GandCrab (19.01.25)

显示全部楼层 · 发表于 2019-1-25 22:56:45

https://my.mixtape.moe/otnveg.7z

infected

显示全部楼层 · 发表于 2019-1-25 22:57:48

本帖最后由 dreams521 于 2019-1-25 23:14 编辑

[code]25.01.2019 23.08.52;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\crb\crab1.exe;C:\Users\Administrator\Desktop\crb\crab1.exe;HEUR:Exploit.Win32.CVE-2018-8120.a;木马程序;01/25/2019 23:08:52
25.01.2019 22.59.32;检测到的对象 ( 处理内存 ) 已删除;c:\users\administrator\desktop\otnveg\crb\crab.exe;c:\users\administrator\desktop\otnveg\crb\crab.exe;PDM:Trojan.Win32.Generic;木马程序;01/25/2019 22:59:32

复制代码

显示全部楼层 · 发表于 2019-1-25 23:01:12

显示全部楼层 · 发表于 2019-1-25 23:09:31

cis kill

显示全部楼层 · 发表于 2019-1-25 23:13:00

本帖最后由 BE_HC 于 2019-1-25 23:17 编辑

Norton Kill All

https://www.symantec.com/security-center/writeup/2018-050116-2819-99?ssdcat=118&vid=56275&product=Norton+Security&version=22.16.3.21&plang=sym%3aCS&layouttype=ESD&buildname=Retail&heartbeatID=058C9C67-7822-494D-8A4A-B79AC998244B&eapenabled=false&env=prod&vendorid=1000&plid=762&plgid=30&skup=21352329&skum=21376863&skuf=21350739&endpointid=058C9C67-7822-494D-8A4A-B79AC998244B&partnerid=1000&lic_type=16&lic_attr=16928786&psn=KGQKFGVP3FT9&puid=5039&templatecat=SBU_W_1000_5039_NS_ESD_2&schemacat=SBU_W&schemaver=1.0.0.0&olpchannel=SESD&osvers=10.0&oslocale=iso%3aCHN&oslang=iso%3aZHS&os=windows

A packer is a tool that compresses, encrypts, or obfuscates executable files. Malware authors often use packers to conceal threats from detection by antivirus software. Packed.Generic.525 detects a packer that is not known to be used for legitimate purposes.

This heuristic detection is used to detect threats associated with the following family:

Ransom.GandCrab

显示全部楼层 · 发表于 2019-1-25 23:13:28

本帖最后由 BE_HC 于 2019-1-25 23:14 编辑

Malwarebytes Free MISS All

显示全部楼层 · 发表于 2019-1-25 23:24:16

Avira kill all

01/25/2019,23-23-17 [INFO] FP reports status 'NO False Positive' for file 'e:\idm\downloads\compressed\otnveg\crb\crab.exe'
01/25/2019,23-23-17 [INFO] e:\idm\downloads\compressed\otnveg\crb\crab.exe
01/25/2019,23-23-17 [INFO] [DETECTION] file contains 'TR/Crypt.ZPACK.Gen2'
01/25/2019,23-23-20 [INFO] FP reports status 'NO False Positive' for file 'e:\idm\downloads\compressed\otnveg\crb\crab1.exe'
01/25/2019,23-23-20 [INFO] The file 'e:\idm\downloads\compressed\otnveg\crb\crab1.exe' was scanned with the Protection Cloud. SHA256 = 68E35D86A0BE94EB80BA125F0669AE0B703E304B5A2A5C4D2DEA70B037345243
01/25/2019,23-23-20 [INFO] e:\idm\downloads\compressed\otnveg\crb\crab1.exe
01/25/2019,23-23-20 [INFO] [DETECTION] file contains 'TR/AD.GandCrab.B'

复制代码

显示全部楼层 · 发表于 2019-1-25 23:25:05

火绒、智量都是清空。。

显示全部楼层 · 发表于 2019-1-25 23:35:26

安天智甲、管家无BD，miss all 。。

PS：加BD的管家可以杀一个，看报法是BD的。

显示全部楼层 · 发表于 2019-1-25 23:57:07

G Data

[病毒样本] GandCrab (19.01.25)

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源