几枚样本(4.20)

Nocria

G DATA killed 2x.

1. Object: PO_1078.xlsx
   
2.         Path: C:\Users\promi\Desktop\5X
   
3.         Status: Virus removed
   
4.         Virus: Trojan.GenericKD.31894224 (Engine A)
   
5. 
   
6. Object: skeet.cc [CRACK].bin
   
7.         Path: C:\Users\promi\Desktop\5X
   
8.         Status: Virus removed
   
9.         Virus: Gen:Variant.MSILPerseus.183360 (Engine A)
   
10. 
    
11. The following files are password-protected:
    
12.         ----------------------------------------------------------------
    
13.         C:\Users\promi\Desktop\5X\Test.bin
    
14.         ----------------------------------------------------------------
    

复制代码

wakin

a233 发表于 2019-4-20 10:00
Avast
* Avast 扫描报告
* 该文件是自动生成的

样本区你也很活跃啊
AVAST的忠实用户

wakin

skystars 发表于 2019-4-20 10:10
诸葛亮杀毒kill 3x

诸葛亮杀毒是什么鬼

a233

wakin 发表于 2019-4-20 10:49
样本区你也很活跃啊
AVAST的忠实用户

毕竟我第一个接触的外国杀软就是Avast啊

wakin

a233 发表于 2019-4-20 10:51
毕竟我第一个接触的外国杀软就是Avast啊

我接触的好像就是Mcafee，后来到卡饭后才接触AVG，红伞和AVAST的……

c/mm

Dr.web

YU2711

Trend Micro Beta 2X

1. Threat:        TROJ_CVE20171182.SM
   
2. Source:        Threat
   
3. Affected Files:        C:\IDM\idm\Downloads\Compressed\5X\PO_1078.xlsx\xl\worksheets\sheet1.xml
   
4. Response:        Removed
   
5. Detected By:        Manual Scan
   
6. Threat:        TROJ_GEN.R002C0WCO19
   
7. Source:        Virus
   
8. Affected Files:        C:\IDM\idm\Downloads\Compressed\5X\skeet.cc [CRACK].bin
   
9. Response:        Removed
   
10. Detected By:        Manual Scan

复制代码

Jerry.Lin

1. Emsisoft Commandline Scanner - Version 2018.6
   
2. Last update: 2019/4/20 11:45:30
   
3. 
   
4. Scan settings:
   
5. 
   
6. Scan type:                             Custom Scan
   
7. Objects:                               C:\Users\zhong\Downloads\Compressed\卡饭\5X
   
8. 
   
9. Detect Potentially Unwanted Programs:  On
   
10. Scan archives:                         On
    
11. Scan mail archives:                    Off
    
12. ADS Scan:                              On
    
13. File extensions:                       Off
    
14. Direct disk access:                    Off
    
15. 
    
16. Scan start:                            2019/4/20 11:45:30
    
17. 
    
18. C:\Users\zhong\Downloads\Compressed\卡饭\5X\PO_1078.xlsx         detected: Trojan.GenericKD.31894224 (B)
    
19. C:\Users\zhong\Downloads\Compressed\卡饭\5X\skeet.cc [CRACK].bin         detected: Gen:Variant.MSILPerseus.183360 (B)
    
20. 
    
21. Scanned           8
    
22. Found             2
    
23. Removed           2
    
24. 
    
25. 
    
26. Scan end:         2019/4/20 11:45:39
    
27. Scan time:        0:00:09
    

复制代码

1. Signature: 2019-04-19 17:19
   
2. Started at: 2019-04-20 11:38
   
3. Duration: 00:00:02
   
4. Object(s): 48
   
5. File(s): 8
   
6. Threat(s): 1
   
7. Cleaned: 0
   
8. 
   
9. Virus Details
   
10. 
    
11. 
    
12. Path: C:\Users\zhong\Downloads\Compressed\卡饭\5X\PO_1078.xlsx >> xl\embeddings\oleObject1.bin, Detection: Exploit/CVE-2017-11882.gen, Detection ID: 21f770a61cebbcbb, Result: Ignored
    

复制代码

skystars

你好，再见 发表于 2019-4-20 10:17
你别忘了，极宝昨天360,vt都是0x，本地引擎4x~

因为你的启发引擎优先，人家小红伞都报了

七游

360TSE 清空8X
日志罕见的bug了，扫描项目0威胁0，不过隔离区确实是全杀了

1. Test.bin    Win32/Trojan.815
   
2. skeet.dl     Trojan.Generic
   
3. skeet.cc[CRACK].bin    Win32/Trojan.9ad
   
4. private injector.exe   Win32/Trojan.7e5
   
5. PO_1078.xlsx   Trojan.Generic
   
6. Plastic Fork.bin   Win32/Sorter.AVE.DotNetFile.A
   
7. extractor.exe    Trojan.Generic
   
8. dont touch unlees show.bat   Trojan.Generic

复制代码