EXE样本5X_358

暗_黑

RT，未改后缀请小心食用，后果自负。。


链接：https://beitar.lanzous.com/iT3diedo3rg

不小心双击到了其中的一个感染，俺去全盘扫描了

欧阳宣

BEST
AI:Fynloski.37169.03BCF0BB11
AI:Fynloski.37169.03BCF0BB11
Dropped:Trojan.GenericKD.32840913
Gen:Variant.Zusy.308671
Gen:Variant.Ransom.Samas.9

川建国代理人

智量Kill All

1. 2020-07-07 14:13:43 E:\桌面\be63cc77165fda170645c340140741202f7265132c12ed2da4489319f56d3a88.exe                          Heur.ML.PE.A        
   
2. 2020-07-07 14:13:38 E:\桌面\88dd3b2c467d2b79d65fead83628c4d71abd595bb28a186936d1785d652e7b2a.exe                          Heur.ML.PE.A        
   
3. 2020-07-07 14:13:34 E:\桌面\5165c729a7c6c782ec80b4d1f63569a9d2a752651a091f0437f399ee43d69e8f.exe                          Trojan.Generic      
   
4. 2020-07-07 14:13:30 E:\桌面\3a21cab67069a27ada1ca75fa90aa5c9bcc02babf441731b4053108a6b011fd5.exe                          Heur.ML.PE.C        
   
5. 2020-07-07 14:13:22 E:\桌面\2517d8a3fb890170f0a2bf5f10f0f038bf5d827abb37ab3b1fb7927e41589c71.exe                          Heur.ML.PE.A

复制代码

暗_黑

欧阳宣 发表于 2020-7-7 14:13
BEST
AI:Fynloski.37169.03BCF0BB11
AI:Fynloski.37169.03BCF0BB11

AI开头的是机学？

救命稻草

NT狼狼

金山毒霸

Miostartos

FSP 5/5

1. TR/Kryptik.5165c7
   
2. 
   
3.     D:\test\123\5165c729a7c6c782ec80b4d1f63569a9d2a752651a091f0437f399ee43d69e8f.exe: 已清除
   
4. 
   
5. Heuristic.HEUR/AGEN.1121262
   
6. 
   
7.     D:\test\123\3a21cab67069a27ada1ca75fa90aa5c9bcc02babf441731b4053108a6b011fd5.exe: 已清除
   
8. 
   
9. Trojan:W97M/MaliciousMacro.GEN
   
10. 
    
11.     D:\test\123\2517d8a3fb890170f0a2bf5f10f0f038bf5d827abb37ab3b1fb7927e41589c71.exe\[5] xl/vbaProject.bin: 已跳过
    
12. 
    
13. Trojan.TR/Spy.Gen
    
14. 
    
15.     D:\test\123\be63cc77165fda170645c340140741202f7265132c12ed2da4489319f56d3a88.exe: 已清除
    
16. 
    
17. Trojan.TR/Spy.Gen
    
18. 
    
19.     D:\test\123\88dd3b2c467d2b79d65fead83628c4d71abd595bb28a186936d1785d652e7b2a.exe: 已清除
    
20. 
    
21. Dropper.DR/Delphi.Gen
    
22. 
    
23.     D:\test\123\2517d8a3fb890170f0a2bf5f10f0f038bf5d827abb37ab3b1fb7927e41589c71.exe: 已清除
    

复制代码

wjy19800315

360杀毒

静影沉璧

rogersg

ESET 5×

1. Time;Scanner;Object type;Object;Detection;Action;User;Information;Hash;First seen here
   
2. 2020/7/7 14:33:26;Real-time file system protection;file;D:\Users\Admin\Desktop\EXE样本5X_358\2517d8a3fb890170f0a2bf5f10f0f038bf5d827abb37ab3b1fb7927e41589c71.exe;Win32/Delf.NBX virus;deleted;DESKTOP-CMJROL5\Admin;Event occurred on a new file created by the application: C:\Program Files\Bandizip\Bandizip.exe (CF6614F47F30D531089245146C2DBE44ED327C76).;061FC394CAB2F74CCD139F4008BCA75B363140F5;2020/7/7 12:05:01
   
3. 2020/7/7 14:33:30;Real-time file system protection;file;D:\Users\Admin\Desktop\EXE样本5X_358\88dd3b2c467d2b79d65fead83628c4d71abd595bb28a186936d1785d652e7b2a.exe;Win32/SchwarzeSonne.AX trojan;cleaned by deleting;DESKTOP-CMJROL5\Admin;Event occurred on a new file created by the application: C:\Program Files\Bandizip\Bandizip.exe (CF6614F47F30D531089245146C2DBE44ED327C76).;2B0F967C75F85AAB571A1790BC224B3D6A67D28B;2020/7/7 10:44:03
   
4. 2020/7/7 14:33:33;Real-time file system protection;file;D:\Users\Admin\Desktop\EXE样本5X_358\be63cc77165fda170645c340140741202f7265132c12ed2da4489319f56d3a88.exe;Win32/SchwarzeSonne.AX trojan;cleaned by deleting;DESKTOP-CMJROL5\Admin;Event occurred on a new file created by the application: C:\Program Files\Bandizip\Bandizip.exe (CF6614F47F30D531089245146C2DBE44ED327C76).;82411DBC219E1358DA841A9ABF0477A0482C0AA7;2020/7/7 10:35:02
   
5. 2020/7/7 14:33:36;Real-time file system protection;file;D:\Users\Admin\Desktop\EXE样本5X_358\3a21cab67069a27ada1ca75fa90aa5c9bcc02babf441731b4053108a6b011fd5.exe;a variant of MSIL/Agent.CFQ trojan;cleaned by deleting;DESKTOP-CMJROL5\Admin;Event occurred on a new file created by the application: C:\Program Files\Bandizip\Bandizip.exe (CF6614F47F30D531089245146C2DBE44ED327C76).;113EF6D96E63B2E7502F040A675D3CD500A39019;2020/7/7 12:54:20
   
6. 2020/7/7 14:33:38;Real-time file system protection;file;D:\Users\Admin\Desktop\EXE样本5X_358\5165c729a7c6c782ec80b4d1f63569a9d2a752651a091f0437f399ee43d69e8f.exe;a variant of Win32/Injector.EMOL trojan;cleaned by deleting;DESKTOP-CMJROL5\Admin;Event occurred on a new file created by the application: C:\Program Files\Bandizip\Bandizip.exe (CF6614F47F30D531089245146C2DBE44ED327C76).;05945E9F381E8C1BDCE07DDE4CDF4FC109995656;2020/7/7 12:18:02

复制代码