查看: 3390|回复: 26
收起左侧

[病毒样本] 火绒报毒,疑似宏+木马

[复制链接]
马卡龙
发表于 2020-12-5 20:05:18 | 显示全部楼层 |阅读模式
https://www.lanzoui.com/i0NWtj31ofc
在管家的文档保护文件夹发现的,24个,不知是不是毒
rogersg
发表于 2020-12-5 20:07:24 | 显示全部楼层
ESET 清空
  1. Log
  2. Scan Log
  3. Version of detection engine: 22432 (20201205)
  4. Date: 2020/12/5  Time: 20:06:47
  5. Scanned disks, folders and files: D:\Users\Admin\Desktop\Desktop
  6. D:\Users\Admin\Desktop\Desktop\08623e17dea865a3a7daa279fe315d9e_a722ee27b0348387d661ef687386c697b536c8db8fba7f4920643b39cf6c7c68.xlsxqm - DOC/TrojanDownloader.Agent.CHY trojan - cleaned by deleting [1]
  7. D:\Users\Admin\Desktop\Desktop\163ec934a0e792ecc87c0ccb256eac8e_fb3cb243303e0bf089014f9d37dc7222c56ae366debb813b333f6aa5d8d16672.xlsxqm - a variant of DOC/TrojanDownloader.Agent.CHY trojan - cleaned by deleting [1]
  8. D:\Users\Admin\Desktop\Desktop\1d1dcd32ef6b512f26a1205777dd1381_5c33aaa83a139b2c1da72e32f85ca7ba9ce3ace7fa2354166e50f15b53836be9.xlsxqm - DOC/TrojanDownloader.Agent.CHY trojan - cleaned by deleting [1]
  9. D:\Users\Admin\Desktop\Desktop\1efa943af202f3348ec4f3e88debabcc_8cc10f683eb2807c5ad198dce3e64f913cf5668211635df03a7f4ee7ec31e9ec.xlsxqm - DOC/TrojanDownloader.Agent.CHY trojan - cleaned by deleting [1]
  10. D:\Users\Admin\Desktop\Desktop\29feee09d36f8ef74cdbd02bd31cd3ed_a2fcf60af3a670b0b9e470069b74cc5278957af3a8971b7da937198ff6fee5b7.xlsxqm - DOC/TrojanDownloader.Agent.CHY trojan - cleaned by deleting [1]
  11. D:\Users\Admin\Desktop\Desktop\2b409cf8d38eb2e77ea734b940bf96a6_5e3a8de857dd96ac6246d739903f9fc38e2e5242416e8b91b0ab4a808562c9a7.xlsxqm - DOC/TrojanDownloader.Agent.CHY trojan - cleaned by deleting [1]
  12. D:\Users\Admin\Desktop\Desktop\2ffc96dd60950928b03a8dafef52b6ae_53784cab58344cd1f446b9a7b22006672b6527efbea9f36178de2b98e59157d5.xlsxqm - DOC/TrojanDownloader.Agent.CHY trojan - cleaned by deleting [1]
  13. D:\Users\Admin\Desktop\Desktop\3455844b9f43663e9ca3366c41e356ff_79f8b429cc46c868184f92a5886023b112289196d85784194da54fa56e5fd680.xlsxqm - DOC/TrojanDownloader.Agent.CHY trojan - cleaned by deleting [1]
  14. D:\Users\Admin\Desktop\Desktop\4195d18b2286f5711ff7845810785ced_461d6d5452f8ece119ce60779c28c7ec3709efe6a9cb9d7133448c446d1c3f7e.xlsxqm - DOC/TrojanDownloader.Agent.CHY trojan - cleaned by deleting [1]
  15. D:\Users\Admin\Desktop\Desktop\4232f3063662226d4e03b712bbd49432_537ce8d63dad18475293e6769a28178f6189e39d857eb5c7a0bdd9a170a85465.xlsxqm - a variant of DOC/TrojanDownloader.Agent.CHY trojan - cleaned by deleting [1]
  16. D:\Users\Admin\Desktop\Desktop\4ca402e41062119686c7dd95965bd672_5dc27727262645d9aafe813b069d47498325c79915c79a1cfd5bcf60e984b969.xlsxqm - DOC/TrojanDownloader.Agent.CHY trojan - cleaned by deleting [1]
  17. D:\Users\Admin\Desktop\Desktop\5474026326e3984881f00b33808a1c7c_d2e924814158e362a3e0e20ed1aaa8ce6e9f953b7bcfe7422f9161d081e6ea68.xlsxqm - DOC/TrojanDownloader.Agent.CHY trojan - cleaned by deleting [1]
  18. D:\Users\Admin\Desktop\Desktop\5b4d87495376dff4d46a4e8e70b01be4_0d838d8636a88e63e0a6ed863f1bc32e5a95d8b835cc509a497dfb15fd540f82.pptqm - VBA/TrojanDownloader.Agent.UYD trojan - cleaned by deleting [1]
  19. D:\Users\Admin\Desktop\Desktop\60911dce821b8c0e03894f31a6292b4c_87b66ddf99751aad43bc3b7008143e67c88a2678635b6c9ba058d9f64709b9e4.xlsxqm - DOC/TrojanDownloader.Agent.CHY trojan - cleaned by deleting [1]
  20. D:\Users\Admin\Desktop\Desktop\6aa000ee4df24cd34a30e921ad29734f_10e2101e602459fedb20777ba9ea58cfd0e54e31f4abddcfde09bb38cab3d31b.xlsxqm - DOC/TrojanDownloader.Agent.CHY trojan - cleaned by deleting [1]
  21. D:\Users\Admin\Desktop\Desktop\8e566188e3b07caee82b213435ae389e_a4afa0d06ff8deb06d98cc52be4a238a95450843062614e10093d4ca01967214.xlsxqm - DOC/TrojanDownloader.Agent.CHY trojan - cleaned by deleting [1]
  22. D:\Users\Admin\Desktop\Desktop\933ce7753284e4a98c2790e1d25e8407_74e63a8cd2451873bb43a312d81188c46c91c7daafe927aaf3aa38f9ac1b8b46.xlsxqm - a variant of DOC/TrojanDownloader.Agent.CHY trojan - cleaned by deleting [1]
  23. D:\Users\Admin\Desktop\Desktop\9a4cf674e296a4cb021838f5ed0b3295_97494f4f289a6ba2daa266c96573ae3def0050b1c6c0678765a8298a2f0eb0b2.xlsxqm - DOC/TrojanDownloader.Agent.CHY trojan - cleaned by deleting [1]
  24. D:\Users\Admin\Desktop\Desktop\b3d9727d196f8df27184b7edcfdcc227_181db47db2825174fe60303c3d3c23c8f58b1f5cdfd806f556f5803415da2517.xlsxqm - DOC/TrojanDownloader.Agent.CHY trojan - cleaned by deleting [1]
  25. D:\Users\Admin\Desktop\Desktop\ba759ca398097bc53d3af312e5ad59ea_3a134ab24a0098a201c74835f6e479903c12bca5bb533aa1a90166befe4e1d92.xlsxqm - DOC/TrojanDownloader.Agent.CHY trojan - cleaned by deleting [1]
  26. D:\Users\Admin\Desktop\Desktop\cdeb06168881728d7d432029175251e5_3b147af50cdbfd0c36902d5357214100d7011280d914ea912d2a375bd441d036.xlsxqm - a variant of DOC/TrojanDownloader.Agent.CHY trojan - cleaned by deleting [1]
  27. D:\Users\Admin\Desktop\Desktop\f49cb4186abb643b41c86c54146c02ca_0ae85e690f4f441281612b46a70659a9b63fa1c7e07f16c3f5325b9dfe07679e.xlsxqm - a variant of DOC/TrojanDownloader.Agent.CHY trojan - cleaned by deleting [1]
  28. D:\Users\Admin\Desktop\Desktop\f6465c918d2ebfbe0ca2034357c891f7_ebebefbdd509483548e4e3543ce0def6dd81c0b1085f6a4e3d89e3a36b4c0668.xlsxqm - DOC/TrojanDownloader.Agent.CHY trojan - cleaned by deleting [1]
  29. D:\Users\Admin\Desktop\Desktop\fafa2eda1537d5cfdfff29bc942031f3_361b2b9046743e1faa6b240e9e9240e8a443fe139931001bfdc3ed49d93ee0a0.xlsxqm - DOC/TrojanDownloader.Agent.CHY trojan - cleaned by deleting [1]
  30. Number of scanned objects: 24
  31. Number of detections: 24
  32. Number of cleaned objects: 24
  33. Time of completion: 20:06:50  Total scanning time: 3 sec (00:00:03)

  34. Notes:
  35. [1] Object has been deleted as it only contained the virus body.
复制代码
dongwenqi
发表于 2020-12-5 20:13:27 | 显示全部楼层
@qwerwer 测试下火绒
yiyq
发表于 2020-12-5 20:17:46 | 显示全部楼层
智量
日志:
2020-12-05 20:15:37 C:\Users\****\Desktop\fafa2eda1537d5cfdfff29bc942031f3_361b2b9046743e1faa6b240e9e9240e8a443fe139931001bfdc3ed49d93ee0a0.xlsxqm Trojan.Downloader.Generic
2020-12-05 20:15:37 C:\Users\****\Desktop\f6465c918d2ebfbe0ca2034357c891f7_ebebefbdd509483548e4e3543ce0def6dd81c0b1085f6a4e3d89e3a36b4c0668.xlsxqm Trojan.Generic      
2020-12-05 20:15:37 C:\Users\****\Desktop\f49cb4186abb643b41c86c54146c02ca_0ae85e690f4f441281612b46a70659a9b63fa1c7e07f16c3f5325b9dfe07679e.xlsxqm Trojan.Generic      
2020-12-05 20:15:37 C:\Users\****\Desktop\cdeb06168881728d7d432029175251e5_3b147af50cdbfd0c36902d5357214100d7011280d914ea912d2a375bd441d036.xlsxqm Trojan.Generic      
2020-12-05 20:15:36 C:\Users\****\Desktop\ba759ca398097bc53d3af312e5ad59ea_3a134ab24a0098a201c74835f6e479903c12bca5bb533aa1a90166befe4e1d92.xlsxqm Trojan.Downloader.Generic
2020-12-05 20:15:36 C:\Users\****\Desktop\b3d9727d196f8df27184b7edcfdcc227_181db47db2825174fe60303c3d3c23c8f58b1f5cdfd806f556f5803415da2517.xlsxqm Trojan.Generic      
2020-12-05 20:15:36 C:\Users\****\Desktop\5474026326e3984881f00b33808a1c7c_d2e924814158e362a3e0e20ed1aaa8ce6e9f953b7bcfe7422f9161d081e6ea68.xlsxqm Trojan.Generic      
2020-12-05 20:15:36 C:\Users\****\Desktop\3455844b9f43663e9ca3366c41e356ff_79f8b429cc46c868184f92a5886023b112289196d85784194da54fa56e5fd680.xlsxqm Trojan.Generic      
2020-12-05 20:15:36 C:\Users\****\Desktop\60911dce821b8c0e03894f31a6292b4c_87b66ddf99751aad43bc3b7008143e67c88a2678635b6c9ba058d9f64709b9e4.xlsxqm Trojan.Generic      
2020-12-05 20:15:35 C:\Users\****\Desktop\08623e17dea865a3a7daa279fe315d9e_a722ee27b0348387d661ef687386c697b536c8db8fba7f4920643b39cf6c7c68.xlsxqm Trojan.Generic      
2020-12-05 20:15:35 C:\Users\****\Desktop\4232f3063662226d4e03b712bbd49432_537ce8d63dad18475293e6769a28178f6189e39d857eb5c7a0bdd9a170a85465.xlsxqm Trojan.Downloader.Generic
2020-12-05 20:15:35 C:\Users\****\Desktop\4195d18b2286f5711ff7845810785ced_461d6d5452f8ece119ce60779c28c7ec3709efe6a9cb9d7133448c446d1c3f7e.xlsxqm Trojan.Generic      
2020-12-05 20:15:35 C:\Users\****\Desktop\933ce7753284e4a98c2790e1d25e8407_74e63a8cd2451873bb43a312d81188c46c91c7daafe927aaf3aa38f9ac1b8b46.xlsxqm Trojan.Downloader.Generic
2020-12-05 20:15:35 C:\Users\****\Desktop\163ec934a0e792ecc87c0ccb256eac8e_fb3cb243303e0bf089014f9d37dc7222c56ae366debb813b333f6aa5d8d16672.xlsxqm Trojan.Generic      
2020-12-05 20:15:35 C:\Users\****\Desktop\29feee09d36f8ef74cdbd02bd31cd3ed_a2fcf60af3a670b0b9e470069b74cc5278957af3a8971b7da937198ff6fee5b7.xlsxqm Trojan.Downloader.Generic
2020-12-05 20:15:34 C:\Users\****\Desktop\9a4cf674e296a4cb021838f5ed0b3295_97494f4f289a6ba2daa266c96573ae3def0050b1c6c0678765a8298a2f0eb0b2.xlsxqm Trojan.Downloader.Generic
2020-12-05 20:15:34 C:\Users\****\Desktop\8e566188e3b07caee82b213435ae389e_a4afa0d06ff8deb06d98cc52be4a238a95450843062614e10093d4ca01967214.xlsxqm Trojan.Downloader.Generic
2020-12-05 20:15:34 C:\Users\****\Desktop\6aa000ee4df24cd34a30e921ad29734f_10e2101e602459fedb20777ba9ea58cfd0e54e31f4abddcfde09bb38cab3d31b.xlsxqm Trojan.Downloader.Generic
2020-12-05 20:15:34 C:\Users\****\Desktop\4ca402e41062119686c7dd95965bd672_5dc27727262645d9aafe813b069d47498325c79915c79a1cfd5bcf60e984b969.xlsxqm Trojan.Generic      
2020-12-05 20:15:33 C:\Users\****\Desktop\2ffc96dd60950928b03a8dafef52b6ae_53784cab58344cd1f446b9a7b22006672b6527efbea9f36178de2b98e59157d5.xlsxqm Trojan.Generic      
2020-12-05 20:15:33 C:\Users\****\Desktop\2b409cf8d38eb2e77ea734b940bf96a6_5e3a8de857dd96ac6246d739903f9fc38e2e5242416e8b91b0ab4a808562c9a7.xlsxqm Trojan.Generic      
2020-12-05 20:15:33 C:\Users\****\Desktop\1efa943af202f3348ec4f3e88debabcc_8cc10f683eb2807c5ad198dce3e64f913cf5668211635df03a7f4ee7ec31e9ec.xlsxqm Trojan.Generic      
2020-12-05 20:15:30 C:\Users\****\Desktop\1d1dcd32ef6b512f26a1205777dd1381_5c33aaa83a139b2c1da72e32f85ca7ba9ce3ace7fa2354166e50f15b53836be9.xlsxqm Trojan.Downloader.Generic
剩下5b4d87495376dff4d46a4e8e70b01be4_0d838d8636a88e63e0a6ed863f1bc32e5a95d8b835cc509a497dfb15fd540f82.pptqm
BitterLotus
发表于 2020-12-5 20:19:23 | 显示全部楼层
本帖最后由 BitterLotus 于 2020-12-5 20:28 编辑

卡巴 Kill ALL

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
dongwenqi
发表于 2020-12-5 20:19:27 | 显示全部楼层
卡巴斯基全灭
hsks
发表于 2020-12-5 20:23:50 | 显示全部楼层
360missx1

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
a233
发表于 2020-12-5 20:37:05 | 显示全部楼层
Avast Empty

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
秋日之殇
发表于 2020-12-5 20:50:20 | 显示全部楼层
火绒killx24

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
qwerwer
头像被屏蔽
发表于 2020-12-5 20:52:31 | 显示全部楼层
dongwenqi 发表于 2020-12-5 20:13
@qwerwer 测试下火绒

火绒全杀
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-3-29 03:24 , Processed in 0.137863 second(s), 17 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表