本帖最后由 SayWhat13 于 2020-3-25 23:24 编辑
malwarebytes
File: 11
Trojan.GuLoader.VB, C:\USERS\PRESTON\DESKTOP\EXE样本5X_202\MD5\1.EXE, No Action By User, 9169, 803428, 1.0.21348, , ame,
MachineLearning/Anomalous.100%, C:\USERS\PRESTON\DESKTOP\EXE样本5X_202\ASPACK\2.EXE, No Action By User, 0, 392687, 1.0.21348, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PRESTON\DESKTOP\EXE样本5X_202\ORIGINAL\2.EXE, No Action By User, 0, 392686, 1.0.21348, , shuriken,
MachineLearning/Anomalous.97%, C:\USERS\PRESTON\DESKTOP\EXE样本5X_202\ASPACK\4.EXE, No Action By User, 0, 392687, 1.0.21348, , shuriken,
MachineLearning/Anomalous.95%, C:\USERS\PRESTON\DESKTOP\EXE样本5X_202\ASPACK\1.EXE, No Action By User, 0, 392687, 1.0.21348, , shuriken,
MachineLearning/Anomalous.97%, C:\USERS\PRESTON\DESKTOP\EXE样本5X_202\ASPACK\3.EXE, No Action By User, 0, 392687, 1.0.21348, , shuriken,
MachineLearning/Anomalous.97%, C:\USERS\PRESTON\DESKTOP\EXE样本5X_202\UPX\2.EXE, No Action By User, 0, 392687, 1.0.21348, , shuriken,
Trojan.GuLoader.VB, C:\USERS\PRESTON\DESKTOP\EXE样本5X_202\ORIGINAL\1.EXE, No Action By User, 9169, 803428, 1.0.21348, , ame,
Trojan.Crypt.MSIL, C:\USERS\PRESTON\DESKTOP\EXE样本5X_202\MD5\5.EXE, No Action By User, 5158, 803742, 1.0.21348, AC17DCD84F1B1509B388F907, dds, 00647414
Trojan.Crypt.MSIL, C:\USERS\PRESTON\DESKTOP\EXE样本5X_202\ORIGINAL\5.EXE, No Action By User, 5158, 803742, 1.0.21348, AC17DCD84F1B1509B388F907, dds, 00647414
Trojan.MalPack.VMP, C:\USERS\PRESTON\DESKTOP\EXE样本5X_202\VMPROTECT\1.VMP.EXE, No Action By User, 7386, 803698, 1.0.21348, 000000000000000000000003, dds, 00647414
miss:
aspack: none
md5:2 3 4
original:3 4
upx: 1 3 4
vmprotect: 2 3 4
ZProtect乱序代码: 1 2 3 4
ZProtect虚拟代码: 1 2 3 4
|
发表于 2020-3-25 23:15:19
发表于 2020-3-25 23:20:38
楼主
