收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 2021-08-10-TA551-BazarLoader-with-CobaltStrike-malwa ...
12
返回列表 发新帖
楼主: hsks
 收起左侧

[病毒样本] 2021-08-10-TA551-BazarLoader-with-CobaltStrike-malware-samples

[复制链接]
SayWhat13
发表于 2021-8-11 15:03:12 | 显示全部楼层
本帖最后由 SayWhat13 于 2021-8-11 15:04 编辑

Malwarebytes杀10
www.malwarebytes.com

  2. -Log Details-
  3. Scan Date: 8/11/21
  4. Scan Time: 3:01 PM
  5. Log File: f8692812-fa71-11eb-84fd-489ebd2588e4.json

  7. -Software Information-
  8. Version: 4.4.4.126
  9. Components Version: 1.0.1413
  10. Update Package Version: 1.0.44032
  11. License: Premium

  13. -Scan Summary-
  14. Scan Type: Custom Scan
  15. Scan Initiated By: Manual
  16. Result: Completed
  17. Objects Scanned: 31
  18. Threats Detected: 10
  19. Threats Quarantined: 10
  20. Time Elapsed: 0 min, 14 sec

  22. -Scan Options-
  23. Memory: Disabled
  24. Startup: Disabled
  25. Filesystem: Enabled
  26. Archives: Enabled
  27. Rootkits: Disabled
  28. Heuristics: Enabled
  29. PUP: Detect
  30. PUM: Detect

  32. -Scan Details-
  33. Process: 0
  34. (No malicious items detected)

  36. Module: 0
  37. (No malicious items detected)

  39. Registry Key: 0
  40. (No malicious items detected)

  42. Registry Value: 0
  43. (No malicious items detected)

  45. Registry Data: 0
  46. (No malicious items detected)

  48. Data Stream: 0
  49. (No malicious items detected)

  51. Folder: 0
  52. (No malicious items detected)

  54. File: 10
  55. RiskWare.ExtensionMismatch, C:\USERS\HP\DOWNLOADS\COMPRESSED\3POJ8MF9_2021-08-10-TA551-BAZARLOADER-WITH-COBALTSTRIKE-MALWARE-SAMPLES\HTA-AND-DLL-FILES\INSTALLSETUPSTART.JPG, Quarantined, 12142, 79314, 1.0.44032, , ame, , C55B65A202F19CF40E569A05684DA6F6, 6BA18D4835C77CEB9DAD64B870BB3BECB041017C2EF59FFD417D9BCEDBD1BFE5
  56. RiskWare.ExtensionMismatch, C:\USERS\HP\DOWNLOADS\COMPRESSED\3POJ8MF9_2021-08-10-TA551-BAZARLOADER-WITH-COBALTSTRIKE-MALWARE-SAMPLES\HTA-AND-DLL-FILES\STARTMIX.JPG, Quarantined, 12142, 79314, 1.0.44032, , ame, , 46454D614F3DFF8C7DE526F5A8849466, 92F08770E9D9C86FF5DC8384CA46A0BF70E407BEBD4D3D5AAF5DCBCAD05791D8
  57. RiskWare.ExtensionMismatch, C:\USERS\HP\DOWNLOADS\COMPRESSED\3POJ8MF9_2021-08-10-TA551-BAZARLOADER-WITH-COBALTSTRIKE-MALWARE-SAMPLES\HTA-AND-DLL-FILES\INSTALLVIDEO.JPG, Quarantined, 12142, 79314, 1.0.44032, , ame, , 6BAEB5A0CD83E3A9878DC4D6D7A5509C, 029B714502283599A5EFB86D41C48FD46751AB727B707BDE620E517EC3AA3C39
  58. RiskWare.ExtensionMismatch, C:\USERS\HP\DOWNLOADS\COMPRESSED\3POJ8MF9_2021-08-10-TA551-BAZARLOADER-WITH-COBALTSTRIKE-MALWARE-SAMPLES\HTA-AND-DLL-FILES\MP4WAVBEFORE.JPG, Quarantined, 12142, 79314, 1.0.44032, , ame, , F773D2547B618EDE21759282FC4F0CD2, 1F0F521CA8586846C9623F7BDBEFBBBC84CEC351AC3925DC66E8C59E44CB1713
  59. RiskWare.ExtensionMismatch, C:\USERS\HP\DOWNLOADS\COMPRESSED\3POJ8MF9_2021-08-10-TA551-BAZARLOADER-WITH-COBALTSTRIKE-MALWARE-SAMPLES\HTA-AND-DLL-FILES\PLAYINSTALL.JPG, Quarantined, 12142, 79314, 1.0.44032, , ame, , 295A6F94BDE7AD570ED22653533B142C, 3638E918A3F0DFA6A610BCF906E6BD2413BE02621154800FC18A0DD15D43F142
  60. RiskWare.ExtensionMismatch, C:\USERS\HP\DOWNLOADS\COMPRESSED\3POJ8MF9_2021-08-10-TA551-BAZARLOADER-WITH-COBALTSTRIKE-MALWARE-SAMPLES\HTA-AND-DLL-FILES\STOPPLAY.JPG, Quarantined, 12142, 79314, 1.0.44032, , ame, , F3CCF2596704547B246CBC3BDDC301F6, F4147B15DE09F117235FA765C9796D6FF424F703D34ACDBFCF2D1177B0F2DF1A
  61. RiskWare.ExtensionMismatch, C:\USERS\HP\DOWNLOADS\COMPRESSED\3POJ8MF9_2021-08-10-TA551-BAZARLOADER-WITH-COBALTSTRIKE-MALWARE-SAMPLES\HTA-AND-DLL-FILES\VIDEOSTOPVIDEO.JPG, Quarantined, 12142, 79314, 1.0.44032, , ame, , 590361F848DB0027505396828F95868A, 36D4159D7D413FCE963687F89EC4AEC7EE8AB6FBA05697E0BA0634DB36A673A8
  62. RiskWare.ExtensionMismatch, C:\USERS\HP\DOWNLOADS\COMPRESSED\3POJ8MF9_2021-08-10-TA551-BAZARLOADER-WITH-COBALTSTRIKE-MALWARE-SAMPLES\HTA-AND-DLL-FILES\STOPSTOPDATE.JPG, Quarantined, 12142, 79314, 1.0.44032, , ame, , 8E0FEF8EA7204E668B3CAB3BFB4CA096, 41EE1D7254BE06B34250D38FC6D0406A5FEBB22187E14FD50511E39069091391
  63. RiskWare.ExtensionMismatch, C:\USERS\HP\DOWNLOADS\COMPRESSED\3POJ8MF9_2021-08-10-TA551-BAZARLOADER-WITH-COBALTSTRIKE-MALWARE-SAMPLES\HTA-AND-DLL-FILES\MP3MP4.JPG, Quarantined, 12142, 79314, 1.0.44032, , ame, , 2552F71685C4BD3379EBC4F971BF26C6, 612F74D0A1F2F90A5A4AE11889755EA68656967CF0401E15D9C375DDCFB1D9E7
  64. RiskWare.ExtensionMismatch, C:\USERS\HP\DOWNLOADS\COMPRESSED\3POJ8MF9_2021-08-10-TA551-BAZARLOADER-WITH-COBALTSTRIKE-MALWARE-SAMPLES\HTA-AND-DLL-FILES\VIDEOINSTALL.JPG, Quarantined, 12142, 79314, 1.0.44032, , ame, , 738025A0727D4F95C08895447B936247, 5590123543C7E78AF3C7911466B6C4147F1B39928F648A252132BAF06F2B1153

  66. Physical Sector: 0
  67. (No malicious items detected)

  69. WMI: 0
  70. (No malicious items detected)


  73. (end)
复制代码

回复

举报

心醉咖啡
发表于 2021-8-11 19:04:53 | 显示全部楼层
毒霸
  1. 扫描时间:[2021-08-11 19:04:18]
  2. 扫描用时:[00:00:08]
  3. 扫描类型:自定义查杀
  4. 扫描文件总数:31
  5. 扫描速度:3文件/秒
  6. 发现威胁:30个
  7. 清除威胁:30个
  8. =============================================
  9. [2021-08-11 19:04:36]
  10. 威胁:e:\浏览器下载\3poj8mf9_2021-08-10-ta551-bazarloader-with-cobaltstrike-malware-samples\hta-and-dll-files\2021-08-10-ta551-hta-file-example-01.txt
  11. 类型:win32.scriptc.undef.a.(kcloud)
  12. 处理方式:删除

  14. [2021-08-11 19:04:36]
  15. 威胁:e:\浏览器下载\3poj8mf9_2021-08-10-ta551-bazarloader-with-cobaltstrike-malware-samples\hta-and-dll-files\2021-08-10-ta551-hta-file-example-02.txt
  16. 类型:win32.scriptc.undef.a.(kcloud)
  17. 处理方式:删除

  19. [2021-08-11 19:04:36]
  20. 威胁:e:\浏览器下载\3poj8mf9_2021-08-10-ta551-bazarloader-with-cobaltstrike-malware-samples\hta-and-dll-files\2021-08-10-ta551-hta-file-example-03.txt
  21. 类型:win32.scriptc.undef.a.(kcloud)
  22. 处理方式:删除

  24. [2021-08-11 19:04:36]
  25. 威胁:e:\浏览器下载\3poj8mf9_2021-08-10-ta551-bazarloader-with-cobaltstrike-malware-samples\hta-and-dll-files\2021-08-10-ta551-hta-file-example-04.txt
  26. 类型:win32.scriptc.undef.a.(kcloud)
  27. 处理方式:删除

  29. [2021-08-11 19:04:36]
  30. 威胁:e:\浏览器下载\3poj8mf9_2021-08-10-ta551-bazarloader-with-cobaltstrike-malware-samples\hta-and-dll-files\2021-08-10-ta551-hta-file-example-05.txt
  31. 类型:win32.scriptc.undef.a.(kcloud)
  32. 处理方式:删除

  34. [2021-08-11 19:04:36]
  35. 威胁:e:\浏览器下载\3poj8mf9_2021-08-10-ta551-bazarloader-with-cobaltstrike-malware-samples\hta-and-dll-files\2021-08-10-ta551-hta-file-example-06.txt
  36. 类型:win32.scriptc.undef.a.(kcloud)
  37. 处理方式:删除

  39. [2021-08-11 19:04:36]
  40. 威胁:e:\浏览器下载\3poj8mf9_2021-08-10-ta551-bazarloader-with-cobaltstrike-malware-samples\hta-and-dll-files\2021-08-10-ta551-hta-file-example-07.txt
  41. 类型:win32.scriptc.undef.a.(kcloud)
  42. 处理方式:删除

  44. [2021-08-11 19:04:36]
  45. 威胁:e:\浏览器下载\3poj8mf9_2021-08-10-ta551-bazarloader-with-cobaltstrike-malware-samples\hta-and-dll-files\2021-08-10-ta551-hta-file-example-08.txt
  46. 类型:win32.scriptc.undef.a.(kcloud)
  47. 处理方式:删除

  49. [2021-08-11 19:04:36]
  50. 威胁:e:\浏览器下载\3poj8mf9_2021-08-10-ta551-bazarloader-with-cobaltstrike-malware-samples\hta-and-dll-files\2021-08-10-ta551-hta-file-example-09.txt
  51. 类型:win32.scriptc.undef.a.(kcloud)
  52. 处理方式:删除

  54. [2021-08-11 19:04:36]
  55. 威胁:e:\浏览器下载\3poj8mf9_2021-08-10-ta551-bazarloader-with-cobaltstrike-malware-samples\hta-and-dll-files\2021-08-10-ta551-hta-file-example-10.txt
  56. 类型:win32.scriptc.undef.a.(kcloud)
  57. 处理方式:删除

  59. [2021-08-11 19:04:36]
  60. 威胁:e:\浏览器下载\3poj8mf9_2021-08-10-ta551-bazarloader-with-cobaltstrike-malware-samples\hta-and-dll-files\installsetupstart.jpg
  61. 类型:win32.troj.generic_a.a.(kcloud)
  62. 处理方式:删除

  64. [2021-08-11 19:04:36]
  65. 威胁:e:\浏览器下载\3poj8mf9_2021-08-10-ta551-bazarloader-with-cobaltstrike-malware-samples\hta-and-dll-files\installvideo.jpg
  66. 类型:win32.troj.generic_a.a.(kcloud)
  67. 处理方式:删除

  69. [2021-08-11 19:04:36]
  70. 威胁:e:\浏览器下载\3poj8mf9_2021-08-10-ta551-bazarloader-with-cobaltstrike-malware-samples\hta-and-dll-files\mp3mp4.jpg
  71. 类型:win32.troj.generic_a.a.(kcloud)
  72. 处理方式:删除

  74. [2021-08-11 19:04:36]
  75. 威胁:e:\浏览器下载\3poj8mf9_2021-08-10-ta551-bazarloader-with-cobaltstrike-malware-samples\hta-and-dll-files\mp4wavbefore.jpg
  76. 类型:win32.troj.generic_a.a.(kcloud)
  77. 处理方式:删除

  79. [2021-08-11 19:04:36]
  80. 威胁:e:\浏览器下载\3poj8mf9_2021-08-10-ta551-bazarloader-with-cobaltstrike-malware-samples\hta-and-dll-files\playinstall.jpg
  81. 类型:win32.troj.generic_a.a.(kcloud)
  82. 处理方式:删除

  84. [2021-08-11 19:04:36]
  85. 威胁:e:\浏览器下载\3poj8mf9_2021-08-10-ta551-bazarloader-with-cobaltstrike-malware-samples\hta-and-dll-files\startmix.jpg
  86. 类型:win32.troj.generic_a.a.(kcloud)
  87. 处理方式:删除

  89. [2021-08-11 19:04:36]
  90. 威胁:e:\浏览器下载\3poj8mf9_2021-08-10-ta551-bazarloader-with-cobaltstrike-malware-samples\hta-and-dll-files\stopplay.jpg
  91. 类型:win32.troj.generic_a.a.(kcloud)
  92. 处理方式:删除

  94. [2021-08-11 19:04:36]
  95. 威胁:e:\浏览器下载\3poj8mf9_2021-08-10-ta551-bazarloader-with-cobaltstrike-malware-samples\hta-and-dll-files\stopstopdate.jpg
  96. 类型:win32.troj.generic_a.a.(kcloud)
  97. 处理方式:删除

  99. [2021-08-11 19:04:36]
  100. 威胁:e:\浏览器下载\3poj8mf9_2021-08-10-ta551-bazarloader-with-cobaltstrike-malware-samples\hta-and-dll-files\videoinstall.jpg
  101. 类型:win32.troj.generic_a.a.(kcloud)
  102. 处理方式:删除

  104. [2021-08-11 19:04:36]
  105. 威胁:e:\浏览器下载\3poj8mf9_2021-08-10-ta551-bazarloader-with-cobaltstrike-malware-samples\hta-and-dll-files\videostopvideo.jpg
  106. 类型:win32.troj.generic_a.a.(kcloud)
  107. 处理方式:删除

  109. [2021-08-11 19:04:36]
  110. 威胁:e:\浏览器下载\3poj8mf9_2021-08-10-ta551-bazarloader-with-cobaltstrike-malware-samples\extracted-docs\bid,08.21.doc
  111. 类型:win32.scriptc.undef.a.(kcloud)
  112. 处理方式:删除

  114. [2021-08-11 19:04:36]
  115. 威胁:e:\浏览器下载\3poj8mf9_2021-08-10-ta551-bazarloader-with-cobaltstrike-malware-samples\extracted-docs\docs,08.010.2021.doc
  116. 类型:win32.scriptc.undef.a.(kcloud)
  117. 处理方式:删除

  119. [2021-08-11 19:04:36]
  120. 威胁:e:\浏览器下载\3poj8mf9_2021-08-10-ta551-bazarloader-with-cobaltstrike-malware-samples\extracted-docs\instruct 08.21.doc
  121. 类型:win32.scriptc.undef.a.(kcloud)
  122. 处理方式:删除

  124. [2021-08-11 19:04:36]
  125. 威胁:e:\浏览器下载\3poj8mf9_2021-08-10-ta551-bazarloader-with-cobaltstrike-malware-samples\extracted-docs\legal paper-08.21.doc
  126. 类型:win32.scriptc.undef.a.(kcloud)
  127. 处理方式:删除

  129. [2021-08-11 19:04:36]
  130. 威胁:e:\浏览器下载\3poj8mf9_2021-08-10-ta551-bazarloader-with-cobaltstrike-malware-samples\extracted-docs\material-08.21.doc
  131. 类型:win32.scriptc.undef.a.(kcloud)
  132. 处理方式:删除

  134. [2021-08-11 19:04:36]
  135. 威胁:e:\浏览器下载\3poj8mf9_2021-08-10-ta551-bazarloader-with-cobaltstrike-malware-samples\extracted-docs\official paper-08.21.doc
  136. 类型:win32.scriptc.undef.a.(kcloud)
  137. 处理方式:删除

  139. [2021-08-11 19:04:36]
  140. 威胁:e:\浏览器下载\3poj8mf9_2021-08-10-ta551-bazarloader-with-cobaltstrike-malware-samples\extracted-docs\report.08.21.doc
  141. 类型:win32.scriptc.undef.a.(kcloud)
  142. 处理方式:删除

  144. [2021-08-11 19:04:36]
  145. 威胁:e:\浏览器下载\3poj8mf9_2021-08-10-ta551-bazarloader-with-cobaltstrike-malware-samples\extracted-docs\rule 08.010.2021.doc
  146. 类型:win32.scriptc.undef.a.(kcloud)
  147. 处理方式:删除

  149. [2021-08-11 19:04:36]
  150. 威胁:e:\浏览器下载\3poj8mf9_2021-08-10-ta551-bazarloader-with-cobaltstrike-malware-samples\extracted-docs\specifics.08.21.doc
  151. 类型:win32.scriptc.undef.a.(kcloud)
  152. 处理方式:删除

  154. [2021-08-11 19:04:36]
  155. 威胁:e:\浏览器下载\3poj8mf9_2021-08-10-ta551-bazarloader-with-cobaltstrike-malware-samples\extracted-docs\statistics_08.21.doc
  156. 类型:win32.scriptc.undef.a.(kcloud)
  157. 处理方式:删除

复制代码
回复

举报

12
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-4-25 21:18 , Processed in 0.097246 second(s), 13 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表