查看: 1978|回复: 16
收起左侧

[病毒样本] 样本集病毒包20200617 34X

[复制链接]
岚Azure
发表于 2020-6-17 10:07:49 | 显示全部楼层 |阅读模式
本帖最后由 岚Azure 于 2020-6-17 10:09 编辑

通过Kaspersky Endpoint Security进行了AES256加密。
https://c-t.work/s/e5918c1a738640
取件码ycf68p

双击如下图文件:

输入密码:Qwe123456789!

然后选择解压目录。








本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x

评分

参与人数 1人气 +1 收起 理由
www-tekeze + 1 版区有你更精彩: )

查看全部评分

Nocria
发表于 2020-6-17 10:16:29 | 显示全部楼层
本帖最后由 Nocria 于 2020-6-17 20:06 编辑

IKARUS - 30/34
  1. [17.06.2020 20:06:03] On-demand scan started: "user_defined"
  2. [17.06.2020 20:06:03] Found, 0.16s, SigName: "Trojan.Win32.Krypt", SigId: 303922516, Type: "VIRUS", File: "C:\Users\promi\Desktop\New folder\样本集\40958169.dat"
  3. [17.06.2020 20:06:03] Found, 0.141s, SigName: "Trojan.SuspectCRC", SigId: 303210207, Type: "VIRUS", File: "C:\Users\promi\Desktop\New folder\样本集\93296.exe"
  4. [17.06.2020 20:06:03] Found, 0.156s, SigName: "Trojan-Banker.Cridex", SigId: 3763232, Type: "VIRUS", File: "C:\Users\promi\Desktop\New folder\样本集\aspyogiv.dll"
  5. [17.06.2020 20:06:03] Found, 0.32s, SigName: "Trojan.Agent", SigId: 303926222, Type: "VIRUS", File: "C:\Users\promi\Desktop\New folder\样本集\downloaded-zip-archive-for-Qakbot-spx139.bin"
  6. [17.06.2020 20:06:03] Found, 0.32s, SigName: "Trojan-Downloader.VBA.Agent", SigId: 303256942, Type: "VIRUS", File: "C:\Users\promi\Desktop\New folder\样本集\e-vote_form_2215.doc"
  7. [17.06.2020 20:06:03] Found, 0.00s, SigName: "Trojan-Downloader.VBA.Agent", SigId: 303310714, Type: "VIRUS", File: "C:\Users\promi\Desktop\New folder\样本集\e-vote_form_25518.doc"
  8. [17.06.2020 20:06:03] Found, 0.15s, SigName: "Trojan-Downloader.VBA.Agent", SigId: 303310712, Type: "VIRUS", File: "C:\Users\promi\Desktop\New folder\样本集\e-vote_form_3019.doc"
  9. [17.06.2020 20:06:03] Found, 0.15s, SigName: "Trojan-Downloader.VBA.Agent", SigId: 303310708, Type: "VIRUS", File: "C:\Users\promi\Desktop\New folder\样本集\e-vote_form_3142.doc"
  10. [17.06.2020 20:06:03] Found, 0.00s, SigName: "Trojan-Downloader.VBA.Agent", SigId: 303310732, Type: "VIRUS", File: "C:\Users\promi\Desktop\New folder\样本集\e-vote_form_35354.doc"
  11. [17.06.2020 20:06:03] Found, 0.00s, SigName: "Trojan-Downloader.VBA.Agent", SigId: 303310718, Type: "VIRUS", File: "C:\Users\promi\Desktop\New folder\样本集\e-vote_form_44875.doc"
  12. [17.06.2020 20:06:03] Found, 0.00s, SigName: "Trojan-Downloader.VBA.Agent", SigId: 303310726, Type: "VIRUS", File: "C:\Users\promi\Desktop\New folder\样本集\e-vote_form_54899.doc"
  13. [17.06.2020 20:06:03] Found, 0.00s, SigName: "Trojan-Downloader.VBA.Agent", SigId: 303310722, Type: "VIRUS", File: "C:\Users\promi\Desktop\New folder\样本集\e-vote_form_54947.doc"
  14. [17.06.2020 20:06:03] Found, 0.16s, SigName: "Trojan-Downloader.VBA.Agent", SigId: 303310705, Type: "VIRUS", File: "C:\Users\promi\Desktop\New folder\样本集\e-vote_form_5735.doc"
  15. [17.06.2020 20:06:03] Found, 0.16s, SigName: "Trojan-Downloader.VBA.Agent", SigId: 303310731, Type: "VIRUS", File: "C:\Users\promi\Desktop\New folder\样本集\e-vote_form_61478.doc"
  16. [17.06.2020 20:06:03] Found, 0.00s, SigName: "Trojan-Downloader.VBA.Agent", SigId: 303310700, Type: "VIRUS", File: "C:\Users\promi\Desktop\New folder\样本集\e-vote_form_64799.doc"
  17. [17.06.2020 20:06:03] Found, 0.00s, SigName: "Trojan-Downloader.VBA.Agent", SigId: 303310710, Type: "VIRUS", File: "C:\Users\promi\Desktop\New folder\样本集\e-vote_form_67630.doc"
  18. [17.06.2020 20:06:03] Found, 0.00s, SigName: "Trojan-Downloader.VBA.Agent", SigId: 303310736, Type: "VIRUS", File: "C:\Users\promi\Desktop\New folder\样本集\e-vote_form_70738.doc"
  19. [17.06.2020 20:06:03] Found, 0.00s, SigName: "Trojan-Downloader.VBA.Agent", SigId: 303310729, Type: "VIRUS", File: "C:\Users\promi\Desktop\New folder\样本集\e-vote_form_79172.doc"
  20. [17.06.2020 20:06:03] Found, 0.15s, SigName: "Trojan-Downloader.VBA.Agent", SigId: 303310702, Type: "VIRUS", File: "C:\Users\promi\Desktop\New folder\样本集\e-vote_form_79335.doc"
  21. [17.06.2020 20:06:03] Found, 0.15s, SigName: "Trojan-Downloader.VBA.Agent", SigId: 303310720, Type: "VIRUS", File: "C:\Users\promi\Desktop\New folder\样本集\e-vote_form_9458.doc"
  22. [17.06.2020 20:06:03] Found, 0.00s, SigName: "Trojan-Downloader.VBA.Agent", SigId: 303310716, Type: "VIRUS", File: "C:\Users\promi\Desktop\New folder\样本集\e-vote_form_94755.doc"
  23. [17.06.2020 20:06:03] Found, 0.00s, SigName: "Trojan-Downloader.VBA.Agent", SigId: 303310724, Type: "VIRUS", File: "C:\Users\promi\Desktop\New folder\样本集\e-vote_form_97103.doc"
  24. [17.06.2020 20:06:03] Found, 0.47s, SigName: "Trojan.Inject", SigId: 3856318, Type: "VIRUS", File: "C:\Users\promi\Desktop\New folder\样本集\fdtkmgbt.exe"
  25. [17.06.2020 20:06:03] Found, 0.16s, SigName: "Trojan.MSIL.Inject", SigId: 3855502, Type: "VIRUS", File: "C:\Users\promi\Desktop\New folder\样本集\Lokibot-EXE.bin"
  26. [17.06.2020 20:06:03] Found, 0.47s, SigName: "Trojan.Inject", SigId: 3856318, Type: "VIRUS", File: "C:\Users\promi\Desktop\New folder\样本集\original-copy-of-dasfdsfdsf.exe"
  27. [17.06.2020 20:06:04] Found, 0.47s, SigName: "Trojan.TrickBot", SigId: 303310043, Type: "VIRUS", File: "C:\Users\promi\Desktop\New folder\样本集\rdserviceld.glk"
  28. [17.06.2020 20:06:04] Found, 0.16s, SigName: "W97M.Trojan-Downloader.Agent", SigId: 303181657, Type: "VIRUS", File: "C:\Users\promi\Desktop\New folder\样本集\rule-06.20.doc"
  29. [17.06.2020 20:06:04] Found, 0.16s, SigName: "Trojan-Banker.Cridex", SigId: 3763232, Type: "VIRUS", File: "C:\Users\promi\Desktop\New folder\样本集\senate.m4a"
  30. [17.06.2020 20:06:04] Found, 0.00s, SigName: "Trojan.TrickBot", SigId: 303310043, Type: "VIRUS", File: "C:\Users\promi\Desktop\New folder\样本集\service.rre"
  31. [17.06.2020 20:06:04] Found, 0.15s, SigName: "Trojan.VBA.Agent", SigId: 3856313, Type: "VIRUS", File: "C:\Users\promi\Desktop\New folder\样本集\Word-doc-with-macro-for-Lokibot.bin"
  32. [17.06.2020 20:06:04] On-demand scan FINISHED: "user_defined"
  33. [17.06.2020 20:06:04] ----------------------------------------------------
  34. [17.06.2020 20:06:04] Directories scanned: 2
  35. [17.06.2020 20:06:04] Files scanned: 34
  36. [17.06.2020 20:06:04] Virus found: 30
  37. [17.06.2020 20:06:04] ----------------------------------------------------
复制代码




wangyuhe
发表于 2020-6-17 10:38:06 | 显示全部楼层
本帖最后由 wangyuhe 于 2020-6-17 11:24 编辑

是在anyrun上的吗,是的话我今天就不搬了,火绒扫描

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
岚Azure
 楼主| 发表于 2020-6-17 10:40:27 | 显示全部楼层
wangyuhe 发表于 2020-6-17 10:38
是在anyrun上的吗,是的话我今天就不搬了

不是,是analysis。anyrun我这里太慢
wangyuhe
发表于 2020-6-17 10:42:41 | 显示全部楼层
岚Azure 发表于 2020-6-17 10:40
不是,是analysis。anyrun我这里太慢

好的
岚Azure
 楼主| 发表于 2020-6-17 10:52:27 | 显示全部楼层
wangyuhe 发表于 2020-6-17 10:38
是在anyrun上的吗,是的话我今天就不搬了火绒扫描 25X

看来这个网站质量不高
我发这个样本集其实就是想试试卡巴的AES256加密
感觉酷酷的
wangyuhe
发表于 2020-6-17 10:55:55 | 显示全部楼层
岚Azure 发表于 2020-6-17 10:52
看来这个网站质量不高
我发这个样本集其实就是想试试卡巴的AES256加密
感觉酷酷的

问题不大,感觉能搬就好
岚Azure
 楼主| 发表于 2020-6-17 11:09:37 | 显示全部楼层
本帖最后由 岚Azure 于 2020-6-17 11:21 编辑
wangyuhe 发表于 2020-6-17 10:55
问题不大,感觉能搬就好

Drweb翻车,我最开始不信,连续更新三次。还是这个结果。不知道虚拟机没有offce影不影响结果

顺便艾特下这位@761773275

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
anthonyqian
发表于 2020-6-17 11:24:06 | 显示全部楼层
诺顿杀13个。剩余的16个doc双击脚本都被拦截了,calc.exe-copied-over-dasfadfsdf.exe 诺顿分级可信,其他的运行不了。
巍巍
发表于 2020-6-17 11:43:55 | 显示全部楼层
Microsoft Defender Smartscreen拦截下载
KTS扫描剩5个

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-3-28 22:18 , Processed in 0.138422 second(s), 18 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表