【开放测试】卡饭病毒样本包 第131期

赵姐123

咖啡
kill 11个

user114514

蜘蛛扫描8

Total virus-finding records: 12027769
File size: 9.23 MB
File MD5: 806c6529a5d7722b6034e8384be063ea

20240622-000825.zip - archive ZIP
>20240622-000825.zip/A24-00342B139336 #TW_Inquiry.xls infected with Exploit.Siggen3.49352
>20240622-000825.zip/Copper Order List - Technical Specification.xls infected with Exploit.Siggen3.49353
>20240622-000825.zip/DHL_Document.exe - archive NSIS
>>20240622-000825.zip/DHL_Document.exe/script.bin - Ok
>>20240622-000825.zip/DHL_Document.exe/Vinkelstuers.Teg - Ok
>>20240622-000825.zip/DHL_Document.exe/Nonstructured.Bag infected with PowerShell.Siggen.2046
>>20240622-000825.zip/DHL_Document.exe/Berloque34.urb - Ok
>>20240622-000825.zip/DHL_Document.exe/Lenticulas.nyb - Ok
>>20240622-000825.zip/DHL_Document.exe/Livsforsikringssummers.acc - Ok
>>20240622-000825.zip/DHL_Document.exe/Ophavsrettigheds.txt - Ok
>>20240622-000825.zip/DHL_Document.exe/Serrifera.sto - Ok
>>20240622-000825.zip/DHL_Document.exe/undre.pro - Ok
>20240622-000825.zip/DHL_Shipping_Invoice_Awb_0000000.vbs - Ok
>20240622-000825.zip/Letter-04.doc - Ok
>20240622-000825.zip/Main.dll packed by FLY-CODE
>>20240622-000825.zip/Main.dll packed by BINARYRES
>>>20240622-000825.zip/Main.dll packed by FLY-CODE
>>>>20240622-000825.zip/Main.dll - Ok
>20240622-000825.zip/OSL 621 =E6=A1=83=E5=9C=92 =E2=80=93 HONG KONG 1X40=E2=80=99HQ, SO 0308 TSL.scr - Ok
>20240622-000825.zip/Order of CTS-SFCS-104.exe - archive BINARYRES
>>20240622-000825.zip/Order of CTS-SFCS-104.exe/data001 - archive NET
>>20240622-000825.zip/Order of CTS-SFCS-104.exe/data001 - Ok
>>20240622-000825.zip/Order of CTS-SFCS-104.exe/data002 - archive NET
>>>20240622-000825.zip/Order of CTS-SFCS-104.exe/data002/ho - Ok
>>20240622-000825.zip/Order of CTS-SFCS-104.exe/data002 - Ok
>>20240622-000825.zip/Order of CTS-SFCS-104.exe/data003 - archive NET
>>20240622-000825.zip/Order of CTS-SFCS-104.exe/data003 - Ok
>20240622-000825.zip/Order of CTS-SFCS-104.exe - Ok
>20240622-000825.zip/PAGO M-R4535555397585634646347575473462634652356426267547533.bat infected with PowerShell.DownLoader.2011
>20240622-000825.zip/Techno_PO LV12406-001.xla - archive OLE
>>20240622-000825.zip/Techno_PO LV12406-001.xla/stream000 - archive OPEN XML
>>>20240622-000825.zip/Techno_PO LV12406-001.xla/stream000/[Content_Types].xml - Ok
>>>20240622-000825.zip/Techno_PO LV12406-001.xla/stream000/_rels/.rels - Ok
>>>20240622-000825.zip/Techno_PO LV12406-001.xla/stream000/xl/workbook.xml - Ok
>>>20240622-000825.zip/Techno_PO LV12406-001.xla/stream000/docProps/thumbnail.wmf - Ok
>>>20240622-000825.zip/Techno_PO LV12406-001.xla/stream000/docProps/app.xml - Ok
>>>20240622-000825.zip/Techno_PO LV12406-001.xla/stream000/docProps/core.xml - Ok
>>20240622-000825.zip/Techno_PO LV12406-001.xla/stream000 - Ok
>20240622-000825.zip/Techno_PO LV12406-001.xla - Ok
>20240622-000825.zip/Untrim.exe - archive NSIS
>>20240622-000825.zip/Untrim.exe/script.bin - Ok
>>20240622-000825.zip/Untrim.exe/Syphilography.Slu - Ok
>>20240622-000825.zip/Untrim.exe/Invaried.Afl infected with PowerShell.Siggen.2046
>>20240622-000825.zip/Untrim.exe/Overmastered.txt - Ok
>>20240622-000825.zip/Untrim.exe/affectionate.der - Ok
>>20240622-000825.zip/Untrim.exe/brugsforeningens.pse - Ok
>>20240622-000825.zip/Untrim.exe/motley.str - Ok
>>20240622-000825.zip/Untrim.exe/regisse.emb - Ok
>>20240622-000825.zip/Untrim.exe/skildrings.sid - Ok
>20240622-000825.zip/XecretsEz.dll - archive BINARYRES
>>20240622-000825.zip/XecretsEz.dll/data001 - Ok
>>20240622-000825.zip/XecretsEz.dll/data002 - archive NET
>>20240622-000825.zip/XecretsEz.dll/data002 - Ok
>20240622-000825.zip/XecretsEz.dll - Ok
>20240622-000825.zip/gunzipped.exe - archive NSIS
>>20240622-000825.zip/gunzipped.exe/script.bin - Ok
>>20240622-000825.zip/gunzipped.exe/Inconsistently.Skn - Ok
>>20240622-000825.zip/gunzipped.exe/besvigelser.Sta infected with PowerShell.Siggen.2046
>>20240622-000825.zip/gunzipped.exe/flelseslses.txt - Ok
>>20240622-000825.zip/gunzipped.exe/genever.eul - Ok
>>20240622-000825.zip/gunzipped.exe/indoperer.cle - Ok
>>20240622-000825.zip/gunzipped.exe/naiv.idr - Ok
>>20240622-000825.zip/gunzipped.exe/novemberes.val - Ok
>>20240622-000825.zip/gunzipped.exe/nskestudiet.dou - Ok
>20240622-000825.zip/i4jinst.dll infected with Trojan.Siggen28.63322
>20240622-000825.zip/red-view-19jun24-5195586f4.exe - Ok
>20240622-000825.zip/solace.exe infected with Trojan.Encoder.39141

wuming_bpnes

Sophos 8x killed

1. ML/PE-A
   
2. C:\Users\test\Desktop\17x (2024-06-21)\OSL 621 桃圼url=home.php?mod=space&uid=340]@[/url] – HONG KONG 1X40’HQ, SO 0308 TSL.scr

复制代码

1. Mal/Generic-S
   
2. C:\Users\test\Desktop\17x (2024-06-21)\Order of CTS-SFCS-104.exe

复制代码

1. Mal/Generic-S
   
2. C:\Users\test\Desktop\17x (2024-06-21)\XecretsEz.dll

复制代码

1. Troj/WikiLd-A
   
2. C:\Users\test\Desktop\17x (2024-06-21)\i4jinst.dll

复制代码

1. Mal/Generic-S
   
2. C:\Users\test\Desktop\17x (2024-06-21)\DHL_Document.exe

复制代码

1. Generic Reputation PUA
   
2. C:\Users\test\Desktop\17x (2024-06-21)\Main.dll

复制代码

1. Mal/Generic-S
   
2. C:\Users\test\Desktop\17x (2024-06-21)\Untrim.exe

复制代码

1. Mal/Generic-S
   
2. C:\Users\test\Desktop\17x (2024-06-21)\gunzipped.exe

复制代码

haoren000

    剩下2个

QVM360

360




DHL的那个vbs，双击报蠕虫

BitterLotus

DeepInstinct 扫描13x + 双击1x(vbs)

inhh1

QVM360 发表于 2024-6-21 23:35
那个xla就是个excel宏文件

wps带宏的打开一点反应都没有

winter0203

windows安全中心防御成功 虽然在解压过程没有进行任何防御 但是在打开时无一例外被拦截 没有一个样本成功打开

金山毒霸 查杀 15个，剩余两个，剩余两个文件中，red-view双击测试有安全提示


对其中的4份感染病毒文档采取的修复的办法，并没有像某些安全软件一样直接“粗暴删除”，相关文档修复后均可以正常安全打开。

小Q机器人

赵姐123 发表于 2024-6-21 22:34
安天智甲
最新病毒库
KILL 14

安天这么强？在哪里下载的？如何获取授权？谢谢！