病毒样本测试包 17X 20220629

显示全部楼层 · 发表于 2022-6-29 22:04:41

本帖最后由 GreatMOLA 于 2022-6-29 22:05 编辑

红伞9x
360 6x

显示全部楼层 · 发表于 2022-6-29 22:33:40

召唤 F-Secure 、McAfee、大蜘蛛

显示全部楼层 · 发表于 2022-6-29 22:47:47

本帖最后由 rogersg 于 2022-6-30 23:37 编辑

Kaspersky
目前扫描13X
日志：
剩余如下文件

未检出的已经上报了，现在已经全部入库了。

Bitdefender
扫描6X

C:\Users\Admin\Desktop\未命名文件夹\f46dfc2ccdefa2f303fbb568ed46b8887562301d838ed44446b01883c8c89e35 Trojan.GenericKD.39630182 Deleted
C:\Users\Admin\Desktop\未命名文件夹\3c65aa247d9d8d29848999fce1a9e6e59592ae32ef9b9434625237e8b7d38810 Trojan.GenericKDZ.89093 Deleted
C:\Users\Admin\Desktop\未命名文件夹\456f1d33d2291fa9434dd4f9ef76a47f469284a092a70cac802639236c0569e9 Gen:Variant.Lazy.201835 Deleted
C:\Users\Admin\Desktop\未命名文件夹\c6f96251fda26888ad9e554ea4fa991f9581eb9a5d10ea23c8faccac1ebd28ef Trojan.GenericKD.50527076 Deleted
C:\Users\Admin\Desktop\未命名文件夹\9602c449de22249c38f3248520c01b373a5164c35cc7b84ddd7f0a2d3bbc8f44 Gen:Variant.Jaik.83486 Deleted
C:\Users\Admin\Desktop\未命名文件夹\85ad964333654d8361495a15030c3e71d749c67fd478acabdc3e996c44a714d3 Gen:Suspicious.Cloud.2.pYW@aieTwoci Deleted

复制代码

双击
b0b06e842ac06caabba0125d42837d3b7bd2206571f2196969253b882a0cae55 - SuspiciousBehavior.88AC764A25BABE5F

a3a6324d63f5a3f285e61911235aef64f58631a8f82a43337128eb415bb37f5b - http://47.110.151.16/Create/gpapp/YRTG1FX0A Threat name: Trojan.CobaltStrike.AN Dangerous pages attempt to install software that can harm the device, gather personal information or operate without your consent.

0cbfc2f28a8acaa9132a1c30d09ac5e833057dd8b73972e881f6dd58214a6994 - Gen:Suspicious.Cloud.2.Qu0@amhh5bbj

3a342e566bddf9197e5f63147dcbdb5c2395bec96c52ccef31372ec4290e732e - 杀衍生物 Trojan.GenericKD.50527076

4a46dc10ed55efae70427eae60a94d743ff8acee36fdbc6e15c64ef8b3be2976 - SuspiciousBehavior.88AC764A1D814E1F
最终剩余5个

显示全部楼层 · 发表于 2022-6-29 23:39:38

大蜘蛛：

628e1f6e5b74a01030f6cb7249f87a341e5ed0d0ebc560e86ac399f5d0bc843f.zip - archive ZIP
>628e1f6e5b74a01030f6cb7249f87a341e5ed0d0ebc560e86ac399f5d0bc843f.zip/628e1f6e5b74a01030f6cb7249f87a341e5ed0d0ebc560e86ac399f5d0bc843f packed by PECOMPACT
>>628e1f6e5b74a01030f6cb7249f87a341e5ed0d0ebc560e86ac399f5d0bc843f.zip/628e1f6e5b74a01030f6cb7249f87a341e5ed0d0ebc560e86ac399f5d0bc843f infected with Trojan.PWS.Wsgame.55505

1/1

a3a6324d63f5a3f285e61911235aef64f58631a8f82a43337128eb415bb37f5b.zip - archive ZIP
>a3a6324d63f5a3f285e61911235aef64f58631a8f82a43337128eb415bb37f5b.zip/a3a6324d63f5a3f285e61911235aef64f58631a8f82a43337128eb415bb37f5b packed by PESTUB
>>a3a6324d63f5a3f285e61911235aef64f58631a8f82a43337128eb415bb37f5b.zip/a3a6324d63f5a3f285e61911235aef64f58631a8f82a43337128eb415bb37f5b - archive JS-HTML
>>>a3a6324d63f5a3f285e61911235aef64f58631a8f82a43337128eb415bb37f5b.zip/a3a6324d63f5a3f285e61911235aef64f58631a8f82a43337128eb415bb37f5b/JSTag_1[859][54e5f] - Ok
>>a3a6324d63f5a3f285e61911235aef64f58631a8f82a43337128eb415bb37f5b.zip/a3a6324d63f5a3f285e61911235aef64f58631a8f82a43337128eb415bb37f5b - Ok
a3a6324d63f5a3f285e61911235aef64f58631a8f82a43337128eb415bb37f5b.zip - Ok

0/1

f255023a911a7faaabb880d9c12b62559a86b6b5e954d7d1552c56bb7a57f589.zip - archive ZIP
>f255023a911a7faaabb880d9c12b62559a86b6b5e954d7d1552c56bb7a57f589.zip/f255023a911a7faaabb880d9c12b62559a86b6b5e954d7d1552c56bb7a57f589 - archive BINARYRES
>>f255023a911a7faaabb880d9c12b62559a86b6b5e954d7d1552c56bb7a57f589.zip/f255023a911a7faaabb880d9c12b62559a86b6b5e954d7d1552c56bb7a57f589/data001 - archive NET
>>f255023a911a7faaabb880d9c12b62559a86b6b5e954d7d1552c56bb7a57f589.zip/f255023a911a7faaabb880d9c12b62559a86b6b5e954d7d1552c56bb7a57f589/data001 - Ok
>>f255023a911a7faaabb880d9c12b62559a86b6b5e954d7d1552c56bb7a57f589.zip/f255023a911a7faaabb880d9c12b62559a86b6b5e954d7d1552c56bb7a57f589/data002 - archive NET
>>f255023a911a7faaabb880d9c12b62559a86b6b5e954d7d1552c56bb7a57f589.zip/f255023a911a7faaabb880d9c12b62559a86b6b5e954d7d1552c56bb7a57f589/data002 - Ok
>>f255023a911a7faaabb880d9c12b62559a86b6b5e954d7d1552c56bb7a57f589.zip/f255023a911a7faaabb880d9c12b62559a86b6b5e954d7d1552c56bb7a57f589/data003 - Ok
>>f255023a911a7faaabb880d9c12b62559a86b6b5e954d7d1552c56bb7a57f589.zip/f255023a911a7faaabb880d9c12b62559a86b6b5e954d7d1552c56bb7a57f589/data004 - Ok
>>f255023a911a7faaabb880d9c12b62559a86b6b5e954d7d1552c56bb7a57f589.zip/f255023a911a7faaabb880d9c12b62559a86b6b5e954d7d1552c56bb7a57f589/data005 - Ok
>f255023a911a7faaabb880d9c12b62559a86b6b5e954d7d1552c56bb7a57f589.zip/f255023a911a7faaabb880d9c12b62559a86b6b5e954d7d1552c56bb7a57f589 - Ok
f255023a911a7faaabb880d9c12b62559a86b6b5e954d7d1552c56bb7a57f589.zip - Ok

0/1

test.zip - archive ZIP
>test.zip/7669b996d4c35c3929fee3eb29ae7240dde8e4c6a55a8ee72e6e9e17848b7f73 - Ok
>test.zip/9602c449de22249c38f3248520c01b373a5164c35cc7b84ddd7f0a2d3bbc8f44 packed by UPACK
>>test.zip/9602c449de22249c38f3248520c01b373a5164c35cc7b84ddd7f0a2d3bbc8f44 infected with Trojan.PWS.Banker1.37040
>test.zip/18a912fb1ac2d3766ad88fcfd2e82ce0b253169dd48bd8701b2adfebb6250fa0 - archive SETUP FACTORY
>>test.zip/18a912fb1ac2d3766ad88fcfd2e82ce0b253169dd48bd8701b2adfebb6250fa0/0.file packed by XOREXE
>>>test.zip/18a912fb1ac2d3766ad88fcfd2e82ce0b253169dd48bd8701b2adfebb6250fa0/0.file packed by FLY-CODE
>>>>test.zip/18a912fb1ac2d3766ad88fcfd2e82ce0b253169dd48bd8701b2adfebb6250fa0/0.file - Ok
>>test.zip/18a912fb1ac2d3766ad88fcfd2e82ce0b253169dd48bd8701b2adfebb6250fa0/1.file - Ok
>>test.zip/18a912fb1ac2d3766ad88fcfd2e82ce0b253169dd48bd8701b2adfebb6250fa0/irsetup.dat - Ok
>>test.zip/18a912fb1ac2d3766ad88fcfd2e82ce0b253169dd48bd8701b2adfebb6250fa0/IRIMG1.JPG - Ok
>>test.zip/18a912fb1ac2d3766ad88fcfd2e82ce0b253169dd48bd8701b2adfebb6250fa0/IRIMG2.JPG - Ok
>>test.zip/18a912fb1ac2d3766ad88fcfd2e82ce0b253169dd48bd8701b2adfebb6250fa0/UPX.rar - archive RAR
>>test.zip/18a912fb1ac2d3766ad88fcfd2e82ce0b253169dd48bd8701b2adfebb6250fa0/UPX.rar - password protected, skipped
>>test.zip/18a912fb1ac2d3766ad88fcfd2e82ce0b253169dd48bd8701b2adfebb6250fa0/log.log - Ok
>>test.zip/18a912fb1ac2d3766ad88fcfd2e82ce0b253169dd48bd8701b2adfebb6250fa0/chuangkou.log - Ok
>>test.zip/18a912fb1ac2d3766ad88fcfd2e82ce0b253169dd48bd8701b2adfebb6250fa0/upx.exe - Ok
>test.zip/18a912fb1ac2d3766ad88fcfd2e82ce0b253169dd48bd8701b2adfebb6250fa0 - password protected, skipped
>test.zip/f02bab6ba0c815a424f51fb6a540c450be73fb2a1ad05ec35a695d0a299cd735 - Ok
>test.zip/c6f96251fda26888ad9e554ea4fa991f9581eb9a5d10ea23c8faccac1ebd28ef infected with Trojan.DownLoad4.14906
>test.zip/456f1d33d2291fa9434dd4f9ef76a47f469284a092a70cac802639236c0569e9 - Ok
>test.zip/4a46dc10ed55efae70427eae60a94d743ff8acee36fdbc6e15c64ef8b3be2976 infected with Trojan.DownLoader45.1924
>test.zip/0cbfc2f28a8acaa9132a1c30d09ac5e833057dd8b73972e881f6dd58214a6994 packed by BINARYRES
>>test.zip/0cbfc2f28a8acaa9132a1c30d09ac5e833057dd8b73972e881f6dd58214a6994 - Ok
>test.zip/3a342e566bddf9197e5f63147dcbdb5c2395bec96c52ccef31372ec4290e732e infected with Trojan.DownLoader45.1924
>test.zip/85ad964333654d8361495a15030c3e71d749c67fd478acabdc3e996c44a714d3 - Ok
>test.zip/5c0d161b29180a59e8785fd61b881ce41a7d797c643fb212879a154d00323042 packed by BINARYRES
>>test.zip/5c0d161b29180a59e8785fd61b881ce41a7d797c643fb212879a154d00323042 - Ok
>test.zip/3c65aa247d9d8d29848999fce1a9e6e59592ae32ef9b9434625237e8b7d38810 infected with Trojan.Siggen18.10889
>test.zip/b0b06e842ac06caabba0125d42837d3b7bd2206571f2196969253b882a0cae55 infected with Trojan.DownLoader45.2024
>test.zip/f46dfc2ccdefa2f303fbb568ed46b8887562301d838ed44446b01883c8c89e35 packed by FLY-CODE
>>test.zip/f46dfc2ccdefa2f303fbb568ed46b8887562301d838ed44446b01883c8c89e35 - Ok
test.zip - password protected, skipped

6/14

综上所述：7/17

显示全部楼层 · 发表于 2022-6-29 23:46:22

BEST落地杀3个右键4个
剩余送入沙盒 10项及其衍生物共13项检出7项

显示全部楼层 · 发表于 2022-6-29 23:59:05

fsp + 360 断网锁6.25库

fsp联网

修改exe后缀联网DG，封锁3个文件，删除2x衍生物

显示全部楼层 · 发表于 2022-6-30 19:27:59

avast found 14 threats.

显示全部楼层 · 发表于 2022-7-2 20:42:04

本帖最后由 trumping 于 2022-7-2 20:44 编辑

瑞星v17 16个 rdm+ 17个

[病毒样本] 病毒样本测试包 17X 20220629

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源