收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 20201227闲得无聊样本包
123
返回列表 发新帖
楼主: wwwab
 收起左侧

[病毒样本] 20201227闲得无聊样本包

[复制链接]
00006666
发表于 2020-12-27 17:31:42 | 显示全部楼层
本帖最后由 00006666 于 2020-12-27 17:51 编辑

360杀毒   开启本地QVM引擎鲲鹏引擎    KILL  15X    其余已上报




  1. 360杀毒扫描日志

  3. 病毒库版本:2020-12-23 16:26
  4. 扫描时间:2020-12-27 17:28:27
  5. 扫描用时:00:00:09
  6. 扫描类型:右键扫描
  7. 扫描文件总数:64
  8. 项目总数:15
  9. 清除项目数:15

  11. 扫描选项
  12. ----------------------
  13. 扫描所有文件:是
  14. 扫描压缩包:是
  15. 发现病毒处理方式:由用户选择处理
  16. 扫描磁盘引导区:是
  17. 扫描 Rootkit:是
  18. 使用云查杀引擎:是
  19. 使用QVM人工智能引擎:是
  20. 扫描建议修复项:是
  21. 常规引擎设置:

  23. 扫描内容
  24. ----------------------
  25. E:\360安全浏览器下载\Downloads


  28. 白名单设置
  29. ----------------------


  32. 扫描结果
  33. ======================
  34. 高危风险项
  35. ----------------------
  36. E:\360安全浏览器下载\Downloads\Downloads\eer123.apk        Android手机恶意程序        已删除
  37. E:\360安全浏览器下载\Downloads\Downloads\Base_Good.exe        感染型病毒(Win32/Trojan.9a1)        已删除
  38. E:\360安全浏览器下载\Downloads\Downloads\c16411c57b3536146ac93f380ac547e7109f0c2993b9315268e61af6ea9e84e9.exe        HEUR/QVM10.1.Malware.Gen        已删除
  39. E:\360安全浏览器下载\Downloads\Downloads\isMiner.exe        感染型病毒(Win32/Virus.RiskTool.54c)        已删除
  40. E:\360安全浏览器下载\Downloads\Downloads\NsCpuCNMiner32.exe        G_PUA.Generic.003ccd5a        已删除
  41. E:\360安全浏览器下载\Downloads\Downloads\setup_x86_x64_install.exe        感染型病毒(Win32/Trojan.f92)        已删除
  42. E:\360安全浏览器下载\Downloads\Downloads\样本1.exe        木马程序(Generic/HEUR/QVM07.1.0263.Malware.Gen)        已删除
  43. E:\360安全浏览器下载\Downloads\Downloads\样本10.exe        HEUR/QVM42.1.Malware.Gen        已删除
  44. E:\360安全浏览器下载\Downloads\Downloads\样本18.exe        木马程序(Generic/HEUR/QVM08.0.33B7.Malware.Gen)        已删除
  45. E:\360安全浏览器下载\Downloads\Downloads\样本19.exe        感染型病毒(Win32/Trojan.Dropper.61c)        已删除
  46. E:\360安全浏览器下载\Downloads\Downloads\样本15.exe        G_PUA.Generic.0023e00f        已删除
  47. E:\360安全浏览器下载\Downloads\Downloads\样本7.exe        G_Trojan.Generic.002e07f7        已删除
  48. E:\360安全浏览器下载\Downloads\Downloads\样本9.exe        G_Trojan.Generic.0052e476        已删除
  49. E:\360安全浏览器下载\Downloads\Downloads\Dcumentos_Folha1.vbs        virus.vbs.qexvmc.1        已删除
  50. E:\360安全浏览器下载\Downloads\Downloads\FORMULARIO_DE_NOTIFICACAO_N_0887958472016.PDF.vbs        virus.vbs.qexvmc.1        已删除

复制代码






本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

Nocria
发表于 2020-12-27 17:36:04 | 显示全部楼层
本帖最后由 Nocria 于 2020-12-27 17:54 编辑

IKARUS killed 19x

  1. [27.12.2020 17:35:31] On-demand scan started: "user_defined"
  2. [27.12.2020 17:35:31] Found, 0.00s, SigName: "Trojan.MSIL.Agent", SigId: 2915670, Type: "VIRUS", File: "C:\Users\promi\Desktop\Downloads\Downloads\Base_Good.exe"
  3. [27.12.2020 17:35:31] Found, 0.63s, SigName: "Trojan.VBS.Agent", SigId: 3554779, Type: "VIRUS", File: "C:\Users\promi\Desktop\Downloads\Downloads\Dcumentos_Folha1.vbs"
  4. [27.12.2020 17:35:31] Found, 0.63s, SigName: "Trojan.Win32.RA", SigId: 212010851, Type: "VIRUS", File: "C:\Users\promi\Desktop\Downloads\Downloads\c16411c57b3536146ac93f380ac547e7109f0c2993b9315268e61af6ea9e84e9.exe"
  5. [27.12.2020 17:35:31] Found, 0.78s, SigName: "Trojan.AndroidOS.SmsSpy", SigId: 3040001, Type: "VIRUS", File: "C:\Users\promi\Desktop\Downloads\Downloads\eer123.apk"
  6. [27.12.2020 17:35:32] Found, 1.79s, SigName: "VBS.Trojan-Downloader.Agent", SigId: 248989397, Type: "VIRUS", File: "C:\Users\promi\Desktop\Downloads\Downloads\FORMULARIO_DE_NOTIFICACAO_N_0887958472016.PDF.vbs"
  7. [27.12.2020 17:35:32] Found, 0.46s, SigName: "Trojan-Downloader.Delphi", SigId: 3506042, Type: "VIRUS", File: "C:\Users\promi\Desktop\Downloads\Downloads\isMiner.exe"
  8. [27.12.2020 17:35:32] Found, 0.78s, SigName: "Trojan.Win32.SvcMiner", SigId: 3564183, Type: "VIRUS", File: "C:\Users\promi\Desktop\Downloads\Downloads\NsCpuCNMiner32.exe"
  9. [27.12.2020 17:35:32] Found, 0.47s, SigName: "Trojan.BAT.KillWin", SigId: 3504500, Type: "VIRUS", File: "C:\Users\promi\Desktop\Downloads\Downloads\QD.exe"
  10. [27.12.2020 17:35:32] Found, 0.47s, SigName: "Trojan.SuspectCRC", SigId: 316407012, Type: "VIRUS", File: "C:\Users\promi\Desktop\Downloads\Downloads\setup_x86_x64_install.exe"
  11. [27.12.2020 17:35:32] Found, 0.32s, SigName: "Trojan.Win32.VMProtect", SigId: 193994891, Type: "VIRUS", File: "C:\Users\promi\Desktop\Downloads\Downloads\steam_api.dll"
  12. [27.12.2020 17:35:32] Found, 0.15s, SigName: "Virus.Ramnit", SigId: 3265625, Type: "VIRUS", File: "C:\Users\promi\Desktop\Downloads\Downloads\样本1.exe"
  13. [27.12.2020 17:35:32] Found, 0.31s, SigName: "PUA.MSIL.Amonetize", SigId: 3539635, Type: "VIRUS", File: "C:\Users\promi\Desktop\Downloads\Downloads\样本10.exe"
  14. [27.12.2020 17:35:32] Found, 0.31s, SigName: "Virus.Ramnit", SigId: 3265625, Type: "VIRUS", File: "C:\Users\promi\Desktop\Downloads\Downloads\样本12.exe"
  15. [27.12.2020 17:35:32] Found, 0.00s, SigName: "Win32.PolyCrypt", SigId: 2879505, Type: "VIRUS", File: "C:\Users\promi\Desktop\Downloads\Downloads\样本15.exe"
  16. [27.12.2020 17:35:32] Found, 0.16s, SigName: "Trojan.Win32.Injector", SigId: 233313350, Type: "VIRUS", File: "C:\Users\promi\Desktop\Downloads\Downloads\样本19.exe"
  17. [27.12.2020 17:35:33] Found, 0.328s, SigName: "Trojan-Downloader.Win32.AutoIt", SigId: 3406367, Type: "VIRUS", File: "C:\Users\promi\Desktop\Downloads\Downloads\样本2.exe"
  18. [27.12.2020 17:35:33] Found, 0.140s, SigName: "not-a-virus:Downloader.YgData", SigId: 3203011, Type: "VIRUS", File: "C:\Users\promi\Desktop\Downloads\Downloads\样本6.exe"
  19. [27.12.2020 17:35:33] Found, 0.218s, SigName: "Trojan.Win32.Spy", SigId: 2763687, Type: "VIRUS", File: "C:\Users\promi\Desktop\Downloads\Downloads\样本7.exe"
  20. [27.12.2020 17:35:33] Found, 0.00s, SigName: "Virus.Win32.Delf", SigId: 1336491, Type: "VIRUS", File: "C:\Users\promi\Desktop\Downloads\Downloads\样本9.exe"
  21. [27.12.2020 17:35:33] On-demand scan FINISHED: "user_defined"
  22. [27.12.2020 17:35:33] ----------------------------------------------------
  23. [27.12.2020 17:35:33] Directories scanned: 2
  24. [27.12.2020 17:35:33] Files scanned: 32
  25. [27.12.2020 17:35:33] Virus found: 19
  26. [27.12.2020 17:35:33] ----------------------------------------------------
复制代码


MBP killed 12x

  1. Generic.Malware/Suspicious, C:\USERS\PROMI\DESKTOP\DOWNLOADS\DOWNLOADS\BASE_GOOD.EXE, No Action By User, 0, 392686, 1.0.34855, , shuriken, , 439CB1C533B5604011976F260C951AB5, 983F4C36A88A33095482BD094874062F9A7622A4F9917B8507C56FBD7E0F6FB7
  2. Generic.Malware/Suspicious, C:\USERS\PROMI\DESKTOP\DOWNLOADS\DOWNLOADS\C16411C57B3536146AC93F380AC547E7109F0C2993B9315268E61AF6EA9E84E9.EXE, No Action By User, 0, 392686, 1.0.34855, , shuriken, , C270EAF81ECA2E6BE99C1B87AB57E5F8, C16411C57B3536146AC93F380AC547E7109F0C2993B9315268E61AF6EA9E84E9
  3. Malware.AI.1878529039, C:\USERS\PROMI\DESKTOP\DOWNLOADS\DOWNLOADS\ISMINER.EXE, No Action By User, 1000000, 0, 1.0.34855, 697868C9F07F31E66FF8140F, dds, 01045975, D6476DC8F05F2C134B8F266136C84794, C51F1179155EA491F2C9BDFEB690F648534100C8839BFDD26B9EB79638598762
  4. Malware.AI.1463572228, C:\USERS\PROMI\DESKTOP\DOWNLOADS\DOWNLOADS\样本1.EXE, No Action By User, 1000000, 0, 1.0.34855, 290C54605355705B573C5704, dds, 01045975, 4E7B2FD95984D06FBDC6BE31BCA6F66F, 54295B4328C0E459CE2DE9A252F402C8F187F9D4593CA70C9FABF40DFA864348
  5. Trojan.Dropper.WXT.Generic, C:\USERS\PROMI\DESKTOP\DOWNLOADS\DOWNLOADS\SETUP_X86_X64_INSTALL.EXE, No Action By User, 14013, 892906, 1.0.34855, , ame, , 4E86591CE4784CC248ED7617F13FD847, 9F80C8A06004B110E0EA7B4DE1B998C2BC65199F33168C1E9D245504C4E4F10C
  6. PUP.Optional.Amonetize, C:\USERS\PROMI\DESKTOP\DOWNLOADS\DOWNLOADS\样本10.EXE, No Action By User, 19, 128021, 1.0.34855, , ame, , 45E8EA466CB9317285D850357DA481F1, F4BBBBE8DDC6A63B3A460A597A6564F83FD06909066316C7506E75355185CB8A
  7. Trojan.BitCoinMiner, C:\USERS\PROMI\DESKTOP\DOWNLOADS\DOWNLOADS\NSCPUCNMINER32.EXE, No Action By User, 279, 413613, 1.0.34855, 3BF46EA4DD5250C32181B985, dds, 01045975, E3427D9F439AEBEFA3D9C299E2A94AF3, 7374051E75AE97BA687CD153927FACCD21FCDCC0B41A42867D38AC62064F6ABA
  8. PUP.Optional.MultiPlug, C:\USERS\PROMI\DESKTOP\DOWNLOADS\DOWNLOADS\样本15.EXE, No Action By User, 20, 75723, 1.0.34855, , ame, , 2425C36FB68387044B208B83E74E7700, D38FA2DFF87DED2F117CD1E2E14979BB49797D3B93B16AAC9CC87D5ACCB763CC
  9. Malware.AI.3240555451, C:\USERS\PROMI\DESKTOP\DOWNLOADS\DOWNLOADS\样本2.EXE, No Action By User, 1000000, 0, 1.0.34855, C5D82CED802C28EEC126F3BB, dds, 01045975, ACB66C1F9231237C1D48DBBEEFAFB935, C8A781571B1A265F80A7CD677885025627018C22651C73BB9B5AEBCA160E9E7C
  10. Generic.Malware/Suspicious, C:\USERS\PROMI\DESKTOP\DOWNLOADS\DOWNLOADS\样本19.EXE, No Action By User, 0, 392686, 1.0.34855, , shuriken, , A57274C09CFBDBFF3971494A2BFE2670, 331B1FEE4167E2EDB885AC6C5B42AFEABC95003DF02F7300C43149AF83D30078
  11. PUP.Optional.DriveTheLife, C:\USERS\PROMI\DESKTOP\DOWNLOADS\DOWNLOADS\样本8.EXE, No Action By User, 8707, 797772, 1.0.34855, , ame, , 7B69AEE4A6C3CB304325E63B477A26E5, D892DF688DBAAABB1D8458EE88EACBC8C1B70BBEC233D6D77A25C13754FFF94C
  12. Backdoor.Bifrose, C:\USERS\PROMI\DESKTOP\DOWNLOADS\DOWNLOADS\样本9.EXE, No Action By User, 15, 269048, 1.0.34855, 1AF6EFB196DCCEBAF9BC8EB9, dds, 01045975, 4E6C6573A2272E147F428ED88A277E30, 5F6CBA130C9847F81306C4F77BA2112AD912D1D3F75126BB4A1E81F113BB280B
复制代码
回复

举报

救命稻草
发表于 2020-12-27 18:02:39 | 显示全部楼层
红伞扫描检测15个。
回复

举报

Kinhold
发表于 2020-12-27 21:11:28 | 显示全部楼层
火绒
【1】2020-12-27 21:05:56,病毒防护,病毒查杀,自定义扫描, 发现14个风险项目

病毒库时间:2020-12-27 16:03
开始时间:2020-12-27 21:03
总计用时:00:01:07
扫描对象:138
扫描文件:1
发现风险:14
已处理风险:14
病毒详情:

1.风险路径:...\Downloads.zip >> Downloads\FORMULARIO_DE_NOTIFICACAO_N_0887958472016.PDF.vbs, 病毒名:TrojanDownloader/VBS.Agent, 病毒ID:2cd638192d6a9837, 处理结果:已处理,删除文件

2.风险路径:...\Downloads.zip >> Downloads\样本19.exe, 病毒名:Trojan/Generic!3599DBA4B98DCECE, 病毒ID:3599dba4b98dcece, 处理结果:已处理,删除文件

3.风险路径:...\Downloads.zip >> Downloads\样本9.exe, 病毒名:Trojan/Generic!A64DFCF99C51F897, 病毒ID:a64dfcf99c51f897, 处理结果:已处理,删除文件

4.风险路径:...\Downloads.zip >> Downloads\c16411c57b3536146ac93f380ac547e7109f0c2993b9315268e61af6ea9e84e9.exe, 病毒名:Trojan/Generic!2EBC654142F0053D, 病毒ID:2ebc654142f0053d, 处理结果:已处理,删除文件

5.风险路径:...\Downloads.zip >> Downloads\steam_api.dll, 病毒名:Trojan/Generic!5F6D5F83DC34FBA3, 病毒ID:5f6d5f83dc34fba3, 处理结果:已处理,删除文件

6.风险路径:...\Downloads.zip >> Downloads\NsCpuCNMiner32.exe, 病毒名:HackTool/CoinMiner, 病毒ID:8c5053f9ea0ff87a, 处理结果:已处理,删除文件

7.风险路径:...\Desktop\Downloads.zip >> Downloads\Flamels Miracle.exe, 病毒名:HVM:VirTool/Obfuscator.gen!A, 病毒ID:b27d4294cde6a1ec, 处理结果:已处理,删除文件

8.风险路径:...\Downloads.zip >> Downloads\Dcumentos_Folha1.vbs, 病毒名:TrojanDownloader/VBS.Obfuscated, 病毒ID:5e7bc5b6c3149575, 处理结果:已处理,删除文件

9.风险路径:...\Downloads.zip >> Downloads\Base_Good.exe, 病毒名:Trojan/Generic!B9E4B6F1350D3561, 病毒ID:b9e4b6f1350d3561, 处理结果:已处理,删除文件

10.风险路径:...\Downloads.zip >> Downloads\QD.exe, 病毒名:Trojan/Generic!04A456C8F995EE9A, 病毒ID:4a456c8f995ee9a, 处理结果:已处理,删除文件

11.风险路径:...\Downloads.zip >> Downloads\isMiner.exe, 病毒名:HackTool/CoinMiner, 病毒ID:a142397347ea242, 处理结果:已处理,删除文件

12.风险路径:...\Downloads.zip >> Downloads\eer123.apk >> classes.dex, 病毒名:Trojan/Android.SMSender.au, 病毒ID:f66d458b35b84f28, 处理结果:已处理,删除文件

13.风险路径:...\Downloads.zip >> Downloads\setup_x86_x64_install.exe, 病毒名:Trojan/Generic!735E8547FD96FADF, 病毒ID:735e8547fd96fadf, 处理结果:已处理,删除文件

14.风险路径:...\Downloads.zip >> Downloads\样本7.exe >> [NSIS].nsi, 病毒名:Adware/ConvertAd.s, 病毒ID:6bbe9e71db3daf37, 处理结果:已处理,删除文件

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>


回复

举报

tomochan
发表于 2020-12-27 21:14:39 | 显示全部楼层
avast 16X
回复

举报

Kinhold
发表于 2020-12-27 21:14:42 | 显示全部楼层
* Avast 扫描报告
* 该文件是自动生成的
*
* 扫描名称: 从 Windows 资源管理器进行扫描
* 开始于: 2020年12月27日 21:03:31
* VPS: 201227-0, 2020/12/27
*

...\Downloads.zip|>Downloads\FORMULARIO_DE_NOTIFICACAO_N_0887958472016.PDF.vbs [L] JS:Downloader-EEE [Trj] (0)

...\Downloads.zip|>Downloads\鏍锋湰18.exe [L] Win32:WrongInf-A [Susp] (0)

...\Downloads.zip|>Downloads\鏍锋湰9.exe [L] Win32:Evo-gen [Susp] (0)

...\Downloads.zip|>Downloads\NsCpuCNMiner32.exe [L] Win32:CryptoMiner-Z [Trj] (0)

...\Downloads.zip|>Downloads\Dcumentos_Folha1.vbs [L] VBS:Downloader-AHU [Trj] (0)

...\Downloads.zip|>Downloads\Base_Good.exe [L] Win32:BotX-gen [Trj] (0)

...\Downloads.zip|>Downloads\isMiner.exe [L] Win32:IsMiner-A [Miner] (0)

...\Downloads.zip|>Downloads\eer123.apk|>classes.dex [L] Android:SMForw-AII [Trj] (0)

...\Downloads.zip|>Downloads\setup_x86_x64_install.exe [L] Win32:Trojan-gen (0)

...\Downloads.zip|>Downloads\鏍锋湰12.exe [L] Win32:Ramnit-CW (0)

...\Downloads.zip|>Downloads\鏍锋湰1.exe [L] Win32:Ramnit-CZ (0)

...\Downloads.zip|>Downloads\鏍锋湰15.exe [L] Win32:Evo-gen [Susp] (0)

...\Downloads.zip|>Downloads\鏍锋湰17.exe [L] Win32:WrongInf-A [Susp] (0)

感染文件: 13
文件总计: 115
文件夹总计: 0
大小总计: 35.0 MB

*
* 扫描已停止: 2020年12月27日 21:04:28
* 运行时间是 57 秒
回复

举报

NT狼狼
发表于 2020-12-28 11:56:03 | 显示全部楼层
金山毒霸X16

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

123
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-5-4 12:19 , Processed in 0.089389 second(s), 15 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表