搜索
查看: 1114|回复: 21
收起左侧

[病毒样本] Ransom.ExpBoot#2 (19.07.08)

[复制链接]
petr0vic
发表于 2019-7-9 02:47:19 | 显示全部楼层 |阅读模式
https://c-t.work/s/d8c8fa335f3b4c

infected

https://twitter.com/petrovic082/status/1148300229051113473

Please send samples to vendors after the test
petr0vic
 楼主| 发表于 2019-7-9 04:05:06 | 显示全部楼层
Q: What is wrong with my file?\r\nA: Oops, your important files are encrypted. This means you will no longer be able to access them until you decrypt them.\r\nIf you follow our instructions, we guarantee that you can decrypt all files quickly and safely!\r\n\r\nQ: What should I do?\r\nA: First of all, you need to pay a service fee for decryption, a total of 10,000 batteries.\r\nPlease charge 10,000 batteries to this user (UID: 185636167)\r\nFollow the instructions! (You may need to temporarily disable anti-virus software.)\r\nAfter opening the link, click the charging button on the right to charge 10,000 batteries and leave a message for your contact. (only for your email)\r\n\r\nQ: How can I believe it?\r\nA: Don't worry about decryption.\r\nWe will definitely decrypt your files, because if we deceive users, no one will trust us.
  1. xxxs://space.bilibili.com/185636167
复制代码


Jirehlov1234
发表于 2019-7-9 06:39:13 | 显示全部楼层
09.07.2019 06.38.19;检测到的对象 ( 文件 ) 已删除;E:\TEST\Vir (1)\exp.exe;E:\TEST\Vir (1)\exp.exe;UDS:Trojan-Ransom.MSIL.Encoder.gen

09.07.2019 06.38.19;检测到的对象 ( 文件 ) 已移动至隔离;E:\TEST\Vir (1)\exp1.exe;E:\TEST\Vir (1)\exp1.exe;UDS:Trojan-Ransom.MSIL.Encoder.gen
www-tekeze
发表于 2019-7-9 07:43:25 | 显示全部楼层
智量Heur清空,火绒miss all,有空双击。。

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
liangxy
发表于 2019-7-9 08:25:15 | 显示全部楼层
eset miss all
Nocria
发表于 2019-7-9 08:46:01 | 显示全部楼层
To ESET.
  1. <div>2019/7/9 8:44:39;ESET Kernel;File  'C:\Users\promi\Desktop\Vir\exp.exe' was sent to ESET for analysis.;SYSTEM</div><div>2019/7/9 8:44:46;ESET Kernel;File  'C:\Users\promi\Desktop\Vir\exp1.exe' was sent to ESET for analysis.;SYSTEM</div>
复制代码


桑德尔
发表于 2019-7-9 08:55:51 | 显示全部楼层
ESET Miss
B100D1E55
发表于 2019-7-9 09:16:53 | 显示全部楼层

才夸了一下就二次扑街,刚刚提交了样本……
a233
发表于 2019-7-9 09:20:44 | 显示全部楼层
Avast Miss all
双击exp.exe  防御成功


exp1.exe  防御成功


本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛|卡饭乐购| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 苏ICP备07004770号 ) GMT+8, 2019-9-23 19:48 , Processed in 0.048280 second(s), 4 queries , MemCache On.

快速回复 返回顶部 返回列表