%
日志
  1. Log
  2. Scan Log
  3. Version of detection engine: 18405P (20181119)
  4. Date: 2018/11/19  Time: 21:55:19
  5. Scanned disks, folders and files: C:\Users\Administrator\Desktop\1
  6. C:\Users\Administrator\Desktop\1\Kafan_Sample_03dc0dc21d25b76b15ae9608580b71fd56df170921aa8ce6f3248904fa99ae16.exe - a variant of Win32/CoinMiner.BTO trojan - cleaned by deleting [1]
  7. C:\Users\Administrator\Desktop\1\Kafan_Sample_04b2ce48ef8b216422a4d113bba1e4515c3f28a60d7f5de0ef3e827278c382ec.exe - a variant of Win32/Kryptik.GMWZ trojan - cleaned by deleting [1]
  8. C:\Users\Administrator\Desktop\1\Kafan_Sample_0844761b0a4a73440e32f2d2f553f95c03ee0cdbaaaca00a054251fa70cf5598.exe - a variant of MSIL/Kryptik.QCU trojan - cleaned by deleting [1]
  9. C:\Users\Administrator\Desktop\1\Kafan_Sample_0ef67fa621fe1e4a203b6b0e63437dd79a4668cb8fc34a7f53b5ce1ef8dfb1a8.exe - a variant of Win32/GenKryptik.CRND trojan - cleaned by deleting [1]
  10. C:\Users\Administrator\Desktop\1\Kafan_Sample_141c5f862c723ab68ca3fa253178ea5f49bcc619f20a147260c2135c221845dc.exe - a variant of Win32/Kryptik.GMXD trojan - cleaned by deleting [1]
  11. C:\Users\Administrator\Desktop\1\Kafan_Sample_14f60b2be0d05e3ab3b29db1f913ab656e27f23dbb637fb7b00016a88aa504af.exe - a variant of Win32/Injector.EBOH trojan - cleaned by deleting [1]
  12. C:\Users\Administrator\Desktop\1\Kafan_Sample_1744683004bef53248bef5cfe69a3864f5b1f076cc47bb117bdacd632c2e0f44.exe - Win32/PSW.Delf.OSF trojan - cleaned by deleting [1]
  13. C:\Users\Administrator\Desktop\1\Kafan_Sample_196fe4acd1be60d542a8422bcdbff882e93df2ba1e12ccb4f11a1f0619c7c22c.exe - a variant of Win32/Injector.EBRZ trojan - cleaned by deleting [1]
  14. C:\Users\Administrator\Desktop\1\Kafan_Sample_251be6e47569c7a2b9290bef261164c85189b39063ee971419586e9aa4a67205.exe - a variant of Win32/Kryptik.GMWZ trojan - cleaned by deleting [1]
  15. C:\Users\Administrator\Desktop\1\Kafan_Sample_32fd0449c2b2379013f99e200acbd6cde70434da3b414f6bb3fbe6ac45418f4e.exe - a variant of Win32/Injector.EBTD trojan - cleaned by deleting [1]
  16. C:\Users\Administrator\Desktop\1\Kafan_Sample_3d728200c19b89fd411e1b5053c5dc85f8c38c346d30f73e85026d409ed58333.exe - a variant of Win32/Kryptik.GMWN trojan - cleaned by deleting [1]
  17. C:\Users\Administrator\Desktop\1\Kafan_Sample_46c8e192bb6e37452c1b8029987a7c05f64b7766ff692731b050c402d91baa93.exe - a variant of Win32/Kryptik.GMVY trojan - cleaned by deleting [1]
  18. C:\Users\Administrator\Desktop\1\Kafan_Sample_46f615472c16fbac8ad2dfe28866716368e4b4e83b395ed88f13d4a2b9023e66.exe - a variant of Win32/GenKryptik.CRGW trojan - cleaned by deleting [1]
  19. C:\Users\Administrator\Desktop\1\Kafan_Sample_476fb97354997857df773bbe03c2c10341f514a924f4193a55bc4e430819058a.exe - a variant of MSIL/Agent.BPK trojan - cleaned by deleting [1]
  20. C:\Users\Administrator\Desktop\1\Kafan_Sample_4c85fce4f7630dda213bafc2f842dd131dfc5f087be7c6a75f4ad2ca378904d0.exe - a variant of Win32/Injector.EBOJ trojan - cleaned by deleting [1]
  21. C:\Users\Administrator\Desktop\1\Kafan_Sample_66d9d2301417590ac2f6af9d417d18edec1dd6d78297f791bc3866109e07a582.exe - a variant of MSIL/Kryptik.MYL trojan - cleaned by deleting [1]
  22. C:\Users\Administrator\Desktop\1\Kafan_Sample_7062d7960163491d06dee3deffeaff62466f496c3f7b6c831e38361863189cff.exe - a variant of Win32/GenKryptik.CROI trojan - cleaned by deleting [1]
  23. C:\Users\Administrator\Desktop\1\Kafan_Sample_734607f8e27473a00bad2c8121f4d0ff04e80d99f3be540bc8bf9dbf7920abb1.exe » WINRARSFX » wab.docx - Win32/Injector.Autoit.CNO trojan - cleaned by deleting [1]
  24. C:\Users\Administrator\Desktop\1\Kafan_Sample_734607f8e27473a00bad2c8121f4d0ff04e80d99f3be540bc8bf9dbf7920abb1.exe » WINRARSFX » utp=con - Win32/Injector.Autoit.DMX trojan - cleaned by deleting [1]
  25. C:\Users\Administrator\Desktop\1\Kafan_Sample_734607f8e27473a00bad2c8121f4d0ff04e80d99f3be540bc8bf9dbf7920abb1.exe » WINRARSFX » neg.exe » AUTOIT - archive damaged
  26. C:\Users\Administrator\Desktop\1\Kafan_Sample_7a7d1d01371068b61227b32bb2e33ffac7b5208f810930dd60519db7b6365785.exe - a variant of Win32/GenKryptik.CRNQ trojan - cleaned by deleting [1]
  27. C:\Users\Administrator\Desktop\1\Kafan_Sample_84411ed11f4dba7ae4f68033fc330b3cf0af49272a4f603a91f1fde8982945d9.exe - a variant of Win32/Injector.EBSO trojan - cleaned by deleting [1]
  28. C:\Users\Administrator\Desktop\1\Kafan_Sample_8af050453d0125803d6a910c862f10507c443439b8105959d65ca11d354874b7.exe - a variant of Win32/Kryptik.GMTS trojan - cleaned by deleting [1]
  29. C:\Users\Administrator\Desktop\1\Kafan_Sample_981e0d084f78e268294fe3c0a5ecc4869bb189aff927a6b6a5da0cad61b4fca4.exe - Win32/Filecoder.ED trojan - cleaned by deleting [1]
  30. C:\Users\Administrator\Desktop\1\Kafan_Sample_9b0937735907a8a236f598d3958e9e954088f7bec6cf22e7b692798bb0288eca.exe » WINRARSFX » erw.mp4 - Win32/Injector.Autoit.CNO trojan - cleaned by deleting [1]
  31. C:\Users\Administrator\Desktop\1\Kafan_Sample_9b0937735907a8a236f598d3958e9e954088f7bec6cf22e7b692798bb0288eca.exe » WINRARSFX » mdg=tix - Win32/Injector.Autoit.DMX trojan - cleaned by deleting [1]
  32. C:\Users\Administrator\Desktop\1\Kafan_Sample_a316cb0c4164c0d69a697f00e5094b839278ade2a0e72c94a87204e5ed97be88.exe - a variant of Win32/Injector.EBST trojan - cleaned by deleting [1]
  33. C:\Users\Administrator\Desktop\1\Kafan_Sample_a788946eabd1751b42ef5c56078b16fef162e3529676b00c67b92057acbcb34f.exe - a variant of Win32/Kryptik.GMWZ trojan - cleaned by deleting [1]
  34. C:\Users\Administrator\Desktop\1\Kafan_Sample_acfa54a8af9aaa83f0e47f831d026932c9779f1b01538654f296a2ef6de3db8a.exe - a variant of Win32/PSW.Delf.OSF trojan - cleaned by deleting [1]
  35. C:\Users\Administrator\Desktop\1\Kafan_Sample_afa74d3dc3f8c43fc7fd50c5d4a09b70a6e9f28773f8524d56bb52dddcd6b634.exe - a variant of Win32/Kryptik.GMWT trojan - cleaned by deleting [1]
  36. C:\Users\Administrator\Desktop\1\Kafan_Sample_b4797a0d1fe9fb6f6e293174113163d715e9e3e3ceed1456cce8108f803bff86.exe - a variant of MSIL/Kryptik.QEQ trojan - cleaned by deleting [1]
  37. C:\Users\Administrator\Desktop\1\Kafan_Sample_bb7a3ad5fbb5c74a21df4221feaa3312a4b0081ffab2bb4c1946ea81d0f216a2.exe - a variant of Win32/Injector.EBSO trojan - cleaned by deleting [1]
  38. C:\Users\Administrator\Desktop\1\Kafan_Sample_bf3f6b080abf50a2f30e84a3a05d1cd8176b79d479d3d3cc7b4037bc69a46ea3.exe - a variant of MSIL/Kryptik.QEQ trojan - cleaned by deleting [1]
  39. C:\Users\Administrator\Desktop\1\Kafan_Sample_c22e55998bef3ebe5bdbabab3a452e548abe2362a94797c3bbfebc502c452220.exe - Win32/Spy.Ursnif.BW trojan - cleaned by deleting [1]
  40. C:\Users\Administrator\Desktop\1\Kafan_Sample_c36cd1a0d52160ecd1659f5e55a12c7cfed3ac7349d6d477430ade738b3314a7.exe - a variant of Win32/Injector.EBSO trojan - cleaned by deleting [1]
  41. C:\Users\Administrator\Desktop\1\Kafan_Sample_c4fb7745588d2070b7ed6505565093cd62bd496983e6b7d3da288db8a8d2b65a.exe - a variant of MSIL/Kryptik.NMB trojan - cleaned by deleting [1]
  42. C:\Users\Administrator\Desktop\1\Kafan_Sample_d93bb2565e094cb5606ddf06e0423fcbb5c9f10c548229d4a45f91c495a5a784.exe - a variant of MSIL/Kryptik.NYS trojan - cleaned by deleting [1]
  43. C:\Users\Administrator\Desktop\1\Kafan_Sample_ddd66eabe3ae2e9a749d3050735d642268e4f0b093f67895ad393dd967cb2882.exe - a variant of Generik.DLWYEXI trojan - cleaned by deleting [1]
  44. C:\Users\Administrator\Desktop\1\Kafan_Sample_e5278c21fb2e7265c565c5c878c02efd48bd8b915c5f7c4cdb82ab5da9e17b95.exe - a variant of Win32/GenKryptik.CROC trojan - cleaned by deleting [1]
  45. C:\Users\Administrator\Desktop\1\Kafan_Sample_f25c10ee263a94a055c9c4dbd61c2f5924b91a431808ddfa8923ab2d3f22ab35.exe - a variant of MSIL/Kryptik.MYL trojan - cleaned by deleting [1]
  46. C:\Users\Administrator\Desktop\1\Kafan_Sample_f2c286111158deef0ec28a7a30ede742406cf696f04cb8c1db7496cc06363501.exe - a variant of Win32/Kryptik.GMWW trojan - cleaned by deleting [1]
  47. C:\Users\Administrator\Desktop\1\Kafan_Sample_fb01865939141162a03e2786cb61a9bdfd9ac1abd158cb1655326d86197ca870.exe » CRYPTOOBFUSCATOR » deobfuscated.exe - a variant of MSIL/Kryptik.PXT trojan - cleaned by deleting [1]
  48. C:\Users\Administrator\Desktop\1\Kafan_Sample_fce3fef3ecb30e3dd10c4a0b80eb62f2e98a4892aee81f7660e2f125a9f2f17b.exe - a variant of Win32/Kryptik.GMWQ trojan - cleaned by deleting [1]
  49. Number of scanned objects: 190
  50. Number of threats found: 42
  51. Number of cleaned objects: 42
  52. Time of completion: 21:55:54  Total scanning time: 35 sec (00:00:35)

  54. Notes:
  55. [1] Object has been deleted as it only contained the virus body.
复制代码

回复

举报

taroyoo
发表于 2018-11-19 21:57:50 | 显示全部楼层
191196846 发表于 2018-11-19 21:31
提供下ATD拦截日志或截图~

已补,手快把快照恢复了,又双击了一遍。(扫描余下的九只其中有一只双击后是云杀)
Kafan_Sample_c36cd1a0d52160ecd1659f5e55a12c7cfed3ac7349d6d477430ade738b3314a7.exe is infected with Gen:Suspicious.Cloud.8.Im1@aOI@Vani

评分

参与人数 1人气 +1 收起 理由
Jerry.Lin + 1 感谢

查看全部评分

回复

举报

杰伦J时代
发表于 2018-11-19 21:57:58 | 显示全部楼层
dsb2466 发表于 2018-11-19 21:16
二扫:

为什么相差这么大?
回复

举报

下一页 »
12345678下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-4-25 10:00 , Processed in 0.097056 second(s), 15 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表