【开放测试】卡饭病毒样本包 第五十期 20190408

Jerry.Lin

Kafan Virlist 发布帖        卡饭病毒测试组版权所有 Copyright 2007-2019 Kafan Malware Analysis & Test Team 严谨 冷静 执着 责任 Conscientiousness, Calm, Insistence & Responsibility

病毒测试组成员 Members of Kafan Malware Analysis & Test Team

Agu, B100D1E55, XywCloud, 191196846

感谢为本次测试提供样本的成员 The samples are provided by：191196846

友情提示 Attention Please 请您注意 Caution Please 请注意，所以样本均为真实威胁，具有严重危害性。请不要在没有任何安全措施保存，打开或执行这些样本。我们不对因不恰当测试方式造成的任何损失负责。 Please NOTICE that all samples are actual threats which can damage your computer. Please DO NOT save, open, or execute these samples without any security protection or isolation. We are not responsible for any loss caused by inappropriate test methods. 所有的样本仅用于测试或其他非盈利目的。我们希望您在正式测试结束后能将它们发送给安全厂商以供分析，这将有助于提高反病毒软件等对恶意软件的侦测率。 You must make sure that all these samples are ONLY for testing or other non-profit usages. We hope you can send these samples to security vendors after the end of testing to help improve the detection rate.

测试阶段：

1、正式测试：需按照测试要求，回帖要求 进行测试；样本包下载地址回帖可见；前3位测试者经验+10；优秀双击测试者（提供详细日志，截图，统计数据） 经验+20。

2、开放测试：对测试形式，回帖不做要求

测试要求：
扫描标准：
√默认设置
√联网

执行标准：
√默认设置
√联网
√软件版本最新
×沙盒环境

*如与标准不同，请详细标注您的自定义测试配置

回帖模板：
例子：

测试环境：WIN7 SP1  64 虚拟机
测试产品：卡巴斯基 Kaspersky 2019
病毒库版本：20180909
测试项目：扫描+执行
测试配置：标准
结果：扫描（18/18） + 执行（22/22）= 总计 （40/40）100%
日志：（必选，过长请上传附件……）
截图（可选）：

1. 测试环境：
   
2. 测试产品：
   
3. 病毒库版本：
   
4. 测试项目：
   
5. 测试配置：
   
6. 结果：扫描（/） + 执行（/）= 总计 （/）%
   
7. 日志：
   
8. 截图：

复制代码

占楼时可选择：

1. 测试环境：WIN7 SP1  32 虚拟机
   
2. 测试产品：卡巴斯基 Kaspersky

复制代码

回帖要求：
1、测试完成后请在原占楼贴上编辑，切勿重新回复，违者按灌水处理。
2、正式测试期间，回复测试无关贴（例如“下载”，“试试看”），按灌水处理。

样本包基本信息：
名称：卡饭病毒样本包 20190408.7z
内容：流行样本
样本数量：71
SHA1: 173A658AD971D8CA67834F7A7AC2214CD8452920
下载地址：

蓝奏
OneDrive

密码：infected


当前测试阶段：开放测试

静影沉璧

测试环境：Windows 10 LTSC 2019 x64
测试产品：Bitdefender Total Security 2019
病毒库版本：2019/4/8 17:45
测试项目：扫描+执行
测试配置：标准
结果：扫描（55/71） + 云杀1X + 执行（7X）= 总计 （63/71）88.7%
日志：

1. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_fa48eaaefbf1741a9fec02808fd1fa530c581db2a8bce6700d97c3fdcd9d032b.exe Gen:Heur.Liusky.1 Deleted
   
2. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_63154e24a29c5ab085885460cfed75a27b4b931e31729cdb21ec44ebab3b04e9.exe Trojan.Agent.DTYB Deleted
   
3. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_1716fa1a8fa3cacf071ffdca49798475a0e981fe748cc6cd9ca4ac72b565828c.exe Gen:Variant.Graftor.3686 Deleted
   
4. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_380785f5fcedfce35f4dbe2d4c6361fd9fb68c6bf25bb6dce153845928fdc737.exe Trojan.GenericKD.41185861 Deleted
   
5. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_4355ea1ca7bb32e4d0986ba3f67b993d27bada788c0ceb8d0206f6d5e0121b72.exe Trojan.Agent.DTXH Deleted
   
6. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_c54791e1271bc268cd977ed4e06319c97d7e2c6aea01bd1692e0e956a834c43c.exe Gen:Variant.MSILPerseus.184541 Deleted
   
7. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_cd1dff63b942ef21465ad541b653f93a01355f3f6fd2268626f2775c8715456f.exe Gen:Variant.Ursu.417951 Deleted
   
8. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_4b16b2716e9f07ff917e538f6c31e2894fc9513068f88704f07683e4d1cb60c7.exe Trojan.GenericKD.41183348 Deleted
   
9. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_fbbd91f26663f242a904aa40b01cf72f19ae95ef4e6aabfdb6529652b85512a4.exe Trojan.GenericKD.31867400 Deleted
   
10. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_c8e94ff0e80320486505b542d5971affcb313ee90f66e562b7c64737a10f3972.exe=>(AutoIT Script)=>(unicode) AIT:Trojan.Nymeria.1347 Deleted
    
11. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_d1bc1b3c8b84b0ad04adf73fac0542c4a434ca1993db8493e9ef129f409949e2.exe=>(AutoIT r)=>(AutoIT Script)=>(unicode) AIT:Trojan.Nymeria.1347 Deleted
    
12. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_ed1bdfe0ebbe4a0b1e952af1117fd7d63bd9bea9e6180af820e5a3f26aa452b4.exe=>(AutoIT r)=>(AutoIT Script)=>(unicode) AIT:Trojan.Nymeria.1153 Deleted
    
13. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_d8670eda5856b8c9549e3a9b06d8e5c10e52d3c1d1a16f6e3f19bdce850cdf44.exe Trojan.Agent.DTQR Deleted
    
14. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_021870fc7fff6d1cb05c548e660282f286c559fee5fdd0b30050749dcb0ba96a.exe=>(Instyler o)=>(Instyler Setup) Application.DealAlpha.1.Gen Moved to Quarantine
    
15. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_fb391851bb45bad952e907860c1347bc7c6145f56f23fe9677b2a8cb4f056983.exe Trojan.GenericKD.31863748 Deleted
    
16. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_dc3cc501465456377308ed064088a6cad92432652344e08fbe7d25056fec7bf9.exe=>(AutoIT r)=>(AutoIT Script)=>(unicode) AIT:Trojan.Nymeria.1347 Deleted
    
17. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_db3bd4b981be354598348f8e99a13dabd6276a08277d0243a70819ffb7746d28.exe Trojan.Agent.DTXJ Deleted
    
18. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_ceb5ea936a5ee6589449027bfccb80daf4b329afef39e7ff5a9f30ddbd80bb08.exe Gen:Variant.Ursu.419555 Deleted
    
19. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_df3f5671ef0fce12c24e252ee1a2648257a795dba3d191a68bbaf4ec6990afcf.exe Gen:Variant.MSILPerseus.10871 Deleted
    
20. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_4abedd400630f20516dd8120bfab94f3ee549de4fe5956494b3ad1c66688a992.exe Gen:Variant.Ursu.419555 Deleted
    
21. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_d1640f2a773a1f0a3b76d48c407d6fee90bdd2d80dc5b3f76de77fa3f59a4999.exe Gen:Variant.Razy.487523 Deleted
    
22. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_f3d0db312139383b2a7d50c7798cd92d218149df1c9748c9345fd76abf2de7d0.exe Gen:Suspicious.Cloud.1.Dm0@aGoFPOeG Deleted
    
23. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_ca1325323bb421d294e9178cf15ee23c0c5d2f0982311551d38d3836e3d8b43e.exe=>(AutoIT r)=>(AutoIT Script)=>(unicode) AIT:Trojan.Nymeria.1619 Deleted
    
24. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_7564534bbb8d7a5d784832c3bfdbc9426b716063145bcba493f4b486ae6dfbd0.exe=>(AutoIT r)=>(AutoIT Script)=>(unicode) AIT:Trojan.Nymeria.1347 Deleted
    
25. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_c932d16f94df13479cbd3d82c019184d58bba5c09be96dfef68498707bb21423.exe Trojan.GenericKD.31863181 Deleted
    
26. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_47093c7184ef82f577a6903ce563ad35d1c33f00b22b9e6d4085be16e3dda80b.exe Gen:Variant.Razy.487190 Deleted
    
27. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_c8e94ff0e80320486505b542d5971affcb313ee90f66e562b7c64737a10f3972.exe=>(AutoIT r)=>(AutoIT Script)=>(unicode) AIT:Trojan.Nymeria.1347 Deleted
    
28. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_3af3ed7a974964776fe6da58806c5af863f48c66b9fd8e0c786c60ca21954e5a.exe Trojan.GenericKD.41180566 Deleted
    
29. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_c5ebe642e3e61a3d8221d32e5cf0e463d2393e834875aa7c58fab1cdbb84151d.exe Trojan.GenericKD.31863025 Deleted
    
30. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_4a665afc76ea94fb5e8b747e04223e23b5d584293f6c1aafbee417ce7b22d6fe.exe Gen:Trojan.Heur.RP.uuX@a0lVz3bi Deleted
    
31. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_cfb9a4f5db7901b05cab050987e5bc5d8886471b50688838f928309a296aad31.exe=>(RAR Sfx o)=>INV_TS459030-9338903.exe Trojan.GenericKD.31749369 Moved to Quarantine
    
32. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_bef7a50bb25321cb292fab98a909920f76eefb56f01fac53e0023218d52893bd.exe Gen:Variant.Ulise.34811 Deleted
    
33. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_2e0be2815a57bacd6d64a2a9c9f4c5dd095367f295aba0a37179461ecbcb24f2.exe Gen:Variant.Razy.467448 Deleted
    
34. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_8ed941c8afdfe114550f2786407523bab1fe794a8c552a07577899b9529e78c2.exe Trojan.GenericKD.41178194 Deleted
    
35. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_bcc315419bafb2cc0aa73805ec68e0d76676b561b94f3bc6e19571bfa0dd9d64.exe Trojan.Agent.DTXU Deleted
    
36. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_9fa45bf60409f555c93f277c24dccb1456337860b797c5d65638ea727233214c.exe Gen:Variant.Razy.213307 Deleted
    
37. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_72e0b05a06457e9ec8948a22a18b60588349493f5a65bfa9035993d2575443f0.exe=>(AutoIT r)=>(AutoIT Script)=>(unicode) AIT:Trojan.Nymeria.1619 Deleted
    
38. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_b02e34e12ddfbfb2b9cee09bcff0555d021ee9517cff574af06741f3e3181a63.exe Gen:Variant.Ursu.419555 Deleted
    
39. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_9fb555850de7ea12a0681a2de7f39e270b4d189a85d7bfb6277044320cee1926.exe Gen:Variant.Razy.19356 Deleted
    
40. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_9af26f184d0de4d1f42563d13cc89a9994175d2f71cd53a59860eea05a714c4a.exe Gen:Variant.Ursu.417427 Deleted
    
41. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_9f03e1f5aa1630ccf1d12b94a577af93307a361f9d4bec8a56494996df6bc030.exe Generic.MSIL.PasswordStealerA.AAFC3620 Deleted
    
42. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_7d84e56e030e8afa3fe4e46adfd686f5ef9cf764ee88333d76d8f200abef54b3.exe Gen:Variant.Strictor.188231 Deleted
    
43. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_8284fdb0d155522e625e7f81bc0f1742768f7719f54af5cafa34b3384653f1dc.exe Gen:Variant.Kazy.59476 Deleted
    
44. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_72ca7b5d8d3fc73afaf9c39eb13ad715e66c2ec60144e367a5111929c49ef28e.exe=>(AutoIT r)=>(AutoIT Script)=>(unicode) AIT:Trojan.Nymeria.1347 Deleted
    
45. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_d54a7896be8113fc6c31339c1c95c3ddc0134583528b6e0aa89fc14fe0af5646.exe=>(AutoIT r)=>(AutoIT Script)=>(unicode) AIT:Trojan.Nymeria.1619 Deleted
    
46. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_1fc4a5b7381e892d09d3f0e96fd3bc38e8074b7ef03151ae90a21163b652c178.exe Trojan.GenericKD.41185068 Deleted
    
47. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_3599dfd089775113818c94f13bf2962a43671b4f883cd824c4e9fcc200f4e7e4.exe Trojan.Agent.DTYD Deleted
    
48. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_3acd274d4cc553a9ab8e3f6aea7467594c3cc0ffdea5fe60d7601af6430d552d.exe Gen:Variant.Ulise.34836 Deleted
    
49. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_317f3fc1d357a9aa8e60741075fb0352e85e5213e82f63242d65e275c1646a19.exe Gen:Suspicious.Cloud.1.Im1@aGIJG0di Deleted
    
50. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_2701862f646e1b149f718588e69842ae6d0bc712868f7e55dd45cf9c0ed9df9d.exe=>(AutoIT r)=>(AutoIT Script)=>(unicode) AIT:Trojan.Nymeria.1153 Deleted
    
51. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_05da2d0f0f7c5195c48439a0379d21d36d90b30fa2ea0bd9966889406ee21fe8.exe=>(AutoIT r)=>(AutoIT Script)=>(unicode) AIT:Trojan.AutoIT.Agent.MR Deleted
    
52. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_1f19364bc9ad7f0c0567018c776dd5c714c933bc2b2f8c7e355fdf3ab78fa2dd.exe=>(AutoIT r)=>(AutoIT Script)=>(unicode) AIT:Trojan.Nymeria.1347 Deleted
    
53. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_05da2d0f0f7c5195c48439a0379d21d36d90b30fa2ea0bd9966889406ee21fe8.exe=>(Dropped 0)=>(AutoIT r)=>(AutoIT Script)=>(unicode) AIT:Trojan.AutoIT.Agent.MR Deleted
    
54. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_19de78c6e4a216239356425f5c4d220fae719a80fa467825409cdbaa76a26a21.exe Trojan.GenericKD.31866430 Deleted
    
55. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_05da2d0f0f7c5195c48439a0379d21d36d90b30fa2ea0bd9966889406ee21fe8.exe=>(Dropped 0)=>(AutoIT Script)=>(unicode) AIT:Trojan.AutoIT.Agent.MR Deleted
    
56. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_15d656062cc897fdb84590bb116d5e4b4cfbc536ef7e28d87f0ebf341d6eab4a.exe Gen:Variant.Ursu.419555 Deleted
    
57. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_26ce737ee01136a39e380fea334087a88d210ccb54da5a7db276e876b1404d86.exe=>(Instyler o)=>(Instyler Setup) Application.DealAlpha.1.Gen Moved to Quarantine
    
58. C:\Users\Joseph\Desktop\卡饭病毒样本包 20190408\Kafan_Sample_02e39f73d433e2ee3f8d3697bd1ebeb37aa087e3b16f08234ff128b2cd785693.exe MemScan:Trojan.PWS.Delf.INS Deleted
    

复制代码

截图：

wheyu。。。

测试环境：WIN7 SP1  64 虚拟机
测试产品：火绒 5.0.0.92
病毒库版本：20190407
测试项目：扫描
测试配置：标准
结果：扫描（28/71）= 39.44%

www-tekeze

测试环境：WIN10 LTSB x64 实机
测试产品：智量 v1.33
病毒库版本：20190408
测试项目：扫描
测试配置：标准
结果：扫描（69/71），97.2%

www-tekeze

测试环境：WIN10 LTSB x64  实机
测试产品：安天智甲 v5.0.0
病毒库版本：20190408
测试项目：扫描
测试配置：标准
结果：扫描（54/71），76.1%， PS：大部分都被VT收录了！

a233

www-tekeze 发表于 2019-4-8 17:47
测试环境：WIN10 LTSB x64 实机
测试产品：智量 v1.33
病毒库版本：20190408

图呢？

www-tekeze

测试环境：WIN10 LTSB x64 实机
测试产品：13版腾管，无BD
病毒库版本：20190408
测试项目：扫描
测试配置：标准
结果：扫描（24/71），33.8%

a233

测试环境：Windows 10 LTSC 2019

测试产品：Avast Premier V19.3

病毒库版本：190408-0
测试项目：扫描+执行
测试配置：标准
结果：扫描（67/71）+执行（3/7）= 总计（70/71）98.59%
截图：
日志：https://bbs.kafan.cn/forum.php?mod=attachment&aid=MzA0ODEyOHw2ODg3MWQ3ODEwZDc1YWNmNTYyMzY2YTdlYTgwYWM0ZXwxNzMyMjU3MjAx&request=yes&_f=.7z

www-tekeze

a233 发表于 2019-4-8 17:49
图呢？

先回复才能下载，哪有图？

小淘气

卡巴斯基断网站位