收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 From MalwareTraffic 27X
12下一页
返回列表 发新帖
查看: 1253|回复: 14
收起左侧

[病毒样本] From MalwareTraffic 27X

[复制链接]
Nocria
发表于 2021-6-29 10:57:09 | 显示全部楼层
本帖最后由 Nocria 于 2021-6-29 21:27 编辑

IKARUS - 20/27
  1. [29.06.2021 21:25:07] On-demand scan started: "user_defined"
  2. [29.06.2021 21:25:07] Found, 0.16s, SigName: "Trojan-Dropper.VBA.Agent", SigId: 4134587, Type: "VIRUS", File: "C:\Users\promi\Desktop\ow1poQFI_27X (2)\04fdb0fdc76d11adab9864aa36d4b54e40823ff00373b236808e47b8465a626e.doc"
  3. [29.06.2021 21:25:07] Found, 0.94s, SigName: "Trojan-Spy.Win32.TrickBot", SigId: 326324244, Type: "VIRUS", File: "C:\Users\promi\Desktop\ow1poQFI_27X (2)\0bb797aef9711d46a54f363b0d28211337605db7d84b079e91cae672f7a981d4.dll"
  4. [29.06.2021 21:25:07] Found, 0.31s, SigName: "Trojan-Dropper.VBA.Agent", SigId: 4134587, Type: "VIRUS", File: "C:\Users\promi\Desktop\ow1poQFI_27X (2)\1cfcfa64c0e1dcce3aa0dc280fa21d6015acf3c615ce55ce23fb81813d37d799.doc"
  5. [29.06.2021 21:25:07] Found, 0.109s, SigName: "Trojan-Dropper.VBA.Agent", SigId: 4134587, Type: "VIRUS", File: "C:\Users\promi\Desktop\ow1poQFI_27X (2)\133eaec108dcdf485a65616e0b26d8ffe1781e795b49bef6021c51679bf92c7a.doc"
  6. [29.06.2021 21:25:07] Found, 0.32s, SigName: "Trojan-Dropper.VBA.Agent", SigId: 4134587, Type: "VIRUS", File: "C:\Users\promi\Desktop\ow1poQFI_27X (2)\2f6e6881e714782e8cd3c3f0c92bc576d9cc008e526be5e21d13a881e5b90e0f.doc"
  7. [29.06.2021 21:25:07] Found, 0.16s, SigName: "Trojan-Dropper.VBA.Agent", SigId: 4134587, Type: "VIRUS", File: "C:\Users\promi\Desktop\ow1poQFI_27X (2)\4e6ea45f01bd761bdfacc3e0397238607373b5a35f9eb8704b913252d3a19aa0.doc"
  8. [29.06.2021 21:25:07] Found, 0.15s, SigName: "Trojan-Dropper.VBA.Agent", SigId: 4134587, Type: "VIRUS", File: "C:\Users\promi\Desktop\ow1poQFI_27X (2)\518d92e9dcaac49258600bd988d6d2b0ebc2af74e4bc9796d83987e57297d18d.doc"
  9. [29.06.2021 21:25:07] Found, 0.32s, SigName: "Backdoor.Win32.DarkVNC", SigId: 326276550, Type: "VIRUS", File: "C:\Users\promi\Desktop\ow1poQFI_27X (2)\7b844cc75f594f536f486b137817a497407b689725ab45c7904444e82374d4ac.exe"
  10. [29.06.2021 21:25:07] Found, 0.62s, SigName: "Trojan-Spy.Win32.TrickBot", SigId: 326315755, Type: "VIRUS", File: "C:\Users\promi\Desktop\ow1poQFI_27X (2)\8368a955dd5d9850ed8ced6144a202368c52e065abafdb71a7960d3a90647e85.dll"
  11. [29.06.2021 21:25:07] Found, 0.94s, SigName: "Trojan-Spy.Win32.TrickBot", SigId: 326315760, Type: "VIRUS", File: "C:\Users\promi\Desktop\ow1poQFI_27X (2)\97c1deed13a9dba0c5834c3961ec93f96897e45e56f1c86a641427228830fcd4.dll"
  12. [29.06.2021 21:25:07] Found, 0.78s, SigName: "Trojan-Spy.Win32.TrickBot", SigId: 326315758, Type: "VIRUS", File: "C:\Users\promi\Desktop\ow1poQFI_27X (2)\9822e135cafc24d7d610a2831cd97e13c0f2b3ce1935aadde0bbbcf140395bba.dll"
  13. [29.06.2021 21:25:07] Found, 0.47s, SigName: "Trojan-Dropper.VBA.Agent", SigId: 4134587, Type: "VIRUS", File: "C:\Users\promi\Desktop\ow1poQFI_27X (2)\a46458bc99e81157c17295a038fc599197805c840ecd67ecd662f9a383c8577a.doc"
  14. [29.06.2021 21:25:07] Found, 0.47s, SigName: "Trojan-Spy.Win32.TrickBot", SigId: 326324249, Type: "VIRUS", File: "C:\Users\promi\Desktop\ow1poQFI_27X (2)\b3c17ea77c22b4f4ce232f4de674e1ab8639d063f54cc088612f73d7a7268a28.dll"
  15. [29.06.2021 21:25:07] Found, 0.47s, SigName: "Trojan-Dropper.VBA.Agent", SigId: 4134587, Type: "VIRUS", File: "C:\Users\promi\Desktop\ow1poQFI_27X (2)\b75af3709a1cb0645ae7555d9f36305ecec8d5c1816986c1dd0f48ea3e26441c.doc"
  16. [29.06.2021 21:25:07] Found, 0.47s, SigName: "Trojan-Spy.Win32.TrickBot", SigId: 326324246, Type: "VIRUS", File: "C:\Users\promi\Desktop\ow1poQFI_27X (2)\b827fde51c75a1c5a400dd99d5b345f946874d77587384d31e3ca188364e92a4.dll"
  17. [29.06.2021 21:25:07] Found, 0.46s, SigName: "Trojan-Spy.Win32.TrickBot", SigId: 326324252, Type: "VIRUS", File: "C:\Users\promi\Desktop\ow1poQFI_27X (2)\c601014207780cd2448d3953272a43cacc9252bc86b365b7869af2a6a2ab3c09.dll"
  18. [29.06.2021 21:25:07] Found, 0.63s, SigName: "Trojan-Downloader.Win32.Injector", SigId: 326300372, Type: "VIRUS", File: "C:\Users\promi\Desktop\ow1poQFI_27X (2)\cf0a85f491146002a26b01c8aff864a39a18a70c7b5c579e96deda212bfeec58.exe"
  19. [29.06.2021 21:25:07] Found, 0.16s, SigName: "Trojan-Dropper.VBA.Agent", SigId: 4134587, Type: "VIRUS", File: "C:\Users\promi\Desktop\ow1poQFI_27X (2)\d500ee06ed8664bcd5acfac596094aed9fe9c97c4b2b21b3b052c1eb7980a8b7.doc"
  20. [29.06.2021 21:25:07] Found, 0.31s, SigName: "Trojan-Dropper.VBA.Agent", SigId: 4134587, Type: "VIRUS", File: "C:\Users\promi\Desktop\ow1poQFI_27X (2)\fd4e3fa8a8d9b59e58e08119e9aba18847b932c1ec8051b0544ebde855c19d46.doc"
  21. [29.06.2021 21:25:07] Found, 0.32s, SigName: "Trojan-Dropper.VBA.Agent", SigId: 4134587, Type: "VIRUS", File: "C:\Users\promi\Desktop\ow1poQFI_27X (2)\ff3d4a11cc11d04781679ba4edded9322765f5e9f9d936e35b482b451d138991.doc"
  22. [29.06.2021 21:25:08] On-demand scan FINISHED: "user_defined"
  23. [29.06.2021 21:25:08] ----------------------------------------------------
  24. [29.06.2021 21:25:08] Directories scanned: 1
  25. [29.06.2021 21:25:08] Files scanned: 27
  26. [29.06.2021 21:25:08] Virus found: 20
  27. [29.06.2021 21:25:08] ----------------------------------------------------
复制代码


回复

举报

救命稻草
发表于 2021-6-29 11:03:44 | 显示全部楼层
24

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

wh759626933
发表于 2021-6-29 11:07:44 | 显示全部楼层
本帖最后由 wh759626933 于 2021-6-29 11:11 编辑

卡巴kill all

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

aboringman
发表于 2021-6-29 11:43:17 | 显示全部楼层
360:19(Detected,8 deleted,11 fixed)


本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

command360
发表于 2021-6-29 11:53:34 | 显示全部楼层
火绒 8/27

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

吃不胖好烦啊
发表于 2021-6-29 11:55:28 | 显示全部楼层
本帖最后由 吃不胖好烦啊 于 2021-6-29 11:59 编辑

360:

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

anthonyqian
发表于 2021-6-29 12:08:03 | 显示全部楼层
本帖最后由 anthonyqian 于 2021-6-29 12:10 编辑

bd扫描剩18个,剩下除html和一个打不开的exe 双击杀
回复

举报

hsks
 楼主| 发表于 2021-6-29 12:27:39 | 显示全部楼层
anthonyqian 发表于 2021-6-29 12:08
bd扫描剩18个,剩下除html和一个打不开的exe 双击杀

看了下,那个是dll #CobaltStrike
回复

举报

heavencc
发表于 2021-6-29 14:18:17 | 显示全部楼层
智量剩余0
  1. 2021-06-29 14:17:16 C:\Users\Stardust\Desktop\ow1poQFI_27X\ff3d4a11cc11d04781679ba4edded9322765f5e9f9d936e35b482b451d138991.doc HEUR.Office.ML.A   
  2. 2021-06-29 14:17:15 C:\Users\Stardust\Desktop\ow1poQFI_27X\b827fde51c75a1c5a400dd99d5b345f946874d77587384d31e3ca188364e92a4.dll Trojan.Generic      
  3. 2021-06-29 14:17:14 C:\Users\Stardust\Desktop\ow1poQFI_27X\fd4e3fa8a8d9b59e58e08119e9aba18847b932c1ec8051b0544ebde855c19d46.doc HEUR.Office.ML.A   
  4. 2021-06-29 14:17:14 C:\Users\Stardust\Desktop\ow1poQFI_27X\b75af3709a1cb0645ae7555d9f36305ecec8d5c1816986c1dd0f48ea3e26441c.doc HEUR.Office.ML.A   
  5. 2021-06-29 14:17:13 C:\Users\Stardust\Desktop\ow1poQFI_27X\d500ee06ed8664bcd5acfac596094aed9fe9c97c4b2b21b3b052c1eb7980a8b7.doc HEUR.Office.ML.A   
  6. 2021-06-29 14:17:13 C:\Users\Stardust\Desktop\ow1poQFI_27X\cf14b69dd241966a8e847bc32f6ce09135c49c634f803a7d0ed6ea67ef585f32.hta Trojan.Downloader.Generic
  7. 2021-06-29 14:17:12 C:\Users\Stardust\Desktop\ow1poQFI_27X\cf0a85f491146002a26b01c8aff864a39a18a70c7b5c579e96deda212bfeec58.exe Trojan.Generic      
  8. 2021-06-29 14:17:11 C:\Users\Stardust\Desktop\ow1poQFI_27X\c601014207780cd2448d3953272a43cacc9252bc86b365b7869af2a6a2ab3c09.dll Trojan.Generic      
  9. 2021-06-29 14:17:11 C:\Users\Stardust\Desktop\ow1poQFI_27X\f2cf11448b69c248425759b272f7cf2d9d95565e2dac219e08e4a469ca9086f0.hta Trojan.Downloader.Generic
  10. 2021-06-29 14:17:10 C:\Users\Stardust\Desktop\ow1poQFI_27X\bf4db025fc7e84f3d9f5c4654cf215410d9e4cd20694950a1512e967a28bd9fa.hta Trojan.Downloader.Generic
  11. 2021-06-29 14:17:09 C:\Users\Stardust\Desktop\ow1poQFI_27X\b3c17ea77c22b4f4ce232f4de674e1ab8639d063f54cc088612f73d7a7268a28.dll Trojan.Generic      
  12. 2021-06-29 14:17:09 C:\Users\Stardust\Desktop\ow1poQFI_27X\b3be02abef98fd6bde2752217b996cb0ab6ea534be8aadb9440474e1088a90af.hta Trojan.Downloader.Generic
  13. 2021-06-29 14:17:09 C:\Users\Stardust\Desktop\ow1poQFI_27X\a46458bc99e81157c17295a038fc599197805c840ecd67ecd662f9a383c8577a.doc HEUR.Office.ML.A   
  14. 2021-06-29 14:17:07 C:\Users\Stardust\Desktop\ow1poQFI_27X\9822e135cafc24d7d610a2831cd97e13c0f2b3ce1935aadde0bbbcf140395bba.dll Trojan.Generic      
  15. 2021-06-29 14:17:07 C:\Users\Stardust\Desktop\ow1poQFI_27X\97c1deed13a9dba0c5834c3961ec93f96897e45e56f1c86a641427228830fcd4.dll Trojan.Generic      
  16. 2021-06-29 14:17:06 C:\Users\Stardust\Desktop\ow1poQFI_27X\8368a955dd5d9850ed8ced6144a202368c52e065abafdb71a7960d3a90647e85.dll Trojan.Generic      
  17. 2021-06-29 14:17:05 C:\Users\Stardust\Desktop\ow1poQFI_27X\7cfd4eac092b2af1a9d30c133c385e82168ba934c931844a8aac20d1e4abaf97.hta Trojan.Downloader.Generic
  18. 2021-06-29 14:17:04 C:\Users\Stardust\Desktop\ow1poQFI_27X\7b844cc75f594f536f486b137817a497407b689725ab45c7904444e82374d4ac.exe Heur.ML.PE.A        
  19. 2021-06-29 14:17:04 C:\Users\Stardust\Desktop\ow1poQFI_27X\73854ade2c5247dbaaf5c6be29c58f57ba72db762109e635dc5df470a37e4a8f.hta Trojan.Downloader.Generic
  20. 2021-06-29 14:17:03 C:\Users\Stardust\Desktop\ow1poQFI_27X\518d92e9dcaac49258600bd988d6d2b0ebc2af74e4bc9796d83987e57297d18d.doc HEUR.Office.ML.A   
  21. 2021-06-29 14:17:02 C:\Users\Stardust\Desktop\ow1poQFI_27X\4e6ea45f01bd761bdfacc3e0397238607373b5a35f9eb8704b913252d3a19aa0.doc HEUR.Office.ML.A   
  22. 2021-06-29 14:17:02 C:\Users\Stardust\Desktop\ow1poQFI_27X\2f6e6881e714782e8cd3c3f0c92bc576d9cc008e526be5e21d13a881e5b90e0f.doc HEUR.Office.ML.A   
  23. 2021-06-29 14:17:02 C:\Users\Stardust\Desktop\ow1poQFI_27X\2417ddbc3e5f32e0817250e4f7e7dcb6b5093b272c2086130f8bc8bab07cb9bc.hta Trojan.Downloader.Generic
  24. 2021-06-29 14:17:01 C:\Users\Stardust\Desktop\ow1poQFI_27X\1cfcfa64c0e1dcce3aa0dc280fa21d6015acf3c615ce55ce23fb81813d37d799.doc HEUR.Office.ML.A   
  25. 2021-06-29 14:17:01 C:\Users\Stardust\Desktop\ow1poQFI_27X\133eaec108dcdf485a65616e0b26d8ffe1781e795b49bef6021c51679bf92c7a.doc HEUR.Office.ML.A   
  26. 2021-06-29 14:17:00 C:\Users\Stardust\Desktop\ow1poQFI_27X\0bb797aef9711d46a54f363b0d28211337605db7d84b079e91cae672f7a981d4.dll Trojan.Generic      
  27. 2021-06-29 14:16:55 C:\Users\Stardust\Desktop\ow1poQFI_27X\04fdb0fdc76d11adab9864aa36d4b54e40823ff00373b236808e47b8465a626e.doc HEUR.Office.ML.A   
复制代码
回复

举报

下一页 »
12下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-5-6 00:07 , Processed in 0.114064 second(s), 18 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表