龟包 240405 13X

神龟Turmi

下载：
https://malware.camp/Turtle/TurtleSUSP-240405.zip
分流：
https://mirrors-s1.malware.camp/Turtle/TurtleSUSP-240405.zip
https://mirrors-s2.malware.camp/Turtle/TurtleSUSP-240405.zip
https://mirrors-s3.malware.camp/Turtle/TurtleSUSP-240405.zip
龟包列表：
https://malware.camp/Turtle/

近期发现部分联通用户到龟包网盘有连通性问题，在联通解决问题之前可尝试备用域名：
https://chinaunicom-is-bullshit.icu/Turtle/TurtleSUSP-240405.zip

Fadouse

ESSP Kill All

1. Time;Scanner;Object type;Object;Detection;Action;User;Information;Hash;First seen here
   
2. 4/5/2024 7:48:22 PM;Real-time file system protection;file;E:\Code\Virus\TS-240405-06-FormBook-1cfcb7.exe;a variant of MSIL/GenKryptik.GWBH trojan;cleaned by deleting;LAPTOP\Fadouse;Event occurred on a new file created by the application: C:\Program Files\Bandizip\Bandizip.exe (AB7C5C3728A1B132444C69A31DA61541F2BF4B25).;1CFCB7606BF22484740569B8DE78F051C1ACC707;4/5/2024 7:47:03 PM
   
3. 4/5/2024 7:48:22 PM;Real-time file system protection;file;E:\Code\Virus\TS-240405-02-AgentTesla-caca8c.exe;a variant of MSIL/GenKryptik.GUQP trojan;cleaned by deleting;LAPTOP\Fadouse;Event occurred on a new file created by the application: C:\Program Files\Bandizip\Bandizip.exe (AB7C5C3728A1B132444C69A31DA61541F2BF4B25).;CACA8C470554999A59E19A0D839750FDFD7A8D49;4/5/2024 7:47:03 PM
   
4. 4/5/2024 7:48:22 PM;Real-time file system protection;file;E:\Code\Virus\TS-240405-12-UnknownStealer-b668df.exe;Python/Kryptik.BZ trojan;cleaned by deleting;LAPTOP\Fadouse;Event occurred on a new file created by the application: C:\Program Files\Bandizip\Bandizip.exe (AB7C5C3728A1B132444C69A31DA61541F2BF4B25).;B668DF2463F482D534E2AC228B8119AE07335CBE;
   
5. 4/5/2024 7:48:22 PM;Real-time file system protection;file;E:\Code\Virus\TS-240405-10-DanaBot-9d784d.exe;a variant of Win32/Spy.Danabot.X trojan;cleaned by deleting;LAPTOP\Fadouse;Event occurred on a new file created by the application: C:\Program Files\Bandizip\Bandizip.exe (AB7C5C3728A1B132444C69A31DA61541F2BF4B25).;9D784D81FEC551D248506901F7283ED7D91F8017;4/5/2024 7:47:03 PM
   
6. 4/5/2024 7:48:22 PM;Real-time file system protection;file;E:\Code\Virus\TS-240405-03-AgentTesla(AutoIt)-6cad09.exe;a variant of Win32/Injector.Autoit.FWU trojan;cleaned by deleting;LAPTOP\Fadouse;Event occurred on a new file created by the application: C:\Program Files\Bandizip\Bandizip.exe (AB7C5C3728A1B132444C69A31DA61541F2BF4B25).;6CAD09084E0E95A074113D25D54F5B38B73AB79A;
   
7. 4/5/2024 7:48:22 PM;Real-time file system protection;file;E:\Code\Virus\TS-240405-08-RisePro(NSIS)-b0a1b0.exe;multiple detections;cleaned by deleting;LAPTOP\Fadouse;Event occurred on a new file created by the application: C:\Program Files\Bandizip\Bandizip.exe (AB7C5C3728A1B132444C69A31DA61541F2BF4B25).;B0A1B04D20BA37F9C2670DA091003839A2B6DBEC;
   
8. 4/5/2024 7:48:22 PM;Real-time file system protection;file;E:\Code\Virus\TS-240405-01-AgentTesla-9fc59f.exe;a variant of MSIL/Kryptik.ALHV trojan;cleaned by deleting;LAPTOP\Fadouse;Event occurred on a new file created by the application: C:\Program Files\Bandizip\Bandizip.exe (AB7C5C3728A1B132444C69A31DA61541F2BF4B25).;9FC59F17062700AD9834F00573693235597407D9;4/5/2024 7:47:03 PM
   
9. 4/5/2024 7:48:22 PM;Real-time file system protection;file;E:\Code\Virus\TS-240405-11-DarkCrystal-9b8883.exe;a variant of MSIL/GenKryptik.GWAJ trojan;cleaned by deleting;LAPTOP\Fadouse;Event occurred on a new file created by the application: C:\Program Files\Bandizip\Bandizip.exe (AB7C5C3728A1B132444C69A31DA61541F2BF4B25).;9B888363101810CEE2956437E811DBB9FF627CF5;4/5/2024 7:47:03 PM
   
10. 4/5/2024 7:48:22 PM;Real-time file system protection;file;E:\Code\Virus\TS-240405-05-Snake(AutoIt)-9bfcdd.exe;a variant of Win32/Injector.Autoit.FWV trojan;cleaned by deleting;LAPTOP\Fadouse;Event occurred on a new file created by the application: C:\Program Files\Bandizip\Bandizip.exe (AB7C5C3728A1B132444C69A31DA61541F2BF4B25).;9BFCDD833AD77A9E29ACE1838714186624A755E6;
    
11. 4/5/2024 7:48:22 PM;Real-time file system protection;file;E:\Code\Virus\TS-240405-04-Snake-837219.exe;a variant of MSIL/Kryptik.ALHV trojan;cleaned by deleting;LAPTOP\Fadouse;Event occurred on a new file created by the application: C:\Program Files\Bandizip\Bandizip.exe (AB7C5C3728A1B132444C69A31DA61541F2BF4B25).;837219CC634A58CB7C10BE9A5D6759562EB8D3F3;4/5/2024 7:47:03 PM
    
12. 4/5/2024 7:48:22 PM;Real-time file system protection;file;E:\Code\Virus\TS-240405-13-Vidar-21319d.exe;a variant of MSIL/GenKryptik.GWAJ trojan;cleaned by deleting;LAPTOP\Fadouse;Event occurred on a new file created by the application: C:\Program Files\Bandizip\Bandizip.exe (AB7C5C3728A1B132444C69A31DA61541F2BF4B25).;21319D44520AE6EEB67AC511C7A4B22B0BC3C729;4/5/2024 7:47:05 PM
    
13. 4/5/2024 7:48:22 PM;Real-time file system protection;file;E:\Code\Virus\TS-240405-09-RisePro(PrivateLoader)-cc2dde.exe;a variant of MSIL/GenKryptik.GWAJ trojan;cleaned by deleting;LAPTOP\Fadouse;Event occurred on a new file created by the application: C:\Program Files\Bandizip\Bandizip.exe (AB7C5C3728A1B132444C69A31DA61541F2BF4B25).;CC2DDEF4BDB7E74FA27679BF4ECA560827A30DF7;4/5/2024 7:47:03 PM
    
14. 4/5/2024 7:48:22 PM;Real-time file system protection;file;E:\Code\Virus\TS-240405-07-FormBook(PNG)-0652e8.exe;a variant of MSIL/GenKryptik.GQMB trojan;cleaned by deleting;LAPTOP\Fadouse;Event occurred on a new file created by the application: C:\Program Files\Bandizip\Bandizip.exe (AB7C5C3728A1B132444C69A31DA61541F2BF4B25).;0652E8726F35B2C4E55766C02D7F24EC93AB5AAA;4/5/2024 7:47:03 PM
    

复制代码

biue

smz2011

卡巴+fs kill all

123456aaaafsdeg

fs剩余TS-240405-12-UnknownStealer-b668df.exe

LSPD

编辑掉

123456aaaafsdeg

LSPD 发表于 2024-4-5 20:04
360
扫描 kill 10x miss 3x
双击 blocked 1x kill 1x 杀衍生物 1x

楼上庞德晚上好

1094947421

01

12



08和11miss

夜莺算法

ANK 夜枭模型，KILL ALL

smz2011

LSPD 发表于 2024-4-5 20:04
360
扫描 kill 10x miss 3x
双击 blocked 1x kill 1x 杀衍生物 1x

360绝对有人蹲点