20190129病毒样本测试

huang1111

https://www.lanzous.com/i31186j
密码:infected
ps：样本目测是9个，附上卡巴详情

dreams521

卡巴

1. 29.01.2019 21.35.49;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\2019-01-25-1st-run-Emotet-and-Trickbot-malware\2019-01-25-1st-run-Emotet-EXE-retrieved-by-Word-macro.exe;C:\Users\Administrator\Desktop\2019-01-25-1st-run-Emotet-and-Trickbot-malware\2019-01-25-1st-run-Emotet-EXE-retrieved-by-Word-macro.exe;Trojan-Banker.Win32.Emotet.cbxf;木马程序;01/29/2019 21:35:49
   
2. 29.01.2019 21.35.47;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\2019-01-25-1st-run-Emotet-and-Trickbot-malware\WNetval\xRuRpFWkNGftgr1U.exe;C:\Users\Administrator\Desktop\2019-01-25-1st-run-Emotet-and-Trickbot-malware\WNetval\xRuRpFWkNGftgr1U.exe;Trojan.Win32.Inject.aldxy;木马程序;01/29/2019 21:35:47
   
3. 29.01.2019 21.35.47;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\2019-01-25-1st-run-Emotet-and-Trickbot-malware\WNetval\sz_zxnc9r9i3ulwyv0n_1k4a7ev1y_8yrf_p1xutbe1ydwxrth0t7tfg31tnz4z1.exe;C:\Users\Administrator\Desktop\2019-01-25-1st-run-Emotet-and-Trickbot-malware\WNetval\sz_zxnc9r9i3ulwyv0n_1k4a7ev1y_8yrf_p1xutbe1ydwxrth0t7tfg31tnz4z1.exe;Trojan.Win32.Mansabo.bvj;木马程序;01/29/2019 21:35:47
   
4. 29.01.2019 21.35.47;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\2019-01-25-1st-run-Emotet-and-Trickbot-malware\2019-01-25-1st-run-Trickbot-downloaded-by-Emotet-infected-host.exe;C:\Users\Administrator\Desktop\2019-01-25-1st-run-Emotet-and-Trickbot-malware\2019-01-25-1st-run-Trickbot-downloaded-by-Emotet-infected-host.exe;Trojan.Win32.Inject.aldxy;木马程序;01/29/2019 21:35:47
   
5. 29.01.2019 21.35.47;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\2019-01-25-1st-run-Emotet-and-Trickbot-malware\2019-01-25-1st-run-Emotet-EXE-updated-after-initial-infection.exe;C:\Users\Administrator\Desktop\2019-01-25-1st-run-Emotet-and-Trickbot-malware\2019-01-25-1st-run-Emotet-EXE-updated-after-initial-infection.exe;Trojan-Banker.Win32.Emotet.cbxk;木马程序;01/29/2019 21:35:47
   
6. 29.01.2019 21.35.47;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\2019-01-25-1st-run-Emotet-and-Trickbot-malware\2019-01-25-1st-run-downloaded-Word-doc-with-macro-for-Emotet.doc//data0000//macros;C:\Users\Administrator\Desktop\2019-01-25-1st-run-Emotet-and-Trickbot-malware\2019-01-25-1st-run-downloaded-Word-doc-with-macro-for-Emotet.doc//data0000//macros;HEUR:Trojan-Downloader.MSOffice.SLoad.gen;木马程序;01/29/2019 21:35:47
   
7. 29.01.2019 21.35.47;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\2019-01-25-1st-run-Emotet-and-Trickbot-malware\2019-01-25-1st-run-downloaded-Word-doc-with-macro-for-Emotet.doc//data0000//macros//spusv;C:\Users\Administrator\Desktop\2019-01-25-1st-run-Emotet-and-Trickbot-malware\2019-01-25-1st-run-downloaded-Word-doc-with-macro-for-Emotet.doc//data0000//macros//spusv;HEUR:Trojan-Downloader.MSOffice.SLoad.gen;木马程序;01/29/2019 21:35:47
   
8. 29.01.2019 21.35.47;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\2019-01-25-1st-run-Emotet-and-Trickbot-malware\2019-01-25-1st-run-downloaded-Word-doc-with-macro-for-Emotet.doc;C:\Users\Administrator\Desktop\2019-01-25-1st-run-Emotet-and-Trickbot-malware\2019-01-25-1st-run-downloaded-Word-doc-with-macro-for-Emotet.doc;UDS:DangerousObject.Multi.Generic;01/29/2019 21:35:47
   
9. 29.01.2019 21.35.46;检测到的对象 ( 文件 ) 已删除;C:\Users\Administrator\Desktop\2019-01-25-1st-run-Emotet-and-Trickbot-malware\2019-01-25-1st-run-Trickbot-related-binary.exe;C:\Users\Administrator\Desktop\2019-01-25-1st-run-Emotet-and-Trickbot-malware\2019-01-25-1st-run-Trickbot-related-binary.exe;Trojan.Win32.Mansabo.bvj;木马程序;01/29/2019 21:35:46
   

复制代码

huang1111

卡巴斯基扫描了半天，一直尝试清除，但还是只能删除

dreams521

还是老的，一直没更新

huang1111

dreams521 发表于 2019-1-29 21:37
还是老的，一直没更新

卡巴全清我已经试过了，看看其他软件咋样

c/mm

AVAST

huang1111

dreams521 发表于 2019-1-29 21:37
还是老的，一直没更新

你是不是设置过检测到危险直接清除啊，咋没看你有清除失败，已删除这个提示

dreams521

huang1111 发表于 2019-1-29 21:43
你是不是设置过检测到危险直接清除啊，咋没看你有清除失败，已删除这个提示

先清除，弄不了再删

huang1111

c/mm 发表于 2019-1-29 21:42
AVAST

漏两个勉强及格吧

huang1111

dreams521 发表于 2019-1-29 21:44
先清除，弄不了再删

哦哦，还是默认的，以为你省时间直接改成文件删除