Ransom #4 (19.01.21)

显示全部楼层 · 发表于 2019-1-21 19:33:57

https://my.mixtape.moe/yjoymf.7z

infected

极宝杀毒正式版 V1.2.6

显示全部楼层 · 发表于 2019-1-21 19:40:06

本帖最后由 a286282313 于 2019-1-21 19:59 编辑

fs protection

未双击关闭监控扫描
kill 1 miss 3

扫描报告

2019年1月21日 19:52:54 - 19:52:55
扫描类型：病毒扫描
目标： "F:\yjoymf\Vir"

结果

已扫描项目： 9
找到的恶意项目： 1

详细信息Trojan.TR/Crypt.Agent.cgzgi

F:\yjoymf\Vir\1.scr:已清除

版本信息扫描引擎：

F-Secure Capricorn: 18.0.421, 2019-01-21
F-Secure Hydra: 5.22.28, 2019-01-16
F-Secure Lynx: 2.3.101
F-Secure Online: 17.5.480
F-Secure USS: 5.8.255, 2018-07-23
F-Secure Virgo Detection: 17.5.480

显示全部楼层 · 发表于 2019-1-21 19:53:53

卡巴清空

21.01.2019 19.53.28;检测到的对象 ( 文件 ) 将在计算机重启后处理;C:\Users\Administrator\Desktop\Vir\s.exe;C:\Users\Administrator\Desktop\Vir\s.exe;UDS:Trojan-Ransom.Win32.Shade;木马程序;01/21/2019 19:53:28
21.01.2019 19.53.27;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\Vir\2.exe;C:\Users\Administrator\Desktop\Vir\2.exe;UDS:Trojan.Win32.Inject;木马程序;01/21/2019 19:53:27
21.01.2019 19.53.27;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\Vir\1.scr//messageinfo.exe;C:\Users\Administrator\Desktop\Vir\1.scr//messageinfo.exe;UDS:Trojan.Win32.Inject;木马程序;01/21/2019 19:53:27
21.01.2019 19.53.27;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\Vir\1.scr//arbitrinfo.exe;C:\Users\Administrator\Desktop\Vir\1.scr//arbitrinfo.exe;UDS:Trojan.Win32.Llac;木马程序;01/21/2019 19:53:27
21.01.2019 19.53.27;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\Vir\1.scr;C:\Users\Administrator\Desktop\Vir\1.scr;UDS:Trojan.Win32.Llac;木马程序;01/21/2019 19:53:27
21.01.2019 19.53.26;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\Vir\3.exe;C:\Users\Administrator\Desktop\Vir\3.exe;Trojan-Ransom.Win32.Crypmod.aazf;木马程序;01/21/2019 19:53:26

复制代码

显示全部楼层 · 发表于 2019-1-21 19:54:44

显示全部楼层 · 发表于 2019-1-21 19:58:04

CIS

VirusScope kill all

显示全部楼层 · 发表于 2019-1-21 20:04:14

显示全部楼层 · 发表于 2019-1-21 20:29:31

Avira 清空

01/21/2019,20-03-35 [INFO] FP reports status 'NO False Positive' for file 'c:\idm\idm\downloads\compressed\yjoymf\vir\2.exe'
01/21/2019,20-03-35 [INFO] Successful Cloud SDK initialization and license check.
01/21/2019,20-03-35 [INFO] The file 'c:\idm\idm\downloads\compressed\yjoymf\vir\2.exe' was scanned with the Protection Cloud. SHA256 = F45C1A4ED9F6FF5D76632771D84E41F3521FAE9165BF2241434BF4D40D552A0E
01/21/2019,20-03-35 [INFO] c:\idm\idm\downloads\compressed\yjoymf\vir\2.exe
01/21/2019,20-03-35 [INFO] [DETECTION] file contains 'TR/Crypt.Agent.f45c1a'
01/21/2019,20-03-35 [INFO] FP reports status 'NO False Positive' for file 'c:\idm\idm\downloads\compressed\yjoymf\vir\3.exe'
01/21/2019,20-03-35 [INFO] The file 'c:\idm\idm\downloads\compressed\yjoymf\vir\3.exe' was scanned with the Protection Cloud. SHA256 = C0432DC1251ABDDD412F0119BBBD644814B181517FE2C7331F35AB9F4A63072B
01/21/2019,20-03-35 [INFO] c:\idm\idm\downloads\compressed\yjoymf\vir\3.exe
01/21/2019,20-03-35 [INFO] [DETECTION] file contains 'TR/Crypt.XPACK.c0432d'
01/21/2019,20-03-36 [INFO] FP reports status 'NO False Positive' for file 'c:\idm\idm\downloads\compressed\yjoymf\vir\s.exe'
01/21/2019,20-03-36 [INFO] The file 'c:\idm\idm\downloads\compressed\yjoymf\vir\s.exe' was scanned with the Protection Cloud. SHA256 = 0DDCD4073C567F011477E54C4632E3AE44ED41608C109E01B7F829B82701C694
01/21/2019,20-03-36 [INFO] c:\idm\idm\downloads\compressed\yjoymf\vir\s.exe
01/21/2019,20-03-36 [INFO] [DETECTION] file contains 'TR/Crypt.XPACK.0ddcd4'
01/21/2019,20-24-50 [INFO] FP reports status 'NO False Positive' for file 'c:\idm\idm\downloads\compressed\yjoymf\vir\1.scr'
01/21/2019,20-24-50 [INFO] c:\idm\idm\downloads\compressed\yjoymf\vir\1.scr
01/21/2019,20-24-50 [INFO] [DETECTION] file contains 'TR/Crypt.Agent.cgzgi'

复制代码

显示全部楼层 · 发表于 2019-1-21 20:37:31

Avast

显示全部楼层 · 发表于 2019-1-21 21:25:24

FSP 清空

显示全部楼层 · 发表于 2019-1-21 21:25:51

清空

[病毒样本] Ransom #4 (19.01.21)

本帖子中包含更多资源

评分

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源