【开放测试】卡饭病毒样本包 20200920 第111期

wwwab

360：引擎全开，14x2345：引擎全开，0x

aboringman

KIS：15X

2849

编辑掉

Shake2333

请把此楼删去，谢谢

Shake2333

测试环境：windows10 2004

测试产品：ESET Internet Security 13.2.18.0

病毒库版本：截至发贴最新

测试项目：实时监控＋扫描

测试配置：标准

结果：监控（14/16） + 扫描（0/0）= 总计 （14/16）=87.5%

截图：

Nocria

IKARUS - 15/16

1. [20.09.2020 11:54:27] On-demand scan started: "user_defined"
   
2. [20.09.2020 11:54:27] Found, 0.00s, SigName: "Trojan.Win32.Crypt", SigId: 312374176, Type: "VIRUS", File: "C:\Users\promi\Desktop\16x (2020-09-20)\16x (2020-09-20)\Kafan_Sample_24e4d25395afc41a3e9b860ae7fca1485ecbd3e432387a62c893412978f9a525.dll"
   
3. [20.09.2020 11:54:27] Found, 0.00s, SigName: "Trojan.VBS.Crypt", SigId: 312468008, Type: "VIRUS", File: "C:\Users\promi\Desktop\16x (2020-09-20)\16x (2020-09-20)\Kafan_Sample_39e10dfbb1141e10968d94c04b281989b9fc38fe3aec8f8c7405c36f441eef42.msi"
   
4. [20.09.2020 11:54:27] Found, 0.16s, SigName: "Trojan.VBA.Agent", SigId: 3927788, Type: "VIRUS", File: "C:\Users\promi\Desktop\16x (2020-09-20)\16x (2020-09-20)\Kafan_Sample_4bf24278b4b75d6c7e9d1f143735ac3518ed659c9dcc3f7aa89d15304af7072e.doc"
   
5. [20.09.2020 11:54:27] Found, 0.16s, SigName: "Trojan.Win32.Krypt", SigId: 312425357, Type: "VIRUS", File: "C:\Users\promi\Desktop\16x (2020-09-20)\16x (2020-09-20)\Kafan_Sample_530001e38045813d7276694c428b64b4dc5a15b77f2b3cc757f64b8d34bcf815.dll"
   
6. [20.09.2020 11:54:27] Found, 0.00s, SigName: "Trojan.Win32.Krypt", SigId: 312429290, Type: "VIRUS", File: "C:\Users\promi\Desktop\16x (2020-09-20)\16x (2020-09-20)\Kafan_Sample_55bc7ae7ab1017eb75387291424a67b9655d52e9357005caacbbb997dada592c.dll"
   
7. [20.09.2020 11:54:27] Found, 0.00s, SigName: "Trojan.Win32.Crypt", SigId: 312374987, Type: "VIRUS", File: "C:\Users\promi\Desktop\16x (2020-09-20)\16x (2020-09-20)\Kafan_Sample_5b3fc1ff5d1316a44070c434404d0293c76742cb8168400e5d79431df9f7b7ef.dll"
   
8. [20.09.2020 11:54:27] Found, 0.00s, SigName: "Trojan.VBA.Agent", SigId: 3927788, Type: "VIRUS", File: "C:\Users\promi\Desktop\16x (2020-09-20)\16x (2020-09-20)\Kafan_Sample_6426e2de29bcbe2f7d9d6588eee823b043b7ca524ed6a87f6484cd36d7c74869.doc"
   
9. [20.09.2020 11:54:27] Found, 0.00s, SigName: "Trojan.Win32.Krypt", SigId: 312425691, Type: "VIRUS", File: "C:\Users\promi\Desktop\16x (2020-09-20)\16x (2020-09-20)\Kafan_Sample_6571b88739b154807adbbe7b8d3ff75543887405f066489fb773a2186b862132.dll"
   
10. [20.09.2020 11:54:27] Found, 0.00s, SigName: "Trojan-Downloader.DOC.Agent", SigId: 312464083, Type: "VIRUS", File: "C:\Users\promi\Desktop\16x (2020-09-20)\16x (2020-09-20)\Kafan_Sample_8800b7fd8e3b6b8e98c14bda53fbdfa5acfe041874345dc9b732f546fcce21c3.xls"
    
11. [20.09.2020 11:54:27] Found, 0.00s, SigName: "possible-Threat.Untrusted.Certificate", SigId: 3927095, Type: "VIRUS", File: "C:\Users\promi\Desktop\16x (2020-09-20)\16x (2020-09-20)\Kafan_Sample_94ba896b284005a58298806bba47f725cdcaa1816b3c79226639cb145bf16886.exe"
    
12. [20.09.2020 11:54:27] Found, 0.16s, SigName: "Trojan.VBA.Agent", SigId: 3927788, Type: "VIRUS", File: "C:\Users\promi\Desktop\16x (2020-09-20)\16x (2020-09-20)\Kafan_Sample_b338bf704cbdcf2cd949974e5c1b76e16df69c975c9736571a6f30753a6f02d2.doc"
    
13. [20.09.2020 11:54:27] Found, 0.00s, SigName: "Trojan.SuspectCRC", SigId: 312379401, Type: "VIRUS", File: "C:\Users\promi\Desktop\16x (2020-09-20)\16x (2020-09-20)\Kafan_Sample_badf5b6c2231f8b56f60d0e71cdadf4c0938626d39230776a6d5adb1f4c352f1.exe"
    
14. [20.09.2020 11:54:27] Found, 0.00s, SigName: "Trojan.Win32.Krypt", SigId: 312424835, Type: "VIRUS", File: "C:\Users\promi\Desktop\16x (2020-09-20)\16x (2020-09-20)\Kafan_Sample_eb413325acbb2ea289969e834c5237fc6376073f24674b7760d45b94dfaf8755.exe"
    
15. [20.09.2020 11:54:27] Found, 0.140s, SigName: "Trojan.MSIL.Crypt", SigId: 3422827, Type: "VIRUS", File: "C:\Users\promi\Desktop\16x (2020-09-20)\16x (2020-09-20)\Kafan_Sample_eb7f8c540e1fec50dbf69d1118d556130a32c7f08806c9cf0b12a63eaa2ac735.exe"
    
16. [20.09.2020 11:54:27] Found, 0.140s, SigName: "Trojan.VBA.Agent", SigId: 3927788, Type: "VIRUS", File: "C:\Users\promi\Desktop\16x (2020-09-20)\16x (2020-09-20)\Kafan_Sample_efa9e6f9b86778c8d4ada89734f089c1cc1dda522fbea3f5bf3bc007199eeab6.doc"
    
17. [20.09.2020 11:54:28] On-demand scan FINISHED: "user_defined"
    
18. [20.09.2020 11:54:28] ----------------------------------------------------
    
19. [20.09.2020 11:54:28] Directories scanned: 2
    
20. [20.09.2020 11:54:28] Files scanned: 16
    
21. [20.09.2020 11:54:28] Virus found: 15
    
22. [20.09.2020 11:54:28] ----------------------------------------------------

复制代码

henry217

f-s占位测试环境：win10 2004
测试配置：标准
病毒库：最新
测试产品：f-secure扫描
测试项目：扫描
测试结果：扫描（16/16）=共计（16/16）备注：其中有三个文件f-secure无法清除，无操作处理

swizzer

病毒库版本：9月16日

智量V2.67

win7 x64

影子模式占位

成绩：13（扫描7，双击6）/(13+3)，剩余三个，一个不是有效的win 32应用程序，一个是文档，我这里无法双击；另一个用火绒剑看了看，没看到恶意行为


日志
well，我这里传不了附件···直接贴出来吧，不要打我···
双击：

1. Time                FilePath                                                                                           VirusName
   
2. 2020-09-20 12:46:06 D:\$aa\16x (2020-09-20)\Kafan_Sample_530001e38045813d7276694c428b64b4dc5a15b77f2b3cc757f64b8d34bcf815.dll MEMRAY:Trojan.IcedID.A
   
3. 2020-09-20 12:46:03 C:\Windows\SysWOW64\regsvr32.exe                                                                    MEMRAY:Trojan.IcedID.A1
   
4. 2020-09-20 12:45:57 D:\$aa\16x (2020-09-20)\Kafan_Sample_6571b88739b154807adbbe7b8d3ff75543887405f066489fb773a2186b862132.dll MEMRAY:Trojan.IcedID.A
   
5. 2020-09-20 12:45:52 C:\Windows\SysWOW64\regsvr32.exe                                                                    MEMRAY:Trojan.IcedID.A1
   
6. 2020-09-20 12:45:44 D:\$aa\16x (2020-09-20)\Kafan_Sample_55bc7ae7ab1017eb75387291424a67b9655d52e9357005caacbbb997dada592c.dll MEMRAY:Trojan.IcedID.A
   
7. 2020-09-20 12:45:34 C:\Windows\SysWOW64\regsvr32.exe                                                                    MEMRAY:Trojan.IcedID.A1
   
8. 2020-09-20 12:45:24 D:\$aa\16x (2020-09-20)\Kafan_Sample_eb413325acbb2ea289969e834c5237fc6376073f24674b7760d45b94dfaf8755.exe WIBD:HEUR.Injector.o
   
9. 2020-09-20 12:45:03 D:\$aa\16x (2020-09-20)\Kafan_Sample_24e4d25395afc41a3e9b860ae7fca1485ecbd3e432387a62c893412978f9a525.dll MEMRAY:MalCode.A   
   
10. 2020-09-20 12:44:51 C:\Windows\SysWOW64\regsvr32.exe                                                                    MEMRAY:MalCode.A0   
    

复制代码

扫描：

1. Time                FilePath                                                                                           VirusName
   
2. 2020-09-20 12:40:40 D:\$aa\16x (2020-09-20)\Kafan_Sample_efa9e6f9b86778c8d4ada89734f089c1cc1dda522fbea3f5bf3bc007199eeab6.doc HEUR.Office.ML.A   
   
3. 2020-09-20 12:40:39 D:\$aa\16x (2020-09-20)\Kafan_Sample_eb7f8c540e1fec50dbf69d1118d556130a32c7f08806c9cf0b12a63eaa2ac735.exe Heur.ML.PE.A        
   
4. 2020-09-20 12:40:39 D:\$aa\16x (2020-09-20)\Kafan_Sample_badf5b6c2231f8b56f60d0e71cdadf4c0938626d39230776a6d5adb1f4c352f1.exe Heur.ML.PE.A        
   
5. 2020-09-20 12:40:39 D:\$aa\16x (2020-09-20)\Kafan_Sample_b338bf704cbdcf2cd949974e5c1b76e16df69c975c9736571a6f30753a6f02d2.doc HEUR.Office.ML.A   
   
6. 2020-09-20 12:40:39 D:\$aa\16x (2020-09-20)\Kafan_Sample_94ba896b284005a58298806bba47f725cdcaa1816b3c79226639cb145bf16886.exe Trojan.Generic      
   
7. 2020-09-20 12:40:39 D:\$aa\16x (2020-09-20)\Kafan_Sample_6426e2de29bcbe2f7d9d6588eee823b043b7ca524ed6a87f6484cd36d7c74869.doc HEUR.Office.ML.A   
   
8. 2020-09-20 12:40:38 D:\$aa\16x (2020-09-20)\Kafan_Sample_4bf24278b4b75d6c7e9d1f143735ac3518ed659c9dcc3f7aa89d15304af7072e.doc HEUR.Office.ML.A   
   

复制代码

随便挑了4张截图（太多了占位置）

马卡龙

腾讯电脑管家国内+BD引擎联网
win7实机
扫描测试：6
解压杀：4
剩余：6

sichuanwenxuan

还没开放？