收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 我给弄丢了的老样本
12下一页
返回列表 发新帖
查看: 2355|回复: 17
收起左侧

[病毒样本] 我给弄丢了的老样本

[复制链接]
ANY.LNK
发表于 2023-5-2 14:33:01 | 显示全部楼层 |阅读模式
不记得是从哪里搞到的了,可能就是在论坛里。目前我只有VT链接(我没有权限下载)

https://www.virustotal.com/gui/f ... ba16803b45dcad617e1

最初报告的安全软件并不多,不过最近又开始纷纷入库了,所以我打算去将它上报给微软
回复

举报

00006666
发表于 2023-5-2 14:42:45 | 显示全部楼层
https://t.wss.ink/f/b406zpd5sqn

上传网盘了

评分

参与人数 1人气 +2 收起 理由
ANY.LNK + 2 感谢提供分享

查看全部评分

回复

举报

莒县小哥
发表于 2023-5-2 14:43:00 | 显示全部楼层
本帖最后由 莒县小哥 于 2023-5-2 14:44 编辑

样本来了
https://mylujian.lanzout.com/iuIvl0uh0c4j
解压密码:threatbook


本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x

评分

参与人数 1人气 +2 收起 理由
ANY.LNK + 2 感谢提供分享

查看全部评分

回复

举报

真小读者
发表于 2023-5-2 14:51:01 | 显示全部楼层
本帖最后由 真小读者 于 2023-5-2 14:53 编辑

ESET


本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

东南大学
发表于 2023-5-2 15:00:00 | 显示全部楼层
  1. 2023/05/02 14:57:12.708 C:\Downloads\missed\EnrollCertXaml.dll//data0000.bin
  2.         suspected 'not-a-virus:HEUR:RiskTool.Script.BitMiner.gen'
  3. 2023/05/02 14:57:15.656 C:\Downloads\missed\EnrollCertXaml.dll//data0001.bin
  4.         detected 'Trojan.Win32.Miner.uamb'
  5. 2023/05/02 14:57:16.936 C:\Downloads\missed\EnrollCertXaml.dll//data0002.bin
  6.         detected 'Trojan.Win64.Miner.dtd'
  7. 2023/05/02 14:57:19.510 C:\Downloads\missed\EnrollCertXaml.dll//data0003.bin
  8.         detected 'Trojan.Win32.BitCoinMiner.cdm'
  9. 2023/05/02 14:57:20.960 C:\Downloads\missed\EnrollCertXaml.dll//data0004.bin
  10.         suspected 'not-a-virus:HEUR:RiskTool.Win32.BitCoinMiner.gen'
  11. 2023/05/02 14:57:21.772 C:\Downloads\missed\EnrollCertXaml.dll//data0004.bin
  12.         detected 'HEUR:Trojan.Win32.Miner.gen'
  13. 2023/05/02 14:57:22.864 C:\Downloads\missed\EnrollCertXaml.dll//data0007.bin
  14.         detected 'Trojan.Win32.Reconyc.iwkz'
  15. 2023/05/02 14:57:23.971 C:\Downloads\missed\EnrollCertXaml.dll//data0008.bin
  16.         detected 'Backdoor.Win64.Agent.hny'
  17. 2023/05/02 14:57:25.141 C:\Downloads\missed\EnrollCertXaml.dll//data0009.bin
  18.         detected 'Trojan.Win32.Agentb.javs'
  19. 2023/05/02 14:57:26.873 C:\Downloads\missed\EnrollCertXaml.dll//data0010.bin
  20.         detected 'Trojan.Win32.Agentb.jwwm'
  21. 2023/05/02 14:57:30.008 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//adfw-2.dll
  22.         detected 'Trojan.Win32.ShadowBrokers.t'
  23. 2023/05/02 14:57:31.631 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//adfw.dll
  24.         detected 'Trojan.Win32.ShadowBrokers.p'
  25. 2023/05/02 14:57:33.893 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//cnli-0.dll
  26.         detected 'Trojan.Win32.EquationDrug.acj'
  27. 2023/05/02 14:57:35.422 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//cnli-1.dll
  28.         detected 'Trojan.Win32.ShadowBrokers.ao'
  29. 2023/05/02 14:57:37.403 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//coli-0.dll
  30.         detected 'Trojan.Win32.EquationDrug.acf'
  31. 2023/05/02 14:57:38.760 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//crli-0.dll
  32.         detected 'Trojan.Win32.EquationDrug.ach'
  33. 2023/05/02 14:57:40.663 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//dmgd-1.dll
  34.         detected 'Trojan.Win32.ShadowBrokers.aw'
  35. 2023/05/02 14:57:43.565 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//dmgd-4.dll
  36.         detected 'Trojan.Win32.EquationDrug.ace'
  37. 2023/05/02 14:57:45.952 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//esco-0.dll
  38.         detected 'Trojan.Win32.ShadowBrokers.v'
  39. 2023/05/02 14:57:46.763 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//etch-0.dll
  40.         detected 'Exploit.Win32.ShadowBrokers.z'
  41. 2023/05/02 14:57:47.839 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//etchCore-0.x64.dll
  42.         detected 'Exploit.Win64.ShadowBrokers.c'
  43. 2023/05/02 14:57:49.462 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//etchCore-0.x86.dll
  44.         detected 'Exploit.Win32.ShadowBrokers.aa'
  45. 2023/05/02 14:57:50.242 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//eteb-2.dll
  46.         detected 'Exploit.Win32.ShadowBrokers.ab'
  47. 2023/05/02 14:57:51.224 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//etebCore-2.x64.dll
  48.         detected 'Exploit.Win64.ShadowBrokers.d'
  49. 2023/05/02 14:57:52.784 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//etebCore-2.x86.dll
  50.         detected 'Exploit.Win32.ShadowBrokers.ad'
  51. 2023/05/02 14:57:54.968 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//exma-1.dll
  52.         detected 'Trojan.Win32.ShadowBrokers.x'
  53. 2023/05/02 14:57:56.014 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//exma.dll
  54.         detected 'Trojan.Win32.ShadowBrokers.w'
  55. 2023/05/02 14:57:57.309 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//iconv.dll
  56.         detected 'Trojan.Win32.ShadowBrokers.ct'
  57. 2023/05/02 14:57:58.385 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//libcurl.dll
  58.         detected 'Trojan.Win32.EquationDrug.jf'
  59. 2023/05/02 14:57:59.539 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//libeay32.dll
  60.         detected 'HackTool.Win32.ShadowBrokers.p'
  61. 2023/05/02 14:58:01.645 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//libiconv-2.dll
  62.         detected 'HackTool.Win32.ShadowBrokers.l'
  63. 2023/05/02 14:58:02.971 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//libxml2.dll
  64.         detected 'HackTool.Win32.ShadowBrokers.o'
  65. 2023/05/02 14:58:05.826 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//out.dll
  66.         detected 'Trojan.Win32.Imeternal.c'
  67. 2023/05/02 14:58:06.700 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//pcla-0.dll
  68.         detected 'Trojan.Win32.ShadowBrokers.y'
  69. 2023/05/02 14:58:07.277 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//pcre-0.dll
  70.         detected 'Trojan.Win32.ShadowBrokers.ax'
  71. 2023/05/02 14:58:08.400 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//pcrecpp-0.dll
  72.         detected 'Trojan.Win32.ShadowBrokers.av'
  73. 2023/05/02 14:58:09.305 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//pcreposix-0.dll
  74.         detected 'Trojan.Win32.ShadowBrokers.au'
  75. 2023/05/02 14:58:10.444 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//posh-0.dll
  76.         detected 'Trojan.Win32.ShadowBrokers.ab'
  77. 2023/05/02 14:58:11.099 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//posh.dll
  78.         detected 'Trojan.Win32.ShadowBrokers.aa'
  79. 2023/05/02 14:58:11.614 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//pytrch.py
  80.         detected 'Trojan.Python.EquationDrug.a'
  81. 2023/05/02 14:58:11.863 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//pytrch.pyc
  82.         detected 'Trojan.Python.EquationDrug.a'
  83. 2023/05/02 14:58:13.143 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//riar-2.dll
  84.         detected 'Trojan.Win32.ShadowBrokers.as'
  85. 2023/05/02 14:58:13.829 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//riar.dll
  86.         detected 'Trojan.Win32.ShadowBrokers.ar'
  87. 2023/05/02 14:58:14.890 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//spoolsv.exe
  88.         detected 'Backdoor.Win32.ShadowBrokers.f'
  89. 2023/05/02 14:58:15.436 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//ssleay32.dll
  90.         detected 'Trojan.Win32.ShadowBrokers.cz'
  91. 2023/05/02 14:58:18.057 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//svchost.exe
  92.         detected 'Exploit.Win32.ShadowBrokers.ae'
  93. 2023/05/02 14:58:18.681 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//tibe-1.dll
  94.         detected 'Trojan.Win32.ShadowBrokers.bb'
  95. 2023/05/02 14:58:20.693 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//tibe-2.dll
  96.         detected 'Trojan.Win32.ShadowBrokers.ad'
  97. 2023/05/02 14:58:21.816 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//tibe.dll
  98.         detected 'Trojan.Win32.ShadowBrokers.ac'
  99. 2023/05/02 14:58:22.690 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//trch-0.dll
  100.         detected 'Trojan.Win32.ShadowBrokers.af'
  101. 2023/05/02 14:58:23.236 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//trch-1.dll
  102.         detected 'Trojan.Win32.ShadowBrokers.ag'
  103. 2023/05/02 14:58:24.109 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//trch.dll
  104.         detected 'Trojan.Win32.ShadowBrokers.ae'
  105. 2023/05/02 14:58:25.389 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//trfo-0.dll
  106.         detected 'Trojan.Win32.ShadowBrokers.aq'
  107. 2023/05/02 14:58:26.137 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//trfo-2.dll
  108.         detected 'Trojan.Win32.EquationDrug.acg'
  109. 2023/05/02 14:58:26.761 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//trfo.dll
  110.         detected 'Trojan.Win32.ShadowBrokers.an'
  111. 2023/05/02 14:58:27.666 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//tucl-1.dll
  112.         detected 'Trojan.Win32.ShadowBrokers.ai'
  113. 2023/05/02 14:58:28.384 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//tucl.dll
  114.         detected 'Trojan.Win32.ShadowBrokers.ah'
  115. 2023/05/02 14:58:28.977 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//ucl.dll
  116.         detected 'Trojan.Win32.Shadowbrokers.co'
  117. 2023/05/02 14:58:29.507 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//xdvl-0.dll
  118.         detected 'Trojan.Win32.ShadowBrokers.ak'
  119. 2023/05/02 14:58:30.895 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//zibe.dll
  120.         detected 'Trojan.Win32.ShadowBrokers.al'
  121. 2023/05/02 14:58:31.363 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//zlib1.dll
  122.         detected 'Trojan.Win32.EquationDrug.dp'
  123. 2023/05/02 14:58:31.816 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin//_pytrch.pyd
  124.         detected 'Trojan.Win32.EquationDrug.dq'
  125. 2023/05/02 14:58:32.143 C:\Downloads\missed\EnrollCertXaml.dll//data0011.bin
  126.         detected 'UDS:DangerousObject.Multi.Generic'
  127. 2023/05/02 14:58:32.455 C:\Downloads\missed\EnrollCertXaml.dll
  128.         detected 'UDS:DangerousObject.Multi.Generic'
  129. 2023/05/02 14:58:32.518 \\?\C:\Downloads\missed\EnrollCertXaml.dll
  130.         scan result - INFECTED
复制代码
回复

举报

沧桑浪子
发表于 2023-5-2 15:05:21 | 显示全部楼层
文件的真实扩展名是什么?
回复

举报

UNknownOoo
发表于 2023-5-2 15:52:14 | 显示全部楼层
火绒
扫描:拉黑


风险路径:C:\Users\Administrator\Desktop\e5e3fae3ca2d0412c912487aec607dceeaaa5191dea09ba16803b45dcad617e1.dll, 病毒名:Trojan/Generic!1172A413E9D1968D, 病毒ID:1172a413e9d1968d, 处理结果:已处理,删除文件
回复

举报

ikun666
发表于 2023-5-2 15:57:35 | 显示全部楼层
火绒


本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

莒县小哥
发表于 2023-5-2 16:03:59 | 显示全部楼层
沧桑浪子 发表于 2023-5-2 15:05
文件的真实扩展名是什么?

[url=]QQ截图20230502160308.png[/url]

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

dght432
发表于 2023-5-2 16:27:27 | 显示全部楼层
类型:木马-Generic/Backdoor.EquationDrug.HgAASUUA
描述:木马是一种伪装成正常文件的恶意软件,会盗取您的帐号、密码等隐私资料。
扫描引擎:云安全引擎
文件路径:D:\360安全浏览器下载\e5e3fae3ca2d0412c912487aec607dceeaaa5191dea09ba16803b45dcad617e1\e5e3fae3ca2d0412c912487aec607dceeaaa5191dea09ba16803b45dcad617e1
文件大小:4.87M (5,109,551 字节)
文件指纹(MD5):3a0a6f8a73837ff59fabc9d77d4a5255
数字签名:
数字签名是否有效:无效
处理建议:隔离文件
回复

举报

下一页 »
12下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-11-2 08:19 , Processed in 0.126659 second(s), 18 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表