Ransom.Dharma (19.07.02)

显示全部楼层 · 发表于 2019-7-2 14:44:24

显示全部楼层 · 发表于 2019-7-2 14:44:47

占楼

显示全部楼层 · 发表于 2019-7-2 14:50:51

卡巴

d1.exe - Trojan-Ransom.Win32.Crypren.aflv

显示全部楼层 · 发表于 2019-7-2 15:02:06

火绒5.0公测
both
Ransom/Crysis.a

显示全部楼层 · 发表于 2019-7-2 16:21:38

Jirehlov1234 发表于 2019-7-2 14:50
卡巴

d1.exe - Trojan-Ransom.Win32.Crypren.aflv

卡巴已全部入库

显示全部楼层 · 发表于 2019-7-2 16:29:22

BD

双击后系统蓝屏

显示全部楼层 · 发表于 2019-7-2 17:17:20

Cylance

显示全部楼层 · 发表于 2019-7-2 17:30:40

Avast

显示全部楼层 · 发表于 2019-7-2 17:31:52

G DATA

AVA 25.22625
GD 25.15453
*** Process ***
Process: 3100
File name: d.exe
Path: C:\Users\promi\AppData\Local\Temp\BNZ.5d1b2410c698d\d.exe
Publisher: Unknown publisher
Creation date: 2019年7月2日 17:29:56
Modification date: 2019年7月2日 6:06:05
Started by: Bandizip.exe
Publisher: Bandisoft
*** Actions ***
A packer was run on the program file, possibly to conceal malicious content.
The program is trying to create a startup item to launch a program automatically at system startup.
The program has created or manipulated an executable file.
The program has read data from its own program file.
The program created a copy of itself.
An executable file was stored in a suspicious location.
A suspicious location is referenced in startup.

复制代码

The file was disinfected.
File: C:\Users\promi\AppData\Local\Temp\BNZ.5d1b2410c698d\d1.exe
Virus: Trojan.GenericKD.32106789 (Engine A), Win32.Trojan.Agent.QKYQHO (Engine B)
Engines: Engine A: AVA 25.22625, Engine B: GD 25.15453

复制代码

显示全部楼层 · 发表于 2019-7-2 17:34:49

WD

[病毒样本] Ransom.Dharma (19.07.02)