本帖最后由 megakotaro 于 2023-3-31 13:12 编辑
密碼:infected
台灣大學admin帳號寄來的
Opentip顯示兩個同樣的低度可疑活動: The process $Image_path has modified the time attributes of the file $Target_file (MITRE: T1070.006 Indicator Removal on Host: Timestomp)
https://opentip.kaspersky.com/a069b8c63e8a26aae2d4f58c151791ba79e865f654bf1d56dce67e551d7f8a4b/results
已回報卡巴斯基
3/31更新
- Dear customer,
- 我们会将您的问题转交至卡巴斯基高级专家部门进行分析处理,待收到答复后我们会第一时间与您取得联系。
- We remind you that you can contact Kaspersky Lab Technical Support via email (in this case, please, do not change Subject field) or, in case if you created your request on the portal, you will see the direct link below for the quick answer.
- https://companyaccount.kaspersky.com/request/view/INC000015175279
- If we do not receive a response from you within 8 days, your incident will be considered resolved.
- Best regards,
- Kaspersky Lab Customer Service
- Support web-site: http://support.kaspersky.com/corporate
3/31更新回覆
- Dear customer,
- Thanks for your waitting.
- This file is already detected by Mail AV component of our product:
- UDS:DangerousObject.Multi.Generic
- However additional signature detection was added:
- HEUR:Trojan.Win32.Agentb.gen
- Its detection will be included in the next update.
- Thank you for your help.
- We remind you that you can contact Kaspersky Lab Technical Support via email (in this case, please, do not change Subject field) or, in case if you created your request on the portal, you will see the direct link below for the quick answer.
- https://companyaccount.kaspersky.com/request/view/INC000015175279
- If we do not receive a response from you within 8 days, your incident will be considered resolved.
- Best regards,
- Kaspersky Lab Customer Service
- Support web-site: http://support.kaspersky.com/corporate
|
发表于 2023-3-30 15:31:15
