EXE样本5X_254

QVM360

RT，未改后缀请小心食用，后果自负。。



载点：https://kafanealg.lanzous.com/ibgvk0d     密码：infected

swizzer

智量清空

a233

Avast清空

温馨小屋

卡巴清空

54ss

BEST
含HD
清空

CHURP

eset

1. 正在扫描日志
   
2. 检测引擎的版本: 21173 (20200416)
   
3. 日期: 2020/4/16  时间: 14:49:40
   
4. 已扫描的磁盘、文件夹和文件: D:\样本\EXE样本5X_254
   
5. D:\样本\EXE样本5X_254\1.exe - MSIL/Kryptik.VLJ 特洛伊木马 的变种 - 通过删除清除 [1]
   
6. D:\样本\EXE样本5X_254\2.exe - MSIL/Bladabindi.AH 蠕虫 的变种 - 通过删除清除 [1]
   
7. D:\样本\EXE样本5X_254\3.exe - Win32/Packed.Enigma.DS 特洛伊木马 的变种 - 通过删除清除 [1]
   
8. D:\样本\EXE样本5X_254\4.exe - MSIL/Kryptik.VLS 特洛伊木马 的变种 - 通过删除清除 [1]
   
9. D:\样本\EXE样本5X_254\5.exe - MSIL/GenKryptik.EIOD 特洛伊木马 的变种 - 通过删除清除 [1]
   
10. 已扫描的对象数: 5
    
11. 检测数: 5
    
12. 已清除对象数: 5
    
13. 完成时间: 14:49:56  总扫描时间: 16 秒 (00:00:16)
    
14. 
    
15. 备注:
    
16. [1] 由于对象中仅包含病毒主体，因此已被删除。

复制代码

huorong

2345杀4个

anthonyqian

诺顿清空

病毒探索者

Malwarebytes


run 2.exe killed

1. Malwarebytes
   
2. www.malwarebytes.com
   
3. 
   
4. -Log Details-
   
5. Scan Date: 4/16/20
   
6. Scan Time: 2:44 PM
   
7. Log File: ad8bb886-7fad-11ea-9184-000c29928d1b.json
   
8. 
   
9. -Software Information-
   
10. Version: 4.1.0.56
    
11. Components Version: 1.0.875
    
12. Update Package Version: 1.0.22522
    
13. License: Trial
    
14. 
    
15. -System Information-
    
16. OS: Windows 10 (Build 18362.752)
    
17. CPU: x64
    
18. File System: NTFS
    
19. User: DESKTOP-3Q54DFC\virus
    
20. 
    
21. -Scan Summary-
    
22. Scan Type: Custom Scan
    
23. Scan Initiated By: Manual
    
24. Result: Completed
    
25. Objects Scanned: 5
    
26. Threats Detected: 4
    
27. Threats Quarantined: 0
    
28. Time Elapsed: 0 min, 30 sec
    
29. 
    
30. -Scan Options-
    
31. Memory: Disabled
    
32. Startup: Disabled
    
33. Filesystem: Enabled
    
34. Archives: Enabled
    
35. Rootkits: Disabled
    
36. Heuristics: Enabled
    
37. PUP: Detect
    
38. PUM: Detect
    
39. 
    
40. -Scan Details-
    
41. Process: 0
    
42. (No malicious items detected)
    
43. 
    
44. Module: 0
    
45. (No malicious items detected)
    
46. 
    
47. Registry Key: 0
    
48. (No malicious items detected)
    
49. 
    
50. Registry Value: 0
    
51. (No malicious items detected)
    
52. 
    
53. Registry Data: 0
    
54. (No malicious items detected)
    
55. 
    
56. Data Stream: 0
    
57. (No malicious items detected)
    
58. 
    
59. Folder: 0
    
60. (No malicious items detected)
    
61. 
    
62. File: 4
    
63. Trojan.RNDCrypt.MSIL.Generic, C:\USERS\VIRUS\DOWNLOADS\EXE样本5X_254\5.EXE, No Action By User, 10426, 811883, 1.0.22522, , ame,
    
64. Spyware.AgentTesla, C:\USERS\VIRUS\DOWNLOADS\EXE样本5X_254\1.EXE, No Action By User, 3978, 811433, 1.0.22522, , ame,
    
65. Spyware.AgentTesla, C:\USERS\VIRUS\DOWNLOADS\EXE样本5X_254\4.EXE, No Action By User, 3978, 811286, 1.0.22522, , ame,
    
66. Spyware.PoullightStealer, C:\USERS\VIRUS\DOWNLOADS\EXE样本5X_254\3.EXE, No Action By User, 8960, 811718, 1.0.22522, 7, dds, 00678574
    
67. 
    
68. Physical Sector: 0
    
69. (No malicious items detected)
    
70. 
    
71. WMI: 0
    
72. (No malicious items detected)
    
73. 
    
74. 
    
75. (end)

复制代码

杀软小白鼠

FortiClient清空
EXE样本5X_254\1.exe, virus found: MSIL/MSIL.OIX!tr, action: Remove/quarantine
EXE样本5X_254\2.exe, virus found: MSIL/Agent.LI!tr, action: Remove/quarantine
EXE样本5X_254\3.exe, virus found: W32/PossibleThreat, action: Remove/quarantine
EXE样本5X_254\4.exe, virus found: MSIL/Kryptik.VLS!tr, action: Remove/quarantine
EXE样本5X_254\5.exe, virus found: MSIL/Kryptik.VCR!tr, action: Remove/quarantine