病毒样本测试包——圣诞大包100x（附汇总）

bbs2811125

ESET彻底风骚了一把

网名丢失

还真是无语，刚刚换上诺顿就来个大翻车。

网名丢失

智量也才63，看来真是没法玩了。

整数环

xiaobao233 发表于 2021-12-25 19:34
火绒

火绒这成绩不错啊，比以前50-60%强多了，要是火绒6加上云，估计会更好

ytysh

Ahnlab V3 Lite 余 32x

ibaby

eis果然查杀很强。。

aiqinghe

正在缓冲 发表于 2021-12-25 17:45
用Panda Dome扫描这堆文件应该花了您不少时间吧

你别说，扫描速度还挺快的
就是检测率感人
看似主防的应用程序控制就是个万物杀（弹窗），没个卵用

PanzerVIIIMaus

瑞星ESM365

病毒库33.1225.0001
本地检出21/100

1. 100x\de691a498bb5c85d5c8bcc67198508b3eaaeb604bab147d53b588f7e3c34f1ce.exe        Malware.Obscure!1.A3BB
   
2. 100x\d8680e3e7156180dfdc03527ce3d4aaa672226cfc2022f4c24690b85d4f036fe.exe        Malware.Obscure!1.A3BB
   
3. 100x\d024a12783f607991e43239c14604d2aa749e86484f6c7deab274795afa585f4.exe        Malware.Obscure!1.A3BB
   
4. 100x\b554190fa5cf3c176bf3372cf00a6ca84a66a0bdb0f44071c9019f3db31d4c2a.exe        Malware.Obscure!1.A3BB
   
5. 100x\b1050efbc8ec4d8d6804f836d3bc33f69d1308f59b65aa19c98a33532bb7cfe2.dll        Trojan.Kryptik!8.8
   
6. 100x\8ae2d4d248e7ba73b0fd0b46df2458e31815624c434241eba6684a049207c926.dll        Trojan.Kryptik!8.8
   
7. 100x\898b9eddb7ad4aa2623c50eb79a25d49262b6230cf1713c825553110386fcf75.dll        Trojan.Kryptik!8.8
   
8. 100x\77d642ee065b6931e624569916a397e5a908ba5e9c4c8a75cd5035d9f6578dde.dll        Trojan.Kryptik!1.DB26
   
9. 100x\79b453329e50b1536decaaacae246fb5f1725c66e228852bf8ae16b2ae722a04.exe        Malware.Obscure!1.A3BB
   
10. 100x\7735b34fc3eb91d082aaba70f2335f649fde7cf97a76d467627fcb5c53be4787.exe        Malware.Obscure!1.A3BB
    
11. 100x\6a542df48b9a2b69cc1e16ad1eee9b3c184829b784220a5ebc1936d9824728d0.dll        Trojan.Kryptik!8.8
    
12. 100x\677f2c4c6849599ea1495487ffd91e6dfeb59972ae42c31d3266b57379deb086.exe        Stealer.OskiStealer!1.C41E
    
13. 100x\587acc97a36898f25150a97b33647c66343abfaca3bc0dd5dbcb14f849f71837.dll        Trojan.Kryptik!8.8
    
14. 100x\3f654cc740b18a83fdb840f27cf46f7c8299f51a9a2a6b97b9583ca9e9d9ca5f.exe        Malware.Obscure!1.A3BB
    
15. 100x\37255a5a834deb006cdc1190b1d10c697fdc02994c0623e94e675f031b200082.dll        Trojan.Kryptik!8.8
    
16. 100x\30b624ce45e78d37193b739d653bffef18a067bfef94a0835e266541d83cbd18.dll        Trojan.Kryptik!8.8
    
17. 100x\2061a9dcbfb65050b51f117c1aeab16efc8e6648e818a2f4f0ddf6aef362784a.dll        Trojan.Kryptik!8.8
    
18. 100x\0ac2fdc7eafedabd548779b5ec11851a4a187aac2e617866777c74fcf69fd05b.dll        Trojan.Kryptik!8.8
    
19. 100x\0239ccb0d3f610d6af8e3c5f5016bee87cf070f9e755adfc433c0afe06aeaf8b.dll        Trojan.Kryptik!8.8
    
20. 100x\0d5fad1de85eef9a74cade2bbe9e236a9d76cfbaf67ff11de080c4323b2534ec.exe        Stealer.FBAdsCard!1.CE03
    
21. 100x\0ccba1278a0362b0ac00fd948f9e69f30bf511b4137c4672672103e93f07c4e8.dll        Trojan.Kryptik!8.8
    

复制代码

追加设定：
手动扫描扫描所有文件，压缩包限制80MB/10层
扫描剩余文件
本地追加检出33/79

总侦测率54%

1. 100x\100x\ff27d627457adf1715e24ee5e0550af5fcc37096ddeae605be6c1720ec5af2ea.elf        Trojan.Win32.Generic.1A4700A1
   
2. 100x\100x\f32249315d710173571987698b3e8f2e725445ed163b410b5c501d7acd6a5e19.elf        Trojan.Win32.Generic.1A47D165
   
3. 100x\100x\f1e621f83aee14d31de8aee01616a35579b0827f15584f6c2e3de1b405924062.elf        Backdoor.Mirai/Linux!1.DAA8
   
4. 100x\100x\e576200d9fb2c8376fddacc13216b35f1b5ac396f67b3b68361a8d80c9d9bb46.elf        Trojan.Win32.Generic.1A47D166
   
5. 100x\100x\dcc99ae051b251c1bcff9cdaa7cc3accc2e80f8131959f5631b0c5c3a8800b32.elf        Trojan.Win32.Generic.1A47D168
   
6. 100x\100x\d98208dbaeb85c08d2dce9942dde2aa92097e66d22d2d23cb9f8e86d6e1b1550.elf>>unpack.upx        Trojan.Win32.Generic.1A479625
   
7. 100x\100x\d6bde8019f946af875b9dcfb63e214d19e791495e24a74626fc464fbbca1da76.elf>>unpack.upx        Trojan.Win32.Generic.1A479623
   
8. 100x\100x\d33f87ac600e025ce747fb4ebcf70e402e01cd50f224e35f462dda72e96a46ee.elf>>unpack.upx        Trojan.Win32.Generic.1A479627
   
9. 100x\100x\d2f2df0dda3848f622d2835f60c2c38776d8ec531d803e982473980ee46db286.elf>>unpack.upx        Trojan.Win32.Generic.1A479620
   
10. 100x\100x\cf4243848f23eb3b289882a0b9fdb60c4754687608054c4b1682b922714c61b0.elf>>unpack.upx        Backdoor.Mirai/Linux!1.BAF6
    
11. 100x\100x\bf43e59b23ebb9bc125d6aa9878b186ef3b76f5ccd01f79f074cb878c4bc7afa.elf        Backdoor.Mirai/Linux!1.DAA8
    
12. 100x\100x\b68c829d6df81344d3a1d8fc5fad6fb68b7f6b1ae3fd678f47e844a53c329f7f.elf>>unpack.upx        Backdoor.Mirai/Linux!1.BAF6
    
13. 100x\100x\b33fa2c004f74a06bb6c6efa2f813a8e9e81bf2913ba8a44f2098acb24b587d5.elf>>unpack.upx        Trojan.Win32.Generic.1A479621
    
14. 100x\100x\ae29c13733d888fb4b5296b14ca47e349249093698b67a5b5925f5a6b19c9271.elf        Backdoor.Mirai/Linux!1.DAA8
    
15. 100x\100x\a891c645924e56b2ee355fb1b801752314d6e4325b738a84a2ad12831560a912.elf        Trojan.Win32.Generic.1A47D162
    
16. 100x\100x\a770f94d8a3fbfaddcecc24778f0d720006268376c7ef7288c8e9ff8658c6411.elf        Trojan.Win32.Generic.1A47D169
    
17. 100x\100x\a699357cbd268a50af8d03f3d982a5d30a81ed2dba2a69987c02526098b5275c.elf>>unpack.upx        Backdoor.Mirai/Linux!1.BAF6
    
18. 100x\100x\9ab5c0a4b27bcb6e93e323278f939d109db291211793b67043a48617b42484bf.elf>>unpack.upx        Backdoor.Mirai/Linux!1.BAF6
    
19. 100x\100x\99c02458d3e19459437955c3974eebd0b1f2d537d57a33ca46f8f8555dba1b56.elf>>unpack.upx        Trojan.Win32.Generic.1A479628
    
20. 100x\100x\997903ecf79467d2a40ba95fdb0ef8138cca44f9aa46659e0660aae6455c1698.elf        Trojan.Win32.Generic.1A47D164
    
21. 100x\100x\8b7e9b6fcaa9b7485468e5f37db5c33b93f3eb22cfa266f9af82405595057fdf.elf>>unpack.upx        Backdoor.Mirai/Linux!1.BAF6
    
22. 100x\100x\8aebc7dbe81dace66b1b1f9def2631ed41557e546f963e473c3aa2c447dc6737.elf        Backdoor.Gafgyt/Linux!1.C997
    
23. 100x\100x\82e0eacc893e684c3edbe819c688213ff01044a272c254c9a42ef34ffe612490.elf        Trojan.Win32.Generic.1A47D163
    
24. 100x\100x\7df2cb998d97f39676404660360dad5213fcaaa1b454b59dc7278cdc52084856.elf        Trojan.Win32.Generic.1A479622
    
25. 100x\100x\765e6abff3312525dd5b8bba19d210bbc33d265a150802b5af6d17cc52378d65.elf>>unpack.upx        Backdoor.Mirai/Linux!1.BAF6
    
26. 100x\100x\6211ea728fbe3f2fc49729c8761c3f72ebda0ed466657143dc7ae71d1be5e983.elf>>unpack.upx        Trojan.Win32.Generic.1A479629
    
27. 100x\100x\5268c10271b8c7d8599e3084eba0cd897ef4497e5e5862e6765488a39d86d796.elf>>unpack.upx        Backdoor.Mirai/Linux!1.BAF6
    
28. 100x\100x\4b04685ebd7e80850c8edf77fe65a2fa0bf15d316d226929850b837620263e46.elf        Trojan.Win32.Generic.1A47D167
    
29. 100x\100x\3782e793cd9ce6546de641dd346967be5e98816eaa33d9b1324806998dd1b68f.elf        Backdoor.Mirai/Linux!1.DAA8
    
30. 100x\100x\3080ee3b025645039465715a533e06f1c29d80370a28892a46f1c355a7de6e5b.elf        Backdoor.Mirai/Linux!1.DAA8
    
31. 100x\100x\1c03c8ff10863ceebe96f02677bcbde941c246c7e0973075242af7319a83d752.elf        Backdoor.Mirai/Linux!1.BFBA
    
32. 100x\100x\08f5f49adadb7f3b1236fb48325750ea8c9ccc9d9073fb59ca4ddfa44537df7f.elf>>unpack.upx        Backdoor.Mirai/Linux!1.BAF6
    
33. 100x\100x\0491a5e5c96a59142063312c3260f660b841859bec5bd2a0963cbd1976369c3a.elf>>unpack.upx        Backdoor.Yakuza/Linux!1.DA94
    

复制代码

经过多重排查，重新恢复了在所有网络情况下的云连接：
病毒库：33.1227.0001

余11
此时总侦测率89%

wwwab

aiqinghe 发表于 2021-12-26 09:13
你别说，扫描速度还挺快的
就是检测率感人
看似主防的应用程序控制就是个万物杀（弹窗），没个 ...

因为什么都扫描不出来，所以才会快，你用过2345应该就会深有体会了

anthonyqian

网名丢失 发表于 2021-12-26 02:56
还真是无语，刚刚换上诺顿就来个大翻车。

诺顿普通扫描不怎么杀elf apk 等样本。。。可以试试看附带的NPE扫描