#Hancitor（4.6）

hsks

https://www.virustotal.com/gui/f ... 4a9aed8b8/detection
https://www.virustotal.com/gui/f ... c68337b70/detection
https://www.virustotal.com/gui/f ... 894dc2966/detection
https://app.any.run/tasks/7cfc8690-047a-418e-98a7-249899c7154b/

https://pan.huang1111.cn/s/vakSE

00006666

很好奇你都是从哪里找来的

a233

Avast
监控只报了doc

剩下两个dll加载都是

Virus4

ESET 扫描 杀两个DLL，word双击杀。

BFAX

360杀毒扫描修复doc

00006666 发表于 2021-4-6 23:14
很好奇你都是从哪里找来的

Github有不少分享病毒样本的，搜下关键词malware，有惊喜

anthonyqian

诺顿两个dll信誉一般。

doc miss

这世界如露水般

卡巴 只扫描
关我的7z啥事?提示需要重启
User type: Active user
Application name: 7zG.exe
Application path:
Component: File Anti-Virus
Result description: Backup copy created
Type: Trojan
Name: UDS:Trojan-Dropper.MSOffice.SDrop.gen
Precision: Exactly
Threat level: High
Object type: File
Object name: 7306111f2dfdc901e63a359377a778056a095c6f35126820ca502f1c68337b70.doc
============
User type: Active user
Application name: 7zG.exe
Application path:
Component: File Anti-Virus
Result description: Will be deleted on restart
Type: Trojan
Name: UDS:Trojan-Dropper.MSOffice.SDrop.gen
Precision: Exactly
Threat level: High
Object type: File
Object name: 7306111f2dfdc901e63a359377a778056a095c6f35126820ca502f1c68337b70.doc
============
User type: Active user
Application name: 7zG.exe
Application path:
Component: File Anti-Virus
Result description: Detected
Type: Trojan
Name: UDS:Trojan-Dropper.MSOffice.SDrop.gen
Precision: Exactly
Threat level: High
Object type: File
Object name: 7306111f2dfdc901e63a359377a778056a095c6f35126820ca502f1c68337b70.doc

hsks

Virus4 发表于 2021-4-6 23:36
ESET
监控除了doc都报了
打开word并启动宏

我看Anyrun运行的好好的

Virus4

hsks 发表于 2021-4-6 18:36
我看Anyrun运行的好好的

环境的问题，弄好了，ESET拦了

心醉咖啡

火绒扫描miss