#fake #telegram (2022-09-29)

显示全部楼层 · 发表于 2022-9-29 22:29:51

秋日之殇发表于 2022-9-29 21:59
下载不下来

https://transfer.sh/ixaVdd/2r3.7z

显示全部楼层 · 发表于 2022-9-29 22:29:55

ESET杀衍生物
话说这跟样本和360有啥关系啊

显示全部楼层 · 发表于 2022-9-29 22:32:49

Shake2333 发表于 2022-9-29 22:29
ESET杀衍生物
话说这跟样本和360有啥关系啊

释放了疑似白利用文件360FileGuard.dat

同源样本释放360AppCore.exe，360AppCore.exe我好像在别的远控里面也见到过有释放，貌似是什么新的白利用吗

显示全部楼层 · 发表于 2022-9-29 23:08:56

卡巴pdm没有反应倒是杀了一堆Adware

显示全部楼层 · 发表于 2022-9-29 23:12:06

毒霸

显示全部楼层 · 发表于 2022-9-30 06:36:45

秋日之殇发表于 2022-9-29 23:08
卡巴pdm没有反应倒是杀了一堆Adware

Hello,

not-a-virus:HEUR:AdWare.OLE2.Agent.gen

Objects detection will be included in the next update.
Thank you for your help.
Kaspersky Lab applications classify the specified objects as Adware and do not identify them as malicious. The notifications displayed to the user are informative and correct.

Best regards, Kirill, Senior Malware Analyst

显示全部楼层 · 发表于 2022-9-30 06:41:22

从libcef.dll找到一堆同源样本

显示全部楼层 · 发表于 2022-9-30 11:40:57

Inject "regedit.exe" > C2 1.32.254.117:9161

卡巴的not-a-virus... Hmmm...

显示全部楼层 · 发表于 2022-9-30 16:36:12

经过沟通，卡巴斯基已更换报毒名称

Hello,

New malicious software was found in the attached file. Its detection will be included in the next update.
HEUR:Trojan-Dropper.OLE2.Agent.gen
Thank you for your help.

衍生物

Hello,

New malicious software was found in the attached files. Its detection will be included in the next update.
inatall.jpg - Trojan.Win32.Zapchast.bfpu
ipaip1.exe - Trojan.Win32.Zapchast.bfpj
lodata1.dll - Trojan.Win32.Zapchast.bfpk
LowDa1.dll - Trojan.Win32.Zapchast.bfpl
LowDa2.dll - Trojan.Win32.Zapchast.bfpm
LowDa3.dll - Trojan.Win32.Zapchast.bfpn
LowDa4.dll - Trojan.Win32.Zapchast.bfpo
LowDa5.dll - Trojan.Win32.Zapchast.bfpp
LowDa6.dll - Trojan.Win32.Zapchast.bfpq
LowDa7.dll - Trojan.Win32.Zapchast.bfpr
LowDa9.dll - Trojan.Win32.Zapchast.bfps
nnloader.exe - Trojan.Win32.Zapchast.bfpt
No malicious software was found in other files.
Thank you for your help.

[病毒样本] #fake #telegram (2022-09-29)

本帖子中包含更多资源

本帖子中包含更多资源

评分

本帖子中包含更多资源

本帖子中包含更多资源