收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 1.12~1.15 from: malware_traffic
12下一页
返回列表 发新帖
查看: 1565|回复: 19
收起左侧

[病毒样本] 1.12~1.15 from: malware_traffic

[复制链接]
YorkWaugh
发表于 2021-1-16 20:54:08 | 显示全部楼层 |阅读模式
https://wwi.lanzous.com/iKuoKkha5qd infected
回复

举报

hsks
发表于 2021-1-16 20:57:55 | 显示全部楼层
本帖最后由 hsks 于 2021-1-16 21:23 编辑

360
感觉文件变的很奇怪。。。
改了后缀后又killX1
剩下的文件VT均miss

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

yiyq
发表于 2021-1-16 20:59:52 | 显示全部楼层
智量24x
回复

举报

秋日之殇
发表于 2021-1-16 21:03:52 | 显示全部楼层
本帖最后由 秋日之殇 于 2021-1-16 21:35 编辑

卡巴斯基剩余10个文件
回复

举报

Jerry.Lin
发表于 2021-1-16 21:05:42 | 显示全部楼层

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

hsks
发表于 2021-1-16 21:08:51 | 显示全部楼层
等下,我改下后缀,看了下VT,360还能杀
回复

举报

Nocria
发表于 2021-1-16 21:13:01 | 显示全部楼层
本帖最后由 Nocria 于 2021-1-16 21:19 编辑

IK - 25/49
  1. [16.01.2021 21:18:49] On-demand scan started: "user_defined"
  2. [16.01.2021 21:18:49] Found, 0.16s, SigName: "Trojan-Dropper.VBA.Agent", SigId: 3999397, Type: "VIRUS", File: "C:\Users\promi\Desktop\1.12~1.15\2021-01-12-Hancitor-Word-docs-and-DLL-files\0112_1005636132.doc"
  3. [16.01.2021 21:18:49] Found, 0.63s, SigName: "Trojan-Dropper.VBA.Agent", SigId: 3999397, Type: "VIRUS", File: "C:\Users\promi\Desktop\1.12~1.15\2021-01-12-Hancitor-Word-docs-and-DLL-files\0112_1079750132.doc"
  4. [16.01.2021 21:18:49] Found, 0.78s, SigName: "Trojan-Dropper.VBA.Agent", SigId: 3999397, Type: "VIRUS", File: "C:\Users\promi\Desktop\1.12~1.15\2021-01-12-Hancitor-Word-docs-and-DLL-files\0112_114086062.doc"
  5. [16.01.2021 21:18:49] Found, 0.47s, SigName: "Trojan-Dropper.VBA.Agent", SigId: 3999397, Type: "VIRUS", File: "C:\Users\promi\Desktop\1.12~1.15\2021-01-12-Hancitor-Word-docs-and-DLL-files\0112_153569242.doc"
  6. [16.01.2021 21:18:49] Found, 0.47s, SigName: "Trojan-Dropper.VBA.Agent", SigId: 3999397, Type: "VIRUS", File: "C:\Users\promi\Desktop\1.12~1.15\2021-01-12-Hancitor-Word-docs-and-DLL-files\0112_203089882.doc"
  7. [16.01.2021 21:18:49] Found, 0.31s, SigName: "Trojan-Dropper.VBA.Agent", SigId: 3999397, Type: "VIRUS", File: "C:\Users\promi\Desktop\1.12~1.15\2021-01-12-Hancitor-Word-docs-and-DLL-files\0112_528419802.doc"
  8. [16.01.2021 21:18:49] Found, 0.16s, SigName: "Trojan-Dropper.VBA.Agent", SigId: 4015043, Type: "VIRUS", File: "C:\Users\promi\Desktop\1.12~1.15\2021-01-12-Hancitor-Word-docs-and-DLL-files\0112_722674781.doc"
  9. [16.01.2021 21:18:49] Found, 0.15s, SigName: "Trojan-Dropper.VBA.Agent", SigId: 4015042, Type: "VIRUS", File: "C:\Users\promi\Desktop\1.12~1.15\2021-01-12-Hancitor-Word-docs-and-DLL-files\0112_929792452.doc"
  10. [16.01.2021 21:18:49] Found, 0.47s, SigName: "Trojan-Banker.Hanticor", SigId: 4015044, Type: "VIRUS", File: "C:\Users\promi\Desktop\1.12~1.15\2021-01-12-Hancitor-Word-docs-and-DLL-files\2021-01-12-Hancitor-DLL-example-01.bin"
  11. [16.01.2021 21:18:49] Found, 0.47s, SigName: "Trojan-Banker.Hanticor", SigId: 4015044, Type: "VIRUS", File: "C:\Users\promi\Desktop\1.12~1.15\2021-01-12-Hancitor-Word-docs-and-DLL-files\2021-01-12-Hancitor-DLL-example-02.bin"
  12. [16.01.2021 21:18:49] Found, 0.15s, SigName: "Trojan-Banker.Hanticor", SigId: 4015044, Type: "VIRUS", File: "C:\Users\promi\Desktop\1.12~1.15\2021-01-12-Hancitor-Word-docs-and-DLL-files\2021-01-12-Hancitor-DLL-example-03.bin"
  13. [16.01.2021 21:18:49] Found, 0.00s, SigName: "Trojan-Banker.Hanticor", SigId: 4015044, Type: "VIRUS", File: "C:\Users\promi\Desktop\1.12~1.15\2021-01-12-Hancitor-Word-docs-and-DLL-files\2021-01-12-Hancitor-DLL-example-04.bin"
  14. [16.01.2021 21:18:49] Found, 0.32s, SigName: "Trojan-Banker.Hanticor", SigId: 4015044, Type: "VIRUS", File: "C:\Users\promi\Desktop\1.12~1.15\2021-01-12-Hancitor-Word-docs-and-DLL-files\2021-01-12-Hancitor-DLL-example-05.bin"
  15. [16.01.2021 21:18:49] Found, 0.32s, SigName: "Trojan-Banker.Hanticor", SigId: 4015044, Type: "VIRUS", File: "C:\Users\promi\Desktop\1.12~1.15\2021-01-12-Hancitor-Word-docs-and-DLL-files\2021-01-12-Hancitor-DLL-example-06.bin"
  16. [16.01.2021 21:18:49] Found, 0.00s, SigName: "Trojan-Banker.Hanticor", SigId: 4015044, Type: "VIRUS", File: "C:\Users\promi\Desktop\1.12~1.15\2021-01-12-Hancitor-Word-docs-and-DLL-files\2021-01-12-Hancitor-DLL-example-07.bin"
  17. [16.01.2021 21:18:49] Found, 0.15s, SigName: "Trojan-Banker.Hanticor", SigId: 4015044, Type: "VIRUS", File: "C:\Users\promi\Desktop\1.12~1.15\2021-01-12-Hancitor-Word-docs-and-DLL-files\2021-01-12-Hancitor-DLL-example-08.bin"
  18. [16.01.2021 21:18:49] Found, 0.16s, SigName: "Trojan-Spy.Win32.TrickBot", SigId: 317402731, Type: "VIRUS", File: "C:\Users\promi\Desktop\1.12~1.15\2021-01-12-malware-from-Emotet-and-Trickbot\Trackless3311313539\kwcqgsatnmwpys.exe"
  19. [16.01.2021 21:18:49] Found, 0.00s, SigName: "Trojan-Banker.Emotet", SigId: 4015047, Type: "VIRUS", File: "C:\Users\promi\Desktop\1.12~1.15\2021-01-12-malware-from-Emotet-and-Trickbot\zhyla.htn"
  20. [16.01.2021 21:18:49] Found, 0.00s, SigName: "Trojan-Downloader.VBA.Emotet", SigId: 3941824, Type: "VIRUS", File: "C:\Users\promi\Desktop\1.12~1.15\2021-01-13-email-malware-and-artifacts-from-infection\2021-01-12-Emotet-epoch-2-malspam-used-to-kick-off-infection.eml"
  21. [16.01.2021 21:18:49] Found, 0.00s, SigName: "Trojan-Downloader.VBA.Emotet", SigId: 3941824, Type: "VIRUS", File: "C:\Users\promi\Desktop\1.12~1.15\2021-01-13-email-malware-and-artifacts-from-infection\Form - Jan 13, 2021.doc"
  22. [16.01.2021 21:18:49] Found, 0.00s, SigName: "Trojan.Win32.Crypt", SigId: 317466836, Type: "VIRUS", File: "C:\Users\promi\Desktop\1.12~1.15\2021-01-13-email-malware-and-artifacts-from-infection\Trackless2656214810\ydcslo.exe"
  23. [16.01.2021 21:18:49] Found, 0.47s, SigName: "Trojan-Banker.Emotet", SigId: 4015061, Type: "VIRUS", File: "C:\Users\promi\Desktop\1.12~1.15\2021-01-13-email-malware-and-artifacts-from-infection\wdvexmex.cnf"
  24. [16.01.2021 21:18:49] Found, 0.00s, SigName: "Trojan.Win32.Crypt", SigId: 317467041, Type: "VIRUS", File: "C:\Users\promi\Desktop\1.12~1.15\2021-01-14-Rig-EK-sends-Dridex-malware-and-artifacts\jv9qx.exe"
  25. [16.01.2021 21:18:49] Found, 0.47s, SigName: "Trojan-Banker.Emotet", SigId: 4015061, Type: "VIRUS", File: "C:\Users\promi\Desktop\1.12~1.15\2021-01-15-malware-from-Emotet-epoch-1-infection\2021-01-15-Emotet-DLL-epoch-1.bin"
  26. [16.01.2021 21:18:49] Found, 0.47s, SigName: "Trojan-Downloader.VBA.Emotet", SigId: 3941824, Type: "VIRUS", File: "C:\Users\promi\Desktop\1.12~1.15\2021-01-15-malware-from-Emotet-epoch-1-infection\2021-01-15-Emotet-Word-doc-epoch-1.bin"
  27. [16.01.2021 21:18:49] On-demand scan FINISHED: "user_defined"
  28. [16.01.2021 21:18:49] ----------------------------------------------------
  29. [16.01.2021 21:18:49] Directories scanned: 9
  30. [16.01.2021 21:18:49] Files scanned: 49
  31. [16.01.2021 21:18:49] Virus found: 25
  32. [16.01.2021 21:18:49] ----------------------------------------------------
复制代码


回复

举报

a233
发表于 2021-1-16 21:22:46 | 显示全部楼层
Avast 26X

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

hsks
发表于 2021-1-16 21:23:56 | 显示全部楼层
秋日之殇 发表于 2021-1-16 21:03
卡巴斯基剩余两个10个文件

你剩下的文件有没有传下VT(弱弱的问一下)
回复

举报

z68436425
发表于 2021-1-16 21:28:05 | 显示全部楼层
ESET x24

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

下一页 »
12下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-5-4 12:41 , Processed in 0.144234 second(s), 18 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表