搜索
查看: 513|回复: 11
收起左侧

[病毒样本] EXE样本5X_202

[复制链接]
SayWhat13
发表于 2020-3-25 23:20:38 | 显示全部楼层
本帖最后由 SayWhat13 于 2020-3-25 23:24 编辑

malwarebytes
File: 11
Trojan.GuLoader.VB, C:\USERS\PRESTON\DESKTOP\EXE样本5X_202\MD5\1.EXE, No Action By User, 9169, 803428, 1.0.21348, , ame,
MachineLearning/Anomalous.100%, C:\USERS\PRESTON\DESKTOP\EXE样本5X_202\ASPACK\2.EXE, No Action By User, 0, 392687, 1.0.21348, , shuriken,
Generic.Malware/Suspicious, C:\USERS\PRESTON\DESKTOP\EXE样本5X_202\ORIGINAL\2.EXE, No Action By User, 0, 392686, 1.0.21348, , shuriken,
MachineLearning/Anomalous.97%, C:\USERS\PRESTON\DESKTOP\EXE样本5X_202\ASPACK\4.EXE, No Action By User, 0, 392687, 1.0.21348, , shuriken,
MachineLearning/Anomalous.95%, C:\USERS\PRESTON\DESKTOP\EXE样本5X_202\ASPACK\1.EXE, No Action By User, 0, 392687, 1.0.21348, , shuriken,
MachineLearning/Anomalous.97%, C:\USERS\PRESTON\DESKTOP\EXE样本5X_202\ASPACK\3.EXE, No Action By User, 0, 392687, 1.0.21348, , shuriken,
MachineLearning/Anomalous.97%, C:\USERS\PRESTON\DESKTOP\EXE样本5X_202\UPX\2.EXE, No Action By User, 0, 392687, 1.0.21348, , shuriken,
Trojan.GuLoader.VB, C:\USERS\PRESTON\DESKTOP\EXE样本5X_202\ORIGINAL\1.EXE, No Action By User, 9169, 803428, 1.0.21348, , ame,
Trojan.Crypt.MSIL, C:\USERS\PRESTON\DESKTOP\EXE样本5X_202\MD5\5.EXE, No Action By User, 5158, 803742, 1.0.21348, AC17DCD84F1B1509B388F907, dds, 00647414
Trojan.Crypt.MSIL, C:\USERS\PRESTON\DESKTOP\EXE样本5X_202\ORIGINAL\5.EXE, No Action By User, 5158, 803742, 1.0.21348, AC17DCD84F1B1509B388F907, dds, 00647414
Trojan.MalPack.VMP, C:\USERS\PRESTON\DESKTOP\EXE样本5X_202\VMPROTECT\1.VMP.EXE, No Action By User, 7386, 803698, 1.0.21348, 000000000000000000000003, dds, 00647414

miss:
aspack: none
md5:2 3 4
original:3 4
upx: 1 3 4
vmprotect: 2 3 4
ZProtect乱序代码: 1 2 3 4
ZProtect虚拟代码: 1 2 3 4


评分

参与人数 1人气 +1 收起 理由
QVM360 + 1 沙发加分!

查看全部评分

LSPD
发表于 2020-3-25 23:25:09 | 显示全部楼层
本帖最后由 LSPD 于 2020-3-25 23:27 编辑

Avira 清空
a233
发表于 2020-3-25 23:28:43 | 显示全部楼层
本帖最后由 a233 于 2020-3-25 23:38 编辑

Avast
流式更新没连上,扫描的结果可能跟实际有偏差
Original 4/5
MD5 3/5
UPX 0/4
ZProtect虚拟代码 3/4
ZProtect乱序代码 3/4
ASPack 0/4
VMP 1/4
双击就不了,上报


QVM360
 楼主| 发表于 2020-3-25 23:29:40 | 显示全部楼层
火绒0
初中生一枚
发表于 2020-3-25 23:53:54 | 显示全部楼层

瑞星安全云终端:俺也一样
似乎火绒和瑞星的离线查杀率差不多(可能火绒稍微强一点),因为这俩同为瑞星系吗?
杰伦J时代
发表于 2020-3-25 23:59:10 | 显示全部楼层

监控清空吗?厉害啊
LSPD
发表于 2020-3-26 00:03:49 | 显示全部楼层
杰伦J时代 发表于 2020-3-25 23:59
监控清空吗?厉害啊

大部分是双击
杰伦J时代
发表于 2020-3-26 00:08:22 | 显示全部楼层

厉害啊
初中生一枚
发表于 2020-3-26 00:19:48 | 显示全部楼层
补个图
难兄难弟.jpg

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 苏ICP备07004770号 ) GMT+8, 2020-4-6 12:26 , Processed in 1.340270 second(s), 18 queries .

快速回复 返回顶部 返回列表