1x

DisaPDB

VT(5/72)

1. 类型:木马-HEUR/QVM202.0.4E1A.Malware.Gen
   
2. 描述:木马是一种伪装成正常文件的恶意软件，会盗取您的帐号、密码等隐私资料。
   
3. 扫描引擎:云特征引擎
   
4. 文件路径:C:\Users\Administrator\Desktop\vvvghy.exe
   
5. 文件大小:359.6K (368,208 字节)
   
6. 文件版本:3.0.18
   
7. 文件描述:VLC media player
   
8. 文件指纹（MD5）:76356bad579688116d470e501c3d8456
   
9. 处理建议:隔离文件
   

复制代码

t0kenzero

HMPA kill

anxiety520

卡巴 MISS
上报中

F-Secure MISS

UNknownOoo

火绒
扫描：未检出
运行：环境检测文件名检测（

将文件名改成*6046*.exe/*6026*.exe即可运行
...尽量保留样本传播时的文件名

1. 病毒详情：
   
2. 风险路径：mem://7276-0x66a8f30f-0x29c0000-C:\Users\Serendipity\Desktop\setup查看_6046.exe, 病毒名：Backdoor/Lotok.dhk, 病毒ID：6088b64c90ac3c43, 处理结果：处理失败，进程结束失败
   
3. 风险路径：mem://7276-0x66a8f30f-0x180000000-C:\Users\Serendipity\Desktop\setup查看_6046.exe, 病毒名：Backdoor/Lotok.dhk, 病毒ID：6088b64c90ac3c43, 处理结果：处理成功，进程已结束
   

复制代码

yaokai815

腾管kill

pal家族

Hello,

Detection will be included in the next update.
Trojan-Downloader.Win64.Agent.baz

Best regards, Pavel Sinenko, Malware Analyst
39A/3 Leningradskoe Shosse, Moscow, 125212, Russia Tel./Fax: + 7 (495) 797 8700 http://www.kaspersky.com https://securelist.com
https://opentip.kaspersky.com/ - get insights about suspicious files, hashes, URLs, IP addresses or domain names

__________________________________________

From: 12345678@qq.com
Received: 3/29/2024 7:00:49 AM (UTC)
Sent: 3/29/2024 7:00:49 AM (UTC)
To: newvirus@kaspersky.com
Subject: Kaspersky Anti-virus Lab replies to your request [VD3] [FILE:X] [LN:EN]

Client feedback, query ca01f03451871f6e1052190d58867ee4a7c14b9cbf81b5f17eda9810c1666272, type [Hash], zone [Grey], was sent with the following commentary:
kaspersky false positive and false negative report hello this is a malware pls recheck it.

This message is generated automatically by OpenTIP.
With Best regards,
OpenTIP Team.

DisaPDB

UNknownOoo 发表于 2024-3-29 14:46
火绒
扫描：未检出
运行：环境检测文件名检测（

如果我说一开始下载的时候就不是这个文件名你信吗

祸兮福所倚

yaokai815

瑞星miss

fever腾腾

毒霸miss