收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 18x
12
返回列表 发新帖
楼主: Jerry.Lin
 收起左侧

[病毒样本] 18x

[复制链接]
Shake2333
发表于 2021-7-4 21:59:06 | 显示全部楼层
fsp扫描剩2个

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

吃不胖好烦啊
发表于 2021-7-4 22:06:58 | 显示全部楼层
360

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

aboringman
发表于 2021-7-4 22:22:14 | 显示全部楼层
本帖最后由 aboringman 于 2021-7-5 00:35 编辑

卡巴剩余的全部干掉回滚。


试了下歌德塔,有点迷惑。。。。。。16X检出,剩下两个双击被DeepRay击杀(先杀衍生物,回滚注册表键值和衍生物,本体又不杀?等到双击本体又杀掉了,报键盘记录器。。。。。。)
  1. G DATA INTERNET SECURITY has blocked the execution of malicious software on your system.

  3. The malicious software was identified by DeepRay as follows: Keylogger3;Keylogger5

  5. The following processes were therefore terminated by G DATA for security reasons:
  6.         ----------------------------------------------------------------
  7.         C:\Users\123456\Desktop\Kafan_Sample_9c47144323b358b295f531b1bb57383e7be70f426e2ca8a66c3f9a1f9705790a.com (PID 4748)

  9. G DATA INTERNET SECURITY has blocked the execution of malicious software on your system.

  11. The malicious software was identified by DeepRay as follows: Keylogger3;Keylogger5

  13. The following processes were therefore terminated by G DATA for security reasons:
  14.         ----------------------------------------------------------------
  15.         C:\Users\123456\Desktop\Kafan_Sample_4d23cbc1c623d66ae0fc10930f655f64379d8cc3fa95701b5560b0f95aef0c2c.com (PID 2860)
复制代码


本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

Nocria
发表于 2021-7-4 22:28:08 | 显示全部楼层
本帖最后由 Nocria 于 2021-7-4 22:36 编辑

IKARUS - 16/18
  1. [04.07.2021 22:30:26] On-demand scan started: "user_defined"
  2. [04.07.2021 22:30:26] Found, 0.16s, SigName: "Trojan.Win32.Farfli", SigId: 3927352, Type: "VIRUS", File: "C:\Users\promi\Desktop\utf-8''q6JEbR2R_2\Kafan_Sample_076bf8b719783073d23bbb5e209329cba8288a1790f32584b0837fd4d2fb0fd6.exe"
  3. [04.07.2021 22:30:26] Found, 0.63s, SigName: "Trojan.Win32.Farfli", SigId: 3927352, Type: "VIRUS", File: "C:\Users\promi\Desktop\utf-8''q6JEbR2R_2\Kafan_Sample_09913df8fa77f94bc079edd69162c28ec39401c8ac76fbc5224f645cdb768970.exe"
  4. [04.07.2021 22:30:26] Found, 0.422s, SigName: "Trojan.Win32.Krypt", SigId: 3507930, Type: "VIRUS", File: "C:\Users\promi\Desktop\utf-8''q6JEbR2R_2\Kafan_Sample_17f2f3d69de606d36304a882b805226fde8ed55ff018700aabf2b7692e9d6a4b.com"
  5. [04.07.2021 22:30:26] Found, 0.390s, SigName: "Trojan.Win32.Farfli", SigId: 3927352, Type: "VIRUS", File: "C:\Users\promi\Desktop\utf-8''q6JEbR2R_2\Kafan_Sample_276fce0b19a586a3d825f1cd300e000f9705275343606f13f8391ee951be6727.exe"
  6. [04.07.2021 22:30:26] Found, 0.47s, SigName: "Trojan.Win32.Farfli", SigId: 3927352, Type: "VIRUS", File: "C:\Users\promi\Desktop\utf-8''q6JEbR2R_2\Kafan_Sample_47e1c9b6b73c8fbe70dc8c941703ea8d7b87be8c7838e9924b262d07197c9b34.exe"
  7. [04.07.2021 22:30:26] Found, 0.15s, SigName: "Trojan.Win32.Farfli", SigId: 3927352, Type: "VIRUS", File: "C:\Users\promi\Desktop\utf-8''q6JEbR2R_2\Kafan_Sample_5dfad5c64c6e301c0789f8853be476be7580122d091993687ebfae8b748e4e4d.exe"
  8. [04.07.2021 22:30:26] Found, 0.15s, SigName: "Trojan.Win32.Farfli", SigId: 3927352, Type: "VIRUS", File: "C:\Users\promi\Desktop\utf-8''q6JEbR2R_2\Kafan_Sample_7769be660c6b48d73bb31fc4b2140b7a9a4df26b8e424871a37e9f71c0f6a130.exe"
  9. [04.07.2021 22:30:26] Found, 0.16s, SigName: "Trojan.Win32.Farfli", SigId: 3927352, Type: "VIRUS", File: "C:\Users\promi\Desktop\utf-8''q6JEbR2R_2\Kafan_Sample_787297deb7931fa993e7c304e69577ea0398cb67af8daec9309b176eba1d3d6f.exe"
  10. [04.07.2021 22:30:26] Found, 0.00s, SigName: "Trojan.Win32.Farfli", SigId: 3927352, Type: "VIRUS", File: "C:\Users\promi\Desktop\utf-8''q6JEbR2R_2\Kafan_Sample_a325742b5d21b9408732096e4af5f1c562cf6817efa129c7d00aa6dd611504f1.exe"
  11. [04.07.2021 22:30:26] Found, 0.16s, SigName: "Trojan.Win32.Farfli", SigId: 3927352, Type: "VIRUS", File: "C:\Users\promi\Desktop\utf-8''q6JEbR2R_2\Kafan_Sample_a8d2a17399c290bd24c445bf02672ab82dcec3d648394b7080251657ece1e1d6.exe"
  12. [04.07.2021 22:30:26] Found, 0.31s, SigName: "Trojan.Win32.Farfli", SigId: 3927352, Type: "VIRUS", File: "C:\Users\promi\Desktop\utf-8''q6JEbR2R_2\Kafan_Sample_ba7fda7f80ae47745410db83328ed831e8cbe99135c6d76a28da364991fe93f8.exe"
  13. [04.07.2021 22:30:26] Found, 0.15s, SigName: "Trojan.Win32.Farfli", SigId: 3927352, Type: "VIRUS", File: "C:\Users\promi\Desktop\utf-8''q6JEbR2R_2\Kafan_Sample_dd9d4b2a47904c2517c322d7f19004a21effe2d0144f320f6211473c55940907.exe"
  14. [04.07.2021 22:30:27] Found, 0.360s, SigName: "Trojan.Win32.Krypt", SigId: 3507930, Type: "VIRUS", File: "C:\Users\promi\Desktop\utf-8''q6JEbR2R_2\Kafan_Sample_e295f226272af5c1e0780329a0d33878b4e013f2bce3c0be02eb8e00945d76e5.com"
  15. [04.07.2021 22:30:27] Found, 0.360s, SigName: "Trojan.Win32.Farfli", SigId: 3927352, Type: "VIRUS", File: "C:\Users\promi\Desktop\utf-8''q6JEbR2R_2\Kafan_Sample_f012a0b457b7a0283d493879df89a5671aa1a7b4b30499dc52aa6a90d6b58a50.exe"
  16. [04.07.2021 22:30:27] Found, 0.359s, SigName: "Trojan.Win32.Krypt", SigId: 3507930, Type: "VIRUS", File: "C:\Users\promi\Desktop\utf-8''q6JEbR2R_2\Kafan_Sample_f2f434ba3772b320f34f7eb321341308dd11a3248f1a5029e5bee1227fbac4ae.com"
  17. [04.07.2021 22:30:27] Found, 0.375s, SigName: "Trojan.Win32.Crypt", SigId: 4110365, Type: "VIRUS", File: "C:\Users\promi\Desktop\utf-8''q6JEbR2R_2\Kafan_Sample_fc8d91df98353a35e1c811135c5f1e7a3890c982616772957d2f3c5ee823e383.com"
  18. [04.07.2021 22:30:27] On-demand scan FINISHED: "user_defined"
  19. [04.07.2021 22:30:27] ----------------------------------------------------
  20. [04.07.2021 22:30:27] Directories scanned: 1
  21. [04.07.2021 22:30:27] Files scanned: 18
  22. [04.07.2021 22:30:27] Virus found: 16
  23. [04.07.2021 22:30:27] ----------------------------------------------------
复制代码

Malwarebytes - 16/18


本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

ANY.LNK
发表于 2021-7-4 23:04:50 | 显示全部楼层
Microsoft Defender:解压杀16个,扫描杀剩下两个,清空

评分

参与人数 1人气 +3 收起 理由
曲中求 + 3 很给力!

查看全部评分

回复

举报

救命稻草
发表于 2021-7-5 00:11:34 | 显示全部楼层
瑞星剩5X

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

心心相印
发表于 2021-7-5 09:33:31 | 显示全部楼层
红伞余2x
回复

举报

dongwenqi
发表于 2021-7-6 19:39:11 | 显示全部楼层
薪媛 发表于 2021-7-4 21:32
卡巴  扫描13 剩5个双击后全杀回滚

Hello,

New malicious software was found in the attached files:
Kafan_Sample_17f2f3d69de606d36304a882b805226fde8ed55ff018700aabf2b7692e9d6a4b.com_ - HEUR:Trojan.Win32.Agentb.gen
Kafan_Sample_4d23cbc1c623d66ae0fc10930f655f64379d8cc3fa95701b5560b0f95aef0c2c.com_ - HEUR:Trojan.Win32.Agentb.gen
Kafan_Sample_e295f226272af5c1e0780329a0d33878b4e013f2bce3c0be02eb8e00945d76e5.com_ - HEUR:Trojan.Win32.Agentb.gen
Kafan_Sample_f2f434ba3772b320f34f7eb321341308dd11a3248f1a5029e5bee1227fbac4ae.com_ - HEUR:Trojan.Win32.Agentb.gen
Its detection will be included in the next update.
Thank you for your help.
回复

举报

InnoriaAlter
头像被屏蔽
发表于 2021-7-6 21:48:37 | 显示全部楼层




eset 还剩5个

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

12
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-5-6 01:36 , Processed in 0.141841 second(s), 16 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表