ServHelper (19.07.23)

显示全部楼层 · 发表于 2019-7-23 14:55:49

#apt #TA505

显示全部楼层 · 发表于 2019-7-23 15:03:39

Bitdefender

Potentially malicious application blocked
now
Feature:
Advanced Threat Defense
Application cmd.exe has been detected as potentially malicious and was blocked.
Application path: C:\Windows\SysWOW64\cmd.exe

复制代码

Infected webpage detected
now
Feature:
Online Threat Prevention
We blocked this dangerous page for your protection:
http://79.141.168.105/g2
Accessed by: EXCEL.EXE
Threat name: Gen:Variant.Jacard.151762
Dangerous pages attempt to install software that can harm the device, gather personal information or operate without your consent.

复制代码

显示全部楼层 · 发表于 2019-7-23 15:05:08

Rising V17 Downloader.Agent/VBA!1.B8BF

显示全部楼层 · 发表于 2019-7-23 15:08:04

显示全部楼层 · 发表于 2019-7-23 15:18:02

wd scan miss.

显示全部楼层 · 发表于 2019-7-23 16:50:21

都1个多月了还是这个套路
瑞星安全云终端本地引擎杀

P.S. 我加的记录。

显示全部楼层 · 发表于 2019-7-23 16:56:12

TrendMicro 2020 beta: Possible_OLEMAL-1

显示全部楼层 · 发表于 2019-7-23 17:23:10

卡巴

23.07.2019 17.22.46;检测到的对象 ( 文件 ) 已删除;Z:\HesapHareketleri.xls\HesapHareketleri.xls;WinRAR 压缩文件管理器;Z:\HesapHareketleri.xls\HesapHareketleri.xls;07/23/2019 17:22:46;HEUR:Trojan-Dropper.MSOffice.SDrop.gen

显示全部楼层 · 发表于 2019-7-23 17:25:50

SEP kill
ISB.Downloader!gen68

显示全部楼层 · 发表于 2019-7-23 17:43:16

Emsisoft

[病毒样本] ServHelper (19.07.23)

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源