查看: 1276|回复: 6
收起左侧

[病毒样本] VALAK INFECTION WITH ICEDID (BOKBOT)

[复制链接]
YorkWaugh
发表于 2020-5-9 21:03:04 | 显示全部楼层 |阅读模式
本帖最后由 YorkWaugh 于 2020-5-9 21:22 编辑

https://ww.lanzous.com/icfm7ja  infected
Nocria
发表于 2020-5-9 21:06:11 | 显示全部楼层
本帖最后由 Nocria 于 2020-5-9 21:11 编辑

IKARUS - 5/17

  1. [09.05.2020 21:09:44] On-demand scan started: "user_defined"
  2. [09.05.2020 21:09:44] Found, 0.141s, SigName: "Trojan-Banker.UrSnif", SigId: 3734976, Type: "VIRUS", File: "C:\Users\promi\Desktop\2020-05-07-Valak-with-IcedID-malware-and-artifacts\2020-05-07-Alternate-Data-Stream-from-PowerManagerSpm.jar.bin"
  3. [09.05.2020 21:09:44] Found, 0.47s, SigName: "Trojan-Banker.UrSnif", SigId: 3734976, Type: "VIRUS", File: "C:\Users\promi\Desktop\2020-05-07-Valak-with-IcedID-malware-and-artifacts\2020-05-07-file.dll.bin"
  4. [09.05.2020 21:09:44] Found, 0.00s, SigName: "Trojan.Win32.Krypt", SigId: 300337296, Type: "VIRUS", File: "C:\Users\promi\Desktop\2020-05-07-Valak-with-IcedID-malware-and-artifacts\2020-05-07-initial-DLL-for-Valak.bin"
  5. [09.05.2020 21:09:44] Found, 0.00s, SigName: "Trojan.Agent", SigId: 300426828, Type: "VIRUS", File: "C:\Users\promi\Desktop\2020-05-07-Valak-with-IcedID-malware-and-artifacts\2020-05-07-scheduled-task-for-Valak-1-of-2.txt"
  6. [09.05.2020 21:09:44] Found, 0.00s, SigName: "Trojan.JS.Agent", SigId: 300426540, Type: "VIRUS", File: "C:\Users\promi\Desktop\2020-05-07-Valak-with-IcedID-malware-and-artifacts\2020-05-07-script-file-for-Valak-infection-s2to.0.txt"
  7. [09.05.2020 21:09:44] On-demand scan FINISHED: "user_defined"
  8. [09.05.2020 21:09:44] ----------------------------------------------------
  9. [09.05.2020 21:09:44] Directories scanned: 1
  10. [09.05.2020 21:09:44] Files scanned: 27
  11. [09.05.2020 21:09:44] Virus found: 5
  12. [09.05.2020 21:09:44] ----------------------------------------------------
复制代码



fdsax
发表于 2020-5-9 21:06:29 | 显示全部楼层
g data 8x

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
a233
发表于 2020-5-9 21:10:30 | 显示全部楼层
AVG 5X

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
wuming_bpnes
发表于 2020-5-9 21:11:21 | 显示全部楼层
蜘蛛miss
YorkWaugh
 楼主| 发表于 2020-5-9 21:37:17 | 显示全部楼层
智量5x
  1. 2020-05-09 21:35:36 C:\Users\Lenovo\Desktop\2020-05-07-Valak-with-IcedID-malware-and-artifacts\2020-05-07-initial-IcedID-EXE-on-infected-Windows-host.bin Trojan.Generic      
  2. 2020-05-09 21:35:36 C:\Users\Lenovo\Desktop\2020-05-07-Valak-with-IcedID-malware-and-artifacts\2020-05-07-initial-DLL-for-Valak.bin Trojan.Generic      
  3. 2020-05-09 21:35:36 C:\Users\Lenovo\Desktop\2020-05-07-Valak-with-IcedID-malware-and-artifacts\2020-05-07-IcedID-EXE-persistent-on-infected-Windows-host.bin Trojan.Generic      
  4. 2020-05-09 21:35:36 C:\Users\Lenovo\Desktop\2020-05-07-Valak-with-IcedID-malware-and-artifacts\2020-05-07-file.dll.bin  Trojan.Generic      
  5. 2020-05-09 21:35:36 C:\Users\Lenovo\Desktop\2020-05-07-Valak-with-IcedID-malware-and-artifacts\2020-05-07-Alternate-Data-Stream-from-PowerManagerSpm.jar.bin Heur.ML.PE.A        
复制代码
LSPD
发表于 2020-5-10 12:26:42 | 显示全部楼层
Kaspersky

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-3-28 21:48 , Processed in 0.131363 second(s), 17 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表