keylogger

显示全部楼层 · 发表于 2023-3-22 23:03:20

from
https://bbs.kafan.cn/thread-2253701-1-1.html

显示全部楼层 · 发表于 2023-3-22 23:18:02

咖啡1X

2023/03/22 23:14:59 C:\Users\X\Downloads\1\keyiso.dll 15 4 JTI/Suspect.196612!d0d44ca70e15 c7eedd9c1bb9a4a99b6caf37a5b6e061de48cc98a180808782a40957a0a576ed

显示全部楼层 · 发表于 2023-3-22 23:22:29

kaspersky undetected

显示全部楼层 · 发表于 2023-3-22 23:27:14

360未知

显示全部楼层 · 发表于 2023-3-22 23:32:13

类型:高危程序-行为和木马非常相似的程序
描述:此类程序危险性较高，会影响系统的正常运行。
扫描引擎:云安全引擎
文件路径:D:\360安全浏览器下载\1\keyiso.dll
文件大小:17.5K (17,920 字节)
文件版本:10.0.22000.1219 (WinBuild.160101.0800)
文件描述:CNG Key Isolation Service
文件指纹（MD5）:d0d44ca70e15a780c1873d0807709d7c
处理建议:隔离文件

显示全部楼层 · 发表于 2023-3-22 23:32:20

实时防护检测到威胁，该文件已被删除

显示全部楼层 · 发表于 2023-3-23 00:43:15

秋日之殇发表于 2023-3-22 23:22
kaspersky undetected

Opentip检出已拉黑

显示全部楼层 · 发表于 2023-3-23 09:06:12

Time;Scanner;Object type;Object;Detection;Action;User;Information;Hash;First seen here
3/23/2023 1:05:26 AM;Real-time file system protection;file;C:\Users\contact\Downloads\1\keyiso.dll;a variant of Win32/Packed.BlackMoon.A suspicious application;cleaned by deleting;AzureAD\contact;Event occurred on a new file created by the application: C:\Program Files\7-Zip\7zFM.exe (912F4658C4B046FBADD084912F9126CB1AE3737B).;C67D3AF5C48DD877883AF6CC9AFD30031F99B069;3/23/2023 1:01:15 AM
Time;Scanner;Object type;Object;Detection;Action;User;Information;Hash;First seen here
3/23/2023 1:05:26 AM;Real-time file system protection;file;C:\Users\contact\Downloads\1\keyiso-unpacked.dll;a variant of Win32/Packed.BlackMoon.A suspicious application;cleaned by deleting;AzureAD\contact;Event occurred on a new file created by the application: C:\Program Files\7-Zip\7zFM.exe (912F4658C4B046FBADD084912F9126CB1AE3737B).;28F7163620F66A1A8B94574C32FE5636974FE52D;3/23/2023 1:01:16 AM

显示全部楼层 · 发表于 2023-3-23 10:08:00

天守1X

显示全部楼层 · 发表于 2023-3-23 10:27:03

Norton 火绒全部Miss

[病毒样本] keylogger

本帖子中包含更多资源