郵箱伺服器收到的可疑文件x1

mogu6666

huangzihang 发表于 2022-7-25 12:56
BD双击安装后杀
删174个衍生物，ATC.4报法，即ATD/ATC主防杀
（只是一部分，太多懒得截了）

2个小时，BD云拉黑了

1. Feature:
   
2. Antivirus
   
3. 
   
4. The file C:\Users\XXX\AppData\Local\Temp\BNZ.62de40fe1839b8a\Quote - Compagnie Madecasse _ RN6.exe is infected with Gen:Suspicious.Cloud.2.su3@aagcs4gi and was moved to quarantine. It is recommended that you run a System Scan to make sure your system is clean

复制代码

rogersg

ESET Smart Security Premium
LiveGuard Detected

1. Time;Scanner;Object type;Object;Detection;Action;User;Information;Hash;First seen here
   
2. 2022/7/25 15:23:25;ESET LiveGuard;file;D:\User\Admin\Desktop\Quote - Compagnie Madecasse _ RN6.exe;ESET LiveGuard;deleted;;;FC5EAAFE57816EBD7FC560B2D66A97323A7FD942;2022/7/25 15:19:49

复制代码

huangzihang

mogu6666 发表于 2022-7-25 15:08
2个小时，BD云拉黑了

应该没这么慢，ATD转云拉黑我印象中一直是秒级的，跟卡巴差不多

心醉咖啡

毒霸扫描miss

123456aaaafsdeg

卡巴扫描miss

julietxu

安博士杀

lvseqiji

ESET最后报 NSIS/Injector.ASH

huangzihang

九小时了卡巴还没拉黑，安装后无残留进程，感觉真的是干净的

anthonyqian

铁壳分析后入库。
E93834F6AAFD3AFA40912103139F648B18064C5C85B2A4F995DFF606D158CD91 is a non-repairable threat.

This file is detected as Trojan Horse with our existing Rapid Release definition set. Protection is available in Rapid Release definitions with a sequence number of 222065 or greater.

心心相印

avast miss