查看: 4111|回复: 46
收起左侧

[病毒样本] 15x

  [复制链接]
swizzer
发表于 2022-4-8 22:45:49 | 显示全部楼层 |阅读模式
开开心心卖手机
发表于 2022-4-8 22:48:59 | 显示全部楼层
本帖最后由 开开心心卖手机 于 2022-4-8 23:00 编辑

emsi 实时监控剩余4x,等待双击

第一个dll加载不成功,怀疑是我不会,跳过

第二个运行后很安静,似乎没动作,BB也没提示


第三、第四个,运行后BB报Behavior.TrojanDownloader


本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
aboringman
发表于 2022-4-8 22:49:07 | 显示全部楼层
NPE:0
薪媛
发表于 2022-4-8 22:49:36 | 显示全部楼层
K7    3个

08-04-2022 22:48        C:\Users\Administrator\Desktop\15x\15x\4F8292D940EC749B98604B74710FCEB85520BE6EDE23D99B57E0CAE96D4BBB87.exe        is a Password-Stealer ( 004d5a661 )        Has been removed
08-04-2022 22:48        C:\Users\Administrator\Desktop\15x\15x\909A8FA84DD4A5D9D15E242B587DDCA2BFA33BF2641A2A38C9B8475C742B80BA.exe        is a Password-Stealer ( 004d5a661 )        Has been removed
08-04-2022 22:48        C:\Users\Administrator\Desktop\15x\15x\A48E05FEBED8B5F7B1CB128A3A1CA76118823A945D635CC3A6B8C2D829EA86E2.exe        is a Trojan ( 0057b88c1 )        Has been removed

swizzer
 楼主| 发表于 2022-4-8 22:49:46 | 显示全部楼层
秋日之殇
发表于 2022-4-8 22:50:13 | 显示全部楼层
本帖最后由 秋日之殇 于 2022-4-8 23:07 编辑

卡巴扫描x13,剩余两个一个dll无法加载,另一个卡巴pdm杀

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x

评分

参与人数 1人气 +2 收起 理由
dongwenqi + 2 版区有你更精彩: )

查看全部评分

aboringman
发表于 2022-4-8 22:53:17 | 显示全部楼层

是的。。。。。。

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x

评分

参与人数 1人气 +1 收起 理由
swizzer + 1 这...

查看全部评分

anthonyqian
发表于 2022-4-8 23:00:23 | 显示全部楼层

NPE是云端扫描器,没有被铁壳云拉黑的样本都miss。。。 ABC杀 特征杀似乎都不支持
swizzer
 楼主| 发表于 2022-4-8 23:01:06 | 显示全部楼层
anthonyqian 发表于 2022-4-8 23:00
NPE是云端扫描器,没有被铁壳云拉黑的样本都miss。。。 ABC杀 特征杀似乎都不支持

我以为NPE会比下载智能分析激进···
东南大学
发表于 2022-4-8 23:01:20 | 显示全部楼层
小红伞Miss 1x
  1. 2022-04-08 22:59:52,343 INFO: --------------- START ---------------
  2. 2022-04-08 22:59:52,390 WARNING: file=c:\Downloads\missed\15x\133C3A352856A4513DF3A0FA8FB5CAFDAE65218E476DC6CE95A6F3053E6BE96A.exe type=trojan alert=[TR/Spy.Gen8] desc=[Is the Trojan horse TR/Spy.Gen8]
  3. 2022-04-08 22:59:52,437 WARNING: file=c:\Downloads\missed\15x\397D28999628259A2D6F0FC6DA7038CF515B7DC0249CE2ED5724D6B9297E7346.exe type=heuristic alert=[HEUR/AGEN.1211872] desc=[Contains suspicious code HEUR/AGEN.1211872]
  4. 2022-04-08 22:59:52,562 WARNING: file=c:\Downloads\missed\15x\4F8292D940EC749B98604B74710FCEB85520BE6EDE23D99B57E0CAE96D4BBB87.exe type=heuristic alert=[HEUR/AGEN.1219276] desc=[Contains suspicious code HEUR/AGEN.1219276]
  5. 2022-04-08 22:59:52,656 WARNING: file=c:\Downloads\missed\15x\5AE524043EF104955BD53E9089393B193BD898CC22A39128837764D005659CBD.exe type=heuristic alert=[HEUR/AGEN.1203024] desc=[Contains suspicious code HEUR/AGEN.1203024]
  6. 2022-04-08 22:59:52,718 WARNING: file=c:\Downloads\missed\15x\66D6BD9C5CF1CAFC0ED32D9355BE17C53E8DC5D2BB266FE39F18DBFC9F048D3F.exe type=trojan alert=[TR/Crypt.XPACK.Gen] desc=[Is the Trojan horse TR/Crypt.XPACK.Gen]
  7. 2022-04-08 22:59:52,750 WARNING: file=c:\Downloads\missed\15x\6ACDCA608175DC37F0B2F9F414DA733B68368A8B7C33310F88960C2A09DED084.exe type=trojan alert=[TR/Spy.Gen8] desc=[Is the Trojan horse TR/Spy.Gen8]
  8. 2022-04-08 22:59:52,875 WARNING: file=c:\Downloads\missed\15x\8559F40FD82C26DE12C43E2F5A2AE54EA5A6CB2C69DE96BBE83FACAD5E5EB9AF.exe type=heuristic alert=[HEUR/AGEN.1211744] desc=[Contains suspicious code HEUR/AGEN.1211744]
  9. 2022-04-08 22:59:52,968 WARNING: file=c:\Downloads\missed\15x\909A8FA84DD4A5D9D15E242B587DDCA2BFA33BF2641A2A38C9B8475C742B80BA.exe type=heuristic alert=[HEUR/AGEN.1219273] desc=[Contains suspicious code HEUR/AGEN.1219273]
  10. 2022-04-08 22:59:53,046 WARNING: file=c:\Downloads\missed\15x\A48E05FEBED8B5F7B1CB128A3A1CA76118823A945D635CC3A6B8C2D829EA86E2.exe type=heuristic alert=[HEUR/AGEN.1211745] desc=[Contains suspicious code HEUR/AGEN.1211745]
  11. 2022-04-08 22:59:53,109 WARNING: file=c:\Downloads\missed\15x\A9C57FFA21E675033B17ACD0999DA7D861AB685138A8E1CDE4E8B97E3AB010CA.exe type=heuristic alert=[HEUR/AGEN.1203035] desc=[Contains suspicious code HEUR/AGEN.1203035]
  12. 2022-04-08 22:59:53,171 WARNING: file=c:\Downloads\missed\15x\BB2543399629A4D377CC77591E0718C45DE62F9C88031F6A9F4AFB73BB03CE9C.exe type=heuristic alert=[HEUR/AGEN.1211852] desc=[Contains suspicious code HEUR/AGEN.1211852]
  13. 2022-04-08 22:59:53,218 WARNING: file=c:\Downloads\missed\15x\C27AA6B3F9A13C81E89EA7B52B0985439264326E30B316D1DF9FC14B4BA2C018.exe type=trojan alert=[TR/Spy.Gen8] desc=[Is the Trojan horse TR/Spy.Gen8]
  14. 2022-04-08 22:59:53,359 WARNING: file=c:\Downloads\missed\15x\D599EE66289CEB978C746CADE8030F7CC1ED38262F0CA6B8E65530276161D3E9.exe type=heuristic alert=[HEUR/AGEN.1211800] desc=[Contains suspicious code HEUR/AGEN.1211800]
  15. 2022-04-08 22:59:53,406 WARNING: file=c:\Downloads\missed\15x\EAB2BCCC2BC230FEAC7DC9931CE0E20CAD4F7623106C627584C72762E4535856.exe type=heuristic alert=[HEUR/AGEN.1211872] desc=[Contains suspicious code HEUR/AGEN.1211872]
  16. 2022-04-08 22:59:53,406 INFO: --------------- END ---------------
复制代码
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-3-29 17:32 , Processed in 0.136030 second(s), 18 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表