吃瓜要当心！黑客利用娱乐热点大肆传播病毒样本

显示全部楼层 · 发表于 2023-4-22 13:28:10

avast miss

显示全部楼层 · 发表于 2023-4-22 13:35:33

已上报NLL

显示全部楼层 · 发表于 2023-4-22 13:55:00

本帖最后由 nikonikoni 于 2023-4-22 19:36 编辑

Submission details
景甜张继科聊天记录曝光.rar
Submission ID: bd5e494b-6f2a-4ef0-b9f7-db62bae60d30Status:
SubmittedSubmitted by:
Submitted: Apr 22, 2023 13:53:58
User Opinion: Malware

19:35
鉴定为clean

显示全部楼层 · 发表于 2023-4-22 19:44:22

crowdstrike 解压杀

显示全部楼层 · 发表于 2023-4-22 19:55:33

BEST miss

显示全部楼层 · 发表于 2023-4-22 19:59:32

nikonikoni 发表于 2023-4-22 13:55
Submission details
景甜张继科聊天记录曝光.rar
Submission ID: bd5e494b-6f2a-4ef0-b9f7-db62bae60d3 ...

MD这分析师绝了

显示全部楼层 · 发表于 2023-4-22 21:24:58

anthonyqian 发表于 2023-4-22 19:59
MD这分析师绝了

WD:Trojan:Win32/Wacatac.H!ml

显示全部楼层 · 发表于 2023-4-22 21:50:05

喀反发表于 2023-4-22 21:24
WD:Trojan:Win32/Wacatac.H!ml

更绝了，巨硬的机学比人脑还靠谱

显示全部楼层 · 发表于 2023-4-22 22:06:50

本帖最后由 nikonikoni 于 2023-4-22 22:14 编辑

喀反发表于 2023-4-22 21:24
WD:Trojan:Win32/Wacatac.H!ml

早上上传一次，晚上重新上传一次，甚至把火绒写的帖子翻译之后发过去都是clean

这是双击的结果？我这扫描还是无法检出

显示全部楼层 · 发表于 2023-4-22 22:20:52

anthonyqian 发表于 2023-4-22 12:05
上报给卡巴 eset 大蜘蛛了

ESET:

opentip回复了，不过没有写检测名称
Hello,

New malicious software was found in the attached file. Its detection will be included in the next update.
Thank you for your help.

Best regards, Denis Sitchikhin, Malware Analyst
39A/3 Leningradskoe Shosse, Moscow, 125212, Russia Tel./Fax: + 7 (495) 797 8700 http://www.kaspersky.com https://securelist.com
https://opentip.kaspersky.com/ - get insights about suspicious files, hashes, URLs, IP addresses or domain names

__________________________________________

From: xxxxxxx@qq.com
Received: 4/22/2023 8:53:21 AM (UTC)
Sent: 4/22/2023 8:53:16 AM (UTC)
To: newvirus@kaspersky.com
Subject: Kaspersky Anti-virus Lab replies to your request [VD3] [FILE:X] [LN:en]

Client feedback, query F065D8E375AC0C0FD22CCE6B3CF40947D129D434335C173BFF13919EA588706D, type [Hash], zone [Grey], was sent with the following commentary:
Kaspersky false positive and false negative： These files are malicious, pls re-check them. After running, it will release and silently install the RdViewer remote control software

This message is generated automatically by OpenTIP.
With Best regards,
OpenTIP Team.

[病毒样本] 吃瓜要当心！黑客利用娱乐热点大肆传播病毒样本

评分

评分

评分

[病毒样本] 吃瓜要当心！黑客利用娱乐热点大肆传播病毒 样本

评分

评分

评分

[病毒样本] 吃瓜要当心！黑客利用娱乐热点大肆传播病毒样本