Avira
扫描开始时间: 2019-09-15 09:22:08
09/15/2019,09:22:13.124 [INFO] FP 报告文件 'C:\Users\Administrator\Desktop\EXE样本10X_6\Samp(1).vir' 的“无误报”状态 [I:10, S:111]
09/15/2019,09:22:13.128 [INFO] C:\Users\Administrator\Desktop\EXE样本10X_6\Samp(1).vir
09/15/2019,09:22:13.129 [INFO] [DETECTION] file contains 'TR/Kryptik.kovcj'
09/15/2019,09:22:36.780 [INFO] FP 报告文件 'C:\Users\Administrator\Desktop\EXE样本10X_6\Samp(10).vir' 的“无误报”状态 [I:10, S:111]
09/15/2019,09:22:36.928 [INFO] Cloud SDK 初始化和许可证检查成功. [I:2, S:0]
09/15/2019,09:22:36.929 [INFO] 文件 'C:\Users\Administrator\Desktop\EXE样本10X_6\Samp(10).vir' 已上传至 Protection Cloud 并已进行分析。 SHA256 = 947257766E308221FDF0162BF85227A9E78115C45282623BEEEE79A1ABACE0D5 [I:2, S:0]
09/15/2019,09:22:36.931 [INFO] C:\Users\Administrator\Desktop\EXE样本10X_6\Samp(10).vir
09/15/2019,09:22:36.932 [INFO] [DETECTION] file contains 'HEUR/APC'
09/15/2019,09:22:39.240 [INFO] FP 报告文件 'C:\Users\Administrator\Desktop\EXE样本10X_6\Samp(2).vir' 的“无误报”状态 [I:10, S:111]
09/15/2019,09:22:39.262 [INFO] 文件已通过 Protection Cloud扫描。 SHA256 = C:\Users\Administrator\Desktop\EXE样本10X_6\Samp(2).vir [I:2, S:0]
09/15/2019,09:22:39.264 [INFO] C:\Users\Administrator\Desktop\EXE样本10X_6\Samp(2).vir
09/15/2019,09:22:39.265 [INFO] [DETECTION] file contains 'TR/Redcap.ladiq'
09/15/2019,09:23:00.937 [INFO] FP 报告文件 'C:\Users\Administrator\Desktop\EXE样本10X_6\Samp(3).vir' 的“无误报”状态 [I:10, S:111]
09/15/2019,09:23:00.972 [INFO] 文件 'C:\Users\Administrator\Desktop\EXE样本10X_6\Samp(3).vir' 已上传至 Protection Cloud 并已进行分析。 SHA256 = D2CB829F5030D95DD036A0122BFCCF18F17FCDD030DD7C5032582FE65836A5B8 [I:2, S:0]
09/15/2019,09:23:01.002 [INFO] C:\Users\Administrator\Desktop\EXE样本10X_6\Samp(3).vir
09/15/2019,09:23:01.003 [INFO] [DETECTION] file contains 'TR/Crypt.Agent.ynvoi'
09/15/2019,09:23:01.369 [INFO] FP 报告文件 'C:\Users\Administrator\Desktop\EXE样本10X_6\Samp(4).vir' 的“无误报”状态 [I:10, S:111]
09/15/2019,09:23:01.373 [INFO] C:\Users\Administrator\Desktop\EXE样本10X_6\Samp(4).vir
09/15/2019,09:23:01.374 [INFO] [DETECTION] file contains 'HEUR/AGEN.1043700'
09/15/2019,09:23:02.078 [INFO] FP 报告文件 'C:\Users\Administrator\Desktop\EXE样本10X_6\Samp(5).vir' 的“无误报”状态 [I:10, S:111]
09/15/2019,09:23:02.089 [INFO] 文件已通过 Protection Cloud扫描。 SHA256 = C:\Users\Administrator\Desktop\EXE样本10X_6\Samp(5).vir [I:2, S:0]
09/15/2019,09:23:02.094 [INFO] C:\Users\Administrator\Desktop\EXE样本10X_6\Samp(5).vir
09/15/2019,09:23:02.095 [INFO] [DETECTION] file contains 'TR/Crypt.Agent.stayu'
09/15/2019,09:23:07.415 [INFO] FP 报告文件 'C:\Users\Administrator\Desktop\EXE样本10X_6\Samp(6).vir' 的“无误报”状态 [I:10, S:111]
09/15/2019,09:23:07.453 [INFO] 文件已通过 Protection Cloud扫描。 SHA256 = C:\Users\Administrator\Desktop\EXE样本10X_6\Samp(6).vir [I:2, S:0]
09/15/2019,09:23:07.454 [INFO] C:\Users\Administrator\Desktop\EXE样本10X_6\Samp(6).vir
09/15/2019,09:23:07.456 [INFO] [DETECTION] file contains 'TR/Redcap.rxqkq'
09/15/2019,09:23:46.937 [WARN] 上传至 Protection Cloud of file 'C:\Users\Administrator\Desktop\EXE样本10X_6\Samp(7).vir' 失败。 SHA256 = 32EFDD69761440E3FA7F03A26A33BA2C7EE330214D4AE578130594CB985A6BAB,错误代码为 0x3FF0021. [I:2, S:100]
09/15/2019,09:23:49.793 [INFO] FP 报告文件 'C:\Users\Administrator\Desktop\EXE样本10X_6\Samp(8).vir' 的“无误报”状态 [I:10, S:111]
09/15/2019,09:23:49.796 [INFO] C:\Users\Administrator\Desktop\EXE样本10X_6\Samp(8).vir
09/15/2019,09:23:49.797 [INFO] [DETECTION] file contains 'HEUR/AGEN.1043415'
09/15/2019,09:24:18.883 [INFO] FP 报告文件 'C:\Users\Administrator\Desktop\EXE样本10X_6\Samp(9).vir' 的“无误报”状态 [I:10, S:111]
09/15/2019,09:24:19.006 [INFO] 文件已通过 Protection Cloud扫描。 SHA256 = C:\Users\Administrator\Desktop\EXE样本10X_6\Samp(9).vir [I:2, S:0]
09/15/2019,09:24:19.008 [INFO] C:\Users\Administrator\Desktop\EXE样本10X_6\Samp(9).vir
09/15/2019,09:24:19.010 [INFO] [DETECTION] file contains 'TR/Crypt.ZPACK.Gen8'
HitmanPro 3.8.0.292
www.hitmanpro.com
Computer name . . . . : QH-20150516EUNE
Windows . . . . . . . : 6.1.1.7601.X86/4
User name . . . . . . : QH-20150516EUNE\Administrator
UAC . . . . . . . . . : Disabled
License . . . . . . . : Paid (255 days left)
Scan date . . . . . . : 2019-09-15 09:22:15
Scan mode . . . . . . : Context
Scan duration . . . . : 3m 24s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No
Threats . . . . . . . : 9
Objects scanned . . . : 10
Files scanned . . . . : 10
Remnants scanned . . : 0 files / 0 keys
Malware _____________________________________________________________________
C:\Users\Administrator\Desktop\EXE样本10X_6\Samp(1).vir
Size . . . . . . . : 685,568 bytes
Age . . . . . . . : 0.0 days (2019-09-15 09:21:56)
Entropy . . . . . : 6.6
SHA-256 . . . . . : AD77FB358CB29E7B2D25BAF8AAB801B04484FCE0D35ABBDABD6AD28853BA29A0
Product . . . . . : SnakeIO
Publisher
Description . . . : SnakeIO
Version . . . . . : 1.4.4.4
LanguageID . . . . : 0
> Bitdefender . . . : Gen:Variant.MSILPerseus.194159
> Kaspersky . . . . : HEUR:Trojan.MSIL.Scarsi.gen
> HitmanPro . . . . : Mal/Generic-S
C:\Users\Administrator\Desktop\EXE样本10X_6\Samp(2).vir
Size . . . . . . . : 2,549,248 bytes
Age . . . . . . . : 0.0 days (2019-09-15 09:21:56)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 7DB9A8259D321CDD40BA66328425A58C11547187F2CAE271AAFD7C5874B13020
> Bitdefender . . . : Trojan.GenericKD.32448079
> HitmanPro . . . . : Mal/Generic-S
C:\Users\Administrator\Desktop\EXE样本10X_6\Samp(3).vir
Size . . . . . . . : 496,644 bytes
Age . . . . . . . : 0.0 days (2019-09-15 09:21:56)
Entropy . . . . . : 7.8
SHA-256 . . . . . : D2CB829F5030D95DD036A0122BFCCF18F17FCDD030DD7C5032582FE65836A5B8
> Bitdefender . . . : Trojan.GenericKD.32447630
C:\Users\Administrator\Desktop\EXE样本10X_6\Samp(4).vir
Size . . . . . . . : 610,820 bytes
Age . . . . . . . : 0.0 days (2019-09-15 09:21:56)
Entropy . . . . . : 6.5
SHA-256 . . . . . : 68EF20A076963A65E27171F4A57977E8DFAC76CE8D6C37DDE8F9E878620FE22A
Version . . . . . : 1.0.0.1
Copyright . . . . : Ssdfd (c) 2019
> HitmanPro . . . . : Mal/GandCrab-G
C:\Users\Administrator\Desktop\EXE样本10X_6\Samp(5).vir
Size . . . . . . . : 658,432 bytes
Age . . . . . . . : 0.0 days (2019-09-15 09:21:56)
Entropy . . . . . : 6.7
SHA-256 . . . . . : 85C886E2039791F85FDF3E9FE0E770F13EC0F7C0329FD6169F4C5D8E4539B219
Product . . . . . : Its
Publisher . . . . : ConocoPhillips
Description . . . : Philosophies Anistrpic Sprite Bumpmapping Quick Reassure
Version . . . . . : 4.2.5.6
Copyright . . . . : (c) 2015 Company ConocoPhillips
LanguageID . . . . : 1033
> Bitdefender . . . : Gen:Variant.Fugrafa.4267
C:\Users\Administrator\Desktop\EXE样本10X_6\Samp(6).vir
Size . . . . . . . : 2,302,464 bytes
Age . . . . . . . : 0.0 days (2019-09-15 09:21:56)
Entropy . . . . . : 8.0
SHA-256 . . . . . : EEE52AD7F2C13FE0DC5B3A76EF5BC77973B35C2A593F6CB8FC2ED225D2D04A26
> Bitdefender . . . : Trojan.GenericKD.41759138
> HitmanPro . . . . : Mal/Generic-S
C:\Users\Administrator\Desktop\EXE样本10X_6\Samp(7).vir
Size . . . . . . . : 433,152 bytes
Age . . . . . . . : 0.0 days (2019-09-15 09:21:57)
Entropy . . . . . : 7.9
SHA-256 . . . . . : 32EFDD69761440E3FA7F03A26A33BA2C7EE330214D4AE578130594CB985A6BAB
> Bitdefender . . . : Generic.Application.CoinMiner.1.9A829C66
> Kaspersky . . . . : not-a-virus:HEUR:RiskTool.Win32.BitMiner.gen
C:\Users\Administrator\Desktop\EXE样本10X_6\Samp(8).vir
Size . . . . . . . : 459,264 bytes
Age . . . . . . . : 0.0 days (2019-09-15 09:21:57)
Entropy . . . . . : 6.9
SHA-256 . . . . . : C58119BBCFE1833A78441543AC22B0ACF086C4DAD6782A1F03550DB0565ECA3B
> Bitdefender . . . : Trojan.GenericKD.32447628
> HitmanPro . . . . : Mal/GandCrab-H
C:\Users\Administrator\Desktop\EXE样本10X_6\Samp(9).vir
Size . . . . . . . : 443,392 bytes
Age . . . . . . . : 0.0 days (2019-09-15 09:21:57)
Entropy . . . . . : 6.7
SHA-256 . . . . . : B2AE04F78A4E171F14B8205B21325390CD17D20C950B668E0C56559858F8F8AA
> Bitdefender . . . : Trojan.GenericKD.32310565
> Kaspersky . . . . : HEUR:Trojan.Win32.Generic
> HitmanPro . . . . : Mal/Generic-S
|