0129新样本100x测试

ericdj

Norton
剩余19个，处理79个

东南大学

小红伞扫描检出58x

1. c:\Downloads\20220129\100x\0b668d0ac89d5da1526be831f7b8c3f2af54c5dbc68c0c9ce886183ec518c051.exe <<< Is the TR/Dropper.MSIL.qaimb Trojan [renamed]
   
2. c:\Downloads\20220129\100x\1c602add0bd1296d58b6d64283cfd033163bbc5e210603a2dd8a8b1b725aa8ba.exe <<< Is the TR/Crypt.XPACK.Gen7 Trojan [renamed]
   
3. c:\Downloads\20220129\100x\2cfc1750ac535aebfe7fcd10fe714091c37f89021c4898e617f5e08b6e5ff02d.exe <<< Is the TR/Dropper.Gen7 Trojan [renamed]
   
4. c:\Downloads\20220129\100x\02d420f415d9b6f0a78d91d174ae890dcd1d07aaed96631caf6425d482f2839b.exe <<< Is the TR/AD.GenSteal.abfxe Trojan [renamed]
   
5. c:\Downloads\20220129\100x\2f38c5807d6840f70db50dc14a8610c2370a1ecff1760e4aa19a9e2f265713c6.exe <<< Is the TR/Spy.Gen8 Trojan [renamed]
   
6. c:\Downloads\20220129\100x\3aa7c1756484419ea491d279ee27158c784eddbb6257211a4b52cb5cb95d45b8.exe <<< Is the TR/Kryptik.jzmit Trojan [renamed]
   
7. c:\Downloads\20220129\100x\4e8676bf3affb95f5a67ce79c3f38cfc45587eb91e324d0797f7a4c282979880.xlsx <<< Contains code of the W97M/Dldr.Emotet.xaplk Word macro virus [renamed]
   
8. c:\Downloads\20220129\100x\4f91e4f43561ff1fb717505dda23724c0184f5dea64bf0aadd0bbb88de71a4db.exe <<< Contains HEUR/AGEN.1120077 suspicious code [renamed]
   
9. c:\Downloads\20220129\100x\6cceb976e0d0be07b25183e8f862680e5cb39d39142ab1f94c6ec29cf44ffd4f.xlsx <<< Contains recognition pattern of the EXP/CVE-2017-11882.ylatr exploit [renamed]
   
10. c:\Downloads\20220129\100x\6e5b76a27edc9ab83b7158d8395bc2f8c14b3bf420907b5645feddb17672c03e.dll <<< Is the TR/Spy.Banker.davod Trojan [renamed]
    
11. c:\Downloads\20220129\100x\6f401d7546fc2bd85b659a1d30a89bf21451e327e2712ab86f1a3dec421b7e64.xlsx <<< Contains recognition pattern of the EXP/CVE-2017-11882.bczik exploit [renamed]
    
12. c:\Downloads\20220129\100x\7babdd2c7d3752b7b48729110f0ab94de7cf74c478b7e1ea7a71a468748e70c0.exe <<< Is the TR/Injector.dthih Trojan [renamed]
    
13. c:\Downloads\20220129\100x\7c8843dc287993015255cfdfe0cb688629119f71c695c37387064a7d0968cbaf.exe <<< Is the TR/AD.GenSteal.xmylx Trojan [renamed]
    
14. c:\Downloads\20220129\100x\8a1f3bf6fede5567536ef4d0b5d96451cfb1bea8b6c643752cf8475747410063.exe <<< Is the TR/Kryptik.miukw Trojan [renamed]
    
15. c:\Downloads\20220129\100x\8e24cc8ba2e09ecce201cc8cb0d23331f19b197d6cd707ff1ae306a398f718e9.xlsx <<< Contains code of the W97M/YAV.Minerva.fsmpw Word macro virus [renamed]
    
16. c:\Downloads\20220129\100x\9ba99ef6e07d224b950b451c6e414e9c12ef7429d8e59d5cd841ffbc3c5369ec.exe <<< Contains HEUR/AGEN.1145587 suspicious code [renamed]
    
17. c:\Downloads\20220129\100x\9d17ef60c2fe51c9ddd8c03a519059d3eddfd2ac8803ac5d7d91a71075810887.exe <<< Contains HEUR/AGEN.1145685 suspicious code [renamed]
    
18. c:\Downloads\20220129\100x\16baebd1adfc1bae6e35773b383875ac831a011fefed63a0506b875596274b8c.exe <<< Contains HEUR/AGEN.1145349 suspicious code [renamed]
    
19. c:\Downloads\20220129\100x\16ea27ea74e262cd792709a6e19ff6bc0781f609023d508e262df14686ef69d7.xlsx <<< Contains code of the W97M/Dldr.Emotet.yhvlp Word macro virus [renamed]
    
20. c:\Downloads\20220129\100x\18c2d978e426897c9109aa5bf6aac52bec2b834edea77978c6342d2109e41cab.xlsx <<< Contains code of the W97M/Dldr.Emotet.kgodz Word macro virus [renamed]
    
21. c:\Downloads\20220129\100x\24a80a4b6c6625d42c81248be8783903cd10d4704763dc725955900fab72dfab.exe <<< Is the TR/AD.Inject.syzdt Trojan [renamed]
    
22. c:\Downloads\20220129\100x\41b58cddca86e32e7034daf8e97dcdaa04ac6cdcb41eae86be1c3fa7fd05c871.xlsx <<< Contains recognition pattern of the EXP/CVE-2017-11882.iqwcw exploit [renamed]
    
23. c:\Downloads\20220129\100x\58e1144f23db9178e2d8fc84a5494950b6da143d71705e112a65c687471156d5.xlsx <<< Contains code of the W97M/Dldr.Emotet.rkuye Word macro virus [renamed]
    
24. c:\Downloads\20220129\100x\69bae63d802887e2d994022011465c7f0bc42b1f0adefcee8dcbbfe243118b15.exe <<< Is the TR/Injector.zjshp Trojan [renamed]
    
25. c:\Downloads\20220129\100x\83ea16c53988fd7e522fa373ee71089ac84cdfbd8cdea6c5a54afc61a5fc0389.exe <<< Is the TR/AgentTesla.yzerc Trojan [renamed]
    
26. c:\Downloads\20220129\100x\268f5e4b066f55e8c8f920b68ac1092fef1bac7e80822991043acc7f2d5fd2de.dll <<< Is the TR/AD.Nekark.gyfun Trojan [renamed]
    
27. c:\Downloads\20220129\100x\363e106f6ad1800b11928f8b254828c08a5c74b98939578803106e19b3f2db56.exe <<< Is the TR/AD.StellarStealer.fyzqh Trojan [renamed]
    
28. c:\Downloads\20220129\100x\562c7815dd2bbe330531f3ba64f189b11669214fc94263cdf961ce5dc833d105.exe <<< Is the TR/Dropper.Gen Trojan [renamed]
    
29. c:\Downloads\20220129\100x\637dd7cb5c579d38f6e17ed3befe1b5852a2e49d2a1cc1428ba2d290bbf60c94.xlsx <<< Contains code of the W97M/YAV.Minerva.eozus Word macro virus [renamed]
    
30. c:\Downloads\20220129\100x\2518a50e9483da255cb061cb5eb966f41f39daf912341e7cf4442da4b362da8c.exe <<< Is the TR/Kryptik.edtoq Trojan [renamed]
    
31. c:\Downloads\20220129\100x\7649a43612652c0b32353e7ae9898150f885a770db0d024d0d034c4171d5d684.xls <<< Contains code of the W97M/Dldr.Agent.suevz Word macro virus [renamed]
    
32. c:\Downloads\20220129\100x\21087a9952d89aaad69f40e4b206105fae75d1d3b2fabffbb4bd4f5297d84cc5.exe <<< Contains HEUR/AGEN.1105324 suspicious code [renamed]
    
33. c:\Downloads\20220129\100x\67741e596f4d59713a232bfb45d6cb0b2592f67b867773f72c2bb0fa2f749685.exe <<< Contains HEUR/AGEN.1203203 suspicious code [renamed]
    
34. c:\Downloads\20220129\100x\601121c30531ce26c85a232f1e76df6a0eec591296ff711d45912db421d67a10.xls <<< Contains code of the W97M/Dldr.Emotet.pigrm Word macro virus [renamed]
    
35. c:\Downloads\20220129\100x\0961253848c2324b1d374aab1e29315c60c28ed1dd42cbc4ca819aae5c8a7fac.xlsx <<< Contains code of the W97M/Dldr.Emotet.utcan Word macro virus [renamed]
    
36. c:\Downloads\20220129\100x\a7a9d11f1cfcd60a6548d3f5033f0d621a0c383e4d02af3e2782af0eab8085e7.dll <<< Is the TR/Spy.Gen Trojan [renamed]
    
37. c:\Downloads\20220129\100x\a13ee864c6a802001850dd93f933b4d1fac54b6a8028917c783d95ae901642c9.dll <<< Is the TR/Emotet.ydalz Trojan [renamed]
    
38. c:\Downloads\20220129\100x\a62bc659475f4e3f0ec13841df523cbf813f4b2c2116c3501ebd10e7adede04a.xls <<< Contains code of the W97M/Dldr.Emotet.sxywa Word macro virus [renamed]
    
39. c:\Downloads\20220129\100x\a61597b6be41455ecc22339454e7329b2ae05a73c5b79babe7de02c44cadeabf.exe <<< Is the TR/Kryptik.wzzoh Trojan [renamed]
    
40. c:\Downloads\20220129\100x\acb77cf0d80fc513aa1d6bbb098615fe73bac7ab4791d9d52958923f19bd517d.exe <<< Is the TR/AD.GenSteal.jqerq Trojan [renamed]
    
41. c:\Downloads\20220129\100x\b74765beafc62048d68a5c2ee9bd76c96fc4c007e165f4aa6ec30db7b826f8b3.exe <<< Is the TR/AD.GenSteal.sewvo Trojan [renamed]
    
42. c:\Downloads\20220129\100x\c744fe5aa2ab646ac1a0583348316b13bf7ad12435edeb658aa5e0f09e494b89.exe <<< Is the TR/AD.Tefosteal.psxmm Trojan [renamed]
    
43. c:\Downloads\20220129\100x\c067194e9d005c09c7b36d0315d10d749e113f1e2e280e0957d13689bfd277a5.rar --> new_order.exe <<< Is the TR/AD.Swotter.yqbas Trojan [renamed]
    
44. c:\Downloads\20220129\100x\cdd50bfb40670c4797a74e5d09156d0acab73bcff3cc011754ec5ca1f2a8ec18.rar --> SOA_Balance_Payment.exe <<< Is the TR/Spy.Gen8 Trojan [renamed]
    
45. c:\Downloads\20220129\100x\d47bd2ff5d90d64d18485203e59a952e485a39f98e3d54258a578b13d9136ae7.exe <<< Is the TR/Dldr.Agent.njyah Trojan [renamed]
    
46. c:\Downloads\20220129\100x\d54edb4986821e6032b6d63787036b23d7e04b95a95a5d4487b7cd306958ffc4.exe <<< Is the TR/Kryptik.jieoy Trojan [renamed]
    
47. c:\Downloads\20220129\100x\d72ff8708ffeb9a95f559828938dc1439884e7c224579127418e285b1aa1d235.exe <<< Is the TR/AD.StellarStealer.nopsy Trojan [renamed]
    
48. c:\Downloads\20220129\100x\d393bc3918eb1f83e3e3b481ada09a63931b366137e5a7c5542f32ac4ddad4bb.dll <<< Is the TR/Emotet.tuvkh Trojan [renamed]
    
49. c:\Downloads\20220129\100x\d626d2dd320f5f66816bf3c97a8dd37f1be24b722fa32601c45e3be87791ed97.exe <<< Is the TR/AD.Inject.tixog Trojan [renamed]
    
50. c:\Downloads\20220129\100x\d30325befb2f43f1e9dd1107efea16b599a62204315516fcfcaef6761c3d71c8.xlsx <<< Contains code of the W97M/Dldr.Emotet.umvbp Word macro virus [renamed]
    
51. c:\Downloads\20220129\100x\dc224bc7816a6cc723d2748796568a9b6cd48634e50340bca46a544be719960b.xls <<< Contains code of the W97M/Dldr.Agent.igrup Word macro virus [renamed]
    
52. c:\Downloads\20220129\100x\e08ea21bb1cca3123c6c095b67c504f733ac252ea58034471eee06f4c8a76c1a.xlsx <<< Contains recognition pattern of the EXP/MSExcel.qwkst exploit [renamed]
    
53. c:\Downloads\20220129\100x\e61a47624bb05943607226214bb45d5209d551dc5e28581d71c60ab4b2ea44ca.xlsx <<< Contains code of the W97M/Dldr.Emotet.hzasv Word macro virus [renamed]
    
54. c:\Downloads\20220129\100x\eab58be07fca76485cc82eccb8f5dfff166c518db37f950c42c4682f6b6e86be.xlsx <<< Contains code of the W97M/Dldr.Emotet.ukezc Word macro virus [renamed]
    
55. c:\Downloads\20220129\100x\ec05558f0ce0cba4365d379c300561112878e5e71bdb0bb8cae1335594187686.exe <<< Is the TR/Redcap.svyac Trojan [renamed]
    
56. c:\Downloads\20220129\100x\f36a543cfcddf76b99df925bf70b22d560792d1059387e00bfe782bffd6e8a2b.exe <<< Is the TR/AD.LokiBot.aqiso Trojan [renamed]
    
57. c:\Downloads\20220129\100x\fa51b3b1d130a540d92f8864a6daeb74b25a3b34306dd2d0d61e4a24c4ad5744.exe <<< Is the TR/AD.GenSteal.hcfxn Trojan [renamed]
    
58. c:\Downloads\20220129\100x\fc97ba23d9fa7b6a40d087fe9f41ab16f3f561f527d8c05fbfaea85b5ee1095c.exe <<< Contains HEUR/AGEN.1137758 suspicious code [renamed]

复制代码

秋日之殇

卡巴扫描剩余4个dll，全都是损坏样本。讲道理，应该将损坏样本剔除后再计算检测率，

ther

KIS
仅扫描：96X

biue

fsp（无法处理的已手动删除）

761773275

ericdj 发表于 2022-1-29 16:28
Norton
剩余19个，处理79个

感觉护士检出率追上来了 之前都不如Norton

00006666

360安全卫士   下载防护输入解压密码扫描    会整包隔离

   

mr_bean_forever

Bitdefender Internet Security   93%

解压监控杀88，扫描再杀5，剩余7

babaj

腾管国际版   11%

aiqinghe

babaj 发表于 2022-1-29 16:45
腾管国际版   11%

这。。。。认真的？腾管国际这么弱了吗