龟包 240312 9X

显示全部楼层 · 发表于 2024-3-12 20:08:24

下载：
https://malware.camp/Turtle/TurtleSUSP-240312.zip
分流：
https://mirrors-s1.malware.camp/Turtle/TurtleSUSP-240312.zip
https://mirrors-s2.malware.camp/Turtle/TurtleSUSP-240312.zip
https://mirrors-s3.malware.camp/Turtle/TurtleSUSP-240312.zip
龟包列表：
https://malware.camp/Turtle/

Webroot：

扫描7X 双击1X衍生物余StrRAT无Java环境暂未双击
合计8/9

显示全部楼层 · 发表于 2024-3-12 20:10:42

本帖最后由 t0kenzero 于 2024-3-12 20:32 编辑

cylance 7X
Miss
TS-240312-04-StrRAT-856900
TS-240312-08-UnknownStealer-51f52a

显示全部楼层 · 发表于 2024-3-12 20:13:09

本帖最后由 Fadouse 于 2024-3-12 20:15 编辑

Kaspersky Premium+ ESSP 清空

Jar运行卡巴斯基PDM杀
其余解压杀

Time;Scanner;Object type;Object;Detection;Action;User;Information;Hash;First seen here
3/12/2024 8:13:21 PM;Real-time file system protection;file;E:\Code\Virus\TS-240312-02-RisePro-b03aed.exe;a variant of MSIL/Kryptik.ALDJ trojan;cleaned by deleting;LAPTOP\Fadouse;Event occurred on a new file created by the application: C:\Program Files\Bandizip\Bandizip.exe (AB7C5C3728A1B132444C69A31DA61541F2BF4B25).;B03AEDDEE413357B2A9BAD2E408C59894DAAEA9A;3/12/2024 8:12:01 PM
3/12/2024 8:13:21 PM;Real-time file system protection;file;E:\Code\Virus\TS-240312-01-AgentTesla-362ce9.exe;a variant of MSIL/Kryptik.ALDN trojan;cleaned by deleting;LAPTOP\Fadouse;Event occurred on a new file created by the application: C:\Program Files\Bandizip\Bandizip.exe (AB7C5C3728A1B132444C69A31DA61541F2BF4B25).;362CE94F21182850CCAA5B6504D8C1E78FFD06A9;3/12/2024 8:12:00 PM
3/12/2024 8:13:22 PM;Real-time file system protection;file;E:\Code\Virus\TS-240312-05-Remcos-368d0b.exe;Win32/TrojanDownloader.ModiLoader.ABF trojan;cleaned by deleting;LAPTOP\Fadouse;Event occurred on a new file created by the application: C:\Program Files\Bandizip\Bandizip.exe (AB7C5C3728A1B132444C69A31DA61541F2BF4B25).;368D0BB53222008A264E8E860CC181540A48EA5F;3/12/2024 8:12:01 PM
3/12/2024 8:13:25 PM;Real-time file system protection;file;E:\Code\Virus\TS-240312-09-Lumma-a2aef4.exe;a variant of MSIL/Kryptik.ALCY trojan;cleaned by deleting;LAPTOP\Fadouse;Event occurred on a new file created by the application: C:\Program Files\Bandizip\Bandizip.exe (AB7C5C3728A1B132444C69A31DA61541F2BF4B25).;A2AEF4A79EC52FE8BD228A49FD78A7876DC4600B;3/12/2024 8:12:01 PM
3/12/2024 8:13:26 PM;Real-time file system protection;file;E:\Code\Virus\TS-240312-08-UnknownStealer-51f52a.exe;a variant of Win32/TrojanDropper.Agent.SLC trojan;cleaned by deleting;LAPTOP\Fadouse;Event occurred on a new file created by the application: C:\Program Files\Bandizip\Bandizip.exe (AB7C5C3728A1B132444C69A31DA61541F2BF4B25).;51F52A5A139D1642CA71A2A41A09D8BB4524709C;
3/12/2024 8:13:27 PM;Real-time file system protection;file;E:\Code\Virus\TS-240312-06-FormBook-7aa5cc.exe;a variant of MSIL/Kryptik.ALDA trojan;cleaned by deleting;LAPTOP\Fadouse;Event occurred on a new file created by the application: C:\Program Files\Bandizip\Bandizip.exe (AB7C5C3728A1B132444C69A31DA61541F2BF4B25).;7AA5CCCD0EF833A30C1E111A44A1990E7C8F9702;3/12/2024 8:12:01 PM
3/12/2024 8:13:28 PM;Real-time file system protection;file;E:\Code\Virus\TS-240312-03-RisePro-130424.exe;a variant of Win32/Agent.ADVG trojan;cleaned by deleting;LAPTOP\Fadouse;Event occurred on a new file created by the application: C:\Program Files\Bandizip\Bandizip.exe (AB7C5C3728A1B132444C69A31DA61541F2BF4B25).;13042435D155CBA9C0170C815A3D920D1BB527F4;3/12/2024 8:12:01 PM

复制代码

Event: Malicious object detected
Application: Java(TM) Platform SE binary
User: LAPTOP\Fadouse
User type: Initiator
Component: System Watcher
Result description: Detected
Type: Trojan
Name: PDM:Trojan.Win32.Bazon.a
Threat level: High
Object type: File
Object path: E:\Code\Virus
Object name: TS-240312-04-StrRAT-856900.jar
Reason: Behavior analysis
Databases release date: Today, 3/12/2024 2:48:00 PM
MD5: 575D75ECAE9946950AF94951BFAC908E
Event: Malicious object detected
User: LAPTOP\Fadouse
User type: Initiator
Application name: explorer.exe
Application path: C:\Windows
Component: File Anti-Virus
Result description: Detected
Type: Trojan
Name: UDS:Trojan.MSIL.Taskun.gen
Precision: Exactly
Threat level: High
Object type: File
Object name: TS-240312-01-AgentTesla-362ce9.exe
Object path: E:\Code\Virus
MD5 of an object: B2C3A82ACF4112B2489CB9BDCA04B8EF
Reason: Cloud Protection

复制代码

显示全部楼层 · 发表于 2024-3-12 20:23:17

本帖最后由祸兮福所倚于 2024-3-12 20:24 编辑

监控3X+扫描3X=6X

显示全部楼层 · 发表于 2024-3-12 20:24:30

华为7x

【1】 2024-03-12 20:23:28，自定义扫描，发现风险7个风险项目
病毒库版本：2024031202
杀毒引擎版本：11.Release_2024022800
开始时间：2024-03-12 20:23:28
总计用时：00:00:00
任务状态：已完成
扫描文件：9
发现风险：7
已处理风险：0
病毒详情：
病毒名称：Win32.Trojan.NN_@t1.9912，病毒文件名称：TS-240312-01-AgentTesla-362ce9.exe，病毒文件路径：D:\下载\Compressed\TurtleSUSP-240312\，病毒等级：中，病毒类型：木马病毒，病毒发现时间：2024-03-12 20:23:28，处置结果：未处置
病毒名称：Win32.Trojan.NN_@t1.9995，病毒文件名称：TS-240312-02-RisePro-b03aed.exe，病毒文件路径：D:\下载\Compressed\TurtleSUSP-240312\，病毒等级：中，病毒类型：木马病毒，病毒发现时间：2024-03-12 20:23:28，处置结果：未处置
病毒名称：Win32.Trojan.NN_@t1.9914，病毒文件名称：TS-240312-03-RisePro-130424.exe，病毒文件路径：D:\下载\Compressed\TurtleSUSP-240312\，病毒等级：中，病毒类型：木马病毒，病毒发现时间：2024-03-12 20:23:29，处置结果：未处置
病毒名称：Win32.Trojan.NN_@t1.9991，病毒文件名称：TS-240312-05-Remcos-368d0b.exe，病毒文件路径：D:\下载\Compressed\TurtleSUSP-240312\，病毒等级：中，病毒类型：木马病毒，病毒发现时间：2024-03-12 20:23:29，处置结果：未处置
病毒名称：Win32.Trojan.NN_@t1.9955，病毒文件名称：TS-240312-06-FormBook-7aa5cc.exe，病毒文件路径：D:\下载\Compressed\TurtleSUSP-240312\，病毒等级：中，病毒类型：木马病毒，病毒发现时间：2024-03-12 20:23:29，处置结果：未处置
病毒名称：Win32.Trojan.NN_@t1.9947，病毒文件名称：TS-240312-08-UnknownStealer-51f52a.exe，病毒文件路径：D:\下载\Compressed\TurtleSUSP-240312\，病毒等级：中，病毒类型：木马病毒，病毒发现时间：2024-03-12 20:23:29，处置结果：未处置
病毒名称：Win32.Trojan.NN_@t1.9999，病毒文件名称：TS-240312-09-Lumma-a2aef4.exe，病毒文件路径：D:\下载\Compressed\TurtleSUSP-240312\，病毒等级：中，病毒类型：木马病毒，病毒发现时间：2024-03-12 20:23:29，处置结果：未处置

复制代码

显示全部楼层 · 发表于 2024-3-12 20:29:01

PYAS

显示全部楼层 · 发表于 2024-3-12 20:36:49

360

显示全部楼层 · 发表于 2024-3-12 21:05:03

本帖最后由 DisaPDB 于 2024-3-12 21:11 编辑

360 二扫6x

StrRAT ATA高置信

显示全部楼层 · 发表于 2024-3-12 21:14:03

江民3X

显示全部楼层 · 发表于 2024-3-12 22:29:13

卡巴斯基 plus 9/9

[病毒样本] 龟包 240312 9X

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源