【开放测试】卡饭病毒样本包 第135期

真小读者

金山 2X


MSE补3X




剩余

uu005

Microsoft Defender Antivirus：
清空。

UNknownOoo

火绒
扫描：5x

1. 扫描文件：17
   
2. 发现风险：5
   
3. 已处理风险：0
   
4. 病毒详情：
   
5. 风险路径：C:\Users\UnknownOoo\Downloads\Compressed\17x (2024-06-27)\Transaction_Execution_Confirmation_000000.vbs, 病毒名：Trojan/VBS.Agent.cm, 病毒ID：3f1e0763c58cc9d4, 处理结果：暂不处理
   
6. 风险路径：C:\Users\UnknownOoo\Downloads\Compressed\17x (2024-06-27)\ups_awb_shipping_post_26062024224782020031808174CN18240624000002624(991KB).vbs, 病毒名：Trojan/VBS.Agent.cm, 病毒ID：3f1e0763c58cc9d4, 处理结果：暂不处理
   
7. 风险路径：C:\Users\UnknownOoo\Downloads\Compressed\17x (2024-06-27)\BNP DOC 12578945329763-7633562829.exe, 病毒名：HEUR:Trojan/Injector.an, 病毒ID：8fc1cd07c0df3ba2, 处理结果：暂不处理
   
8. 风险路径：C:\Users\UnknownOoo\Downloads\Compressed\17x (2024-06-27)\REQUEST FOR QUOTATION_pdf.exe, 病毒名：HVM:VirTool/Obfuscator.gen!A, 病毒ID：b27d4294cde6a1ec, 处理结果：暂不处理
   
9. 风险路径：C:\Users\UnknownOoo\Downloads\Compressed\17x (2024-06-27)\PO2024-0961.exe, 病毒名：HVM:VirTool/Obfuscator.gen!A, 病毒ID：b27d4294cde6a1ec, 处理结果：暂不处理

复制代码

X-Sec
扫描：11x

1. ---------------------
   
2. 2024/06/27 17:38:44 Threat Detected: C:\Users\UnknownOoo\Downloads\Compressed\17x (2024-06-27)\BNP DOC 12578945329763-7633562829.exe -- [rame-tfe] Backdoor.Androm!8.113
   
3. 2024/06/27 17:38:45 Threat Detected: C:\Users\UnknownOoo\Downloads\Compressed\17x (2024-06-27)\Document BT24·pdf.exe -- [rame-cloud] Trojan.Injector/NSIS!8.1294D
   
4. 2024/06/27 17:38:47 Threat Detected: C:\Users\UnknownOoo\Downloads\Compressed\17x (2024-06-27)\Ordine n.487685934 GIANCARLO & C. s.r.l convulsional.bat -- [rame-topis] Trojan.Agent/PS!8.1331B
   
5. 2024/06/27 17:38:47 Threat Detected: C:\Users\UnknownOoo\Downloads\Compressed\17x (2024-06-27)\LHDNM TAKSIRAN 2023·pdf.exe -- [rame-cloud] Trojan.Injector/NSIS!8.1294D
   
6. 2024/06/27 17:38:48 Threat Detected: C:\Users\UnknownOoo\Downloads\Compressed\17x (2024-06-27)\PO2024-0961.exe -- [rame-classic] Trojan.Injector/Autoit!1.FD30
   
7. 2024/06/27 17:38:49 Threat Detected: C:\Users\UnknownOoo\Downloads\Compressed\17x (2024-06-27)\PO 903886563 PDF.bat -- [rame-classic] Trojan.Obfus/BAT!1.FA1C
   
8. 2024/06/27 17:38:49 Threat Detected: C:\Users\UnknownOoo\Downloads\Compressed\17x (2024-06-27)\PRODUCTS LIST pdf.exe -- [rame-rdm.msil2] Malware.Obfus/MSIL@AI.83
   
9. 2024/06/27 17:38:50 Threat Detected: C:\Users\UnknownOoo\Downloads\Compressed\17x (2024-06-27)\REQUEST FOR QUOTATION_pdf.exe -- [rame-classic] Trojan.Injector/Autoit!1.FD30
   
10. 2024/06/27 17:38:51 Threat Detected: C:\Users\UnknownOoo\Downloads\Compressed\17x (2024-06-27)\ups_awb_shipping_post_26062024224782020031808174CN18240624000002624(991KB).vbs -- [rame-topis] Downloader.Agent/VBS!8.10EA5
    
11. 2024/06/27 17:38:51 Threat Detected: C:\Users\UnknownOoo\Downloads\Compressed\17x (2024-06-27)\Transaction_Execution_Confirmation_000000.vbs -- [rame-cloud] Downloader.Agent/VBS!8.10EA5
    
12. 2024/06/27 17:38:51 Threat Detected: C:\Users\UnknownOoo\Downloads\Compressed\17x (2024-06-27)\帳單發票_200548224648·pdf.exe -- [rame-cloud] Trojan.Injector/NSIS!8.1294D

复制代码

QVM360

1

QVM360

真小读者 发表于 2024-6-27 17:35
金山 2X

只杀了2个formbook，金山在干啥？

lindeng1988

1

RainCloud9

卡巴标准版：扫描16x，漏Product Inquiry

Asirt

腾讯电脑管家 kill all

驭龙

Scan Log
Version of detection engine: 29462P (20240627)
Date: 2024/6/27  Time: 17:58:31
Scanned disks, folders and files: D:\virus\17x (2024-06-27)
D:\virus\17x (2024-06-27)\BNP DOC 12578945329763-7633562829.exe - a variant of Win64/GenKryptik.GYXR trojan - cleaned by deleting [1]
D:\virus\17x (2024-06-27)\Document BT24·pdf.exe » NSIS » Script.nsi - NSIS/Injector.ASH trojan - cleaned by deleting [1]
D:\virus\17x (2024-06-27)\Jailkeeper.exe » NSIS » Script.nsi - NSIS/Injector.ASH trojan - cleaned by deleting [1]
D:\virus\17x (2024-06-27)\LHDNM TAKSIRAN 2023·pdf.exe » NSIS » Script.nsi - NSIS/Injector.ASH trojan - cleaned by deleting [1]
D:\virus\17x (2024-06-27)\Order 000293884849900.exe » NSIS » Script.nsi - NSIS/Injector.ASH trojan - cleaned by deleting [1]
D:\virus\17x (2024-06-27)\Ordine n.487685934 GIANCARLO & C. s.r.l convulsional.bat - PowerShell/Agent.BSH trojan - cleaned by deleting [1]
D:\virus\17x (2024-06-27)\PO 903886563 PDF.bat - MSIL/Spy.AgentTesla.F trojan - cleaned by deleting [1]
D:\virus\17x (2024-06-27)\PO2024-0961.exe » AUTOIT » script.bin - a variant of Win32/Injector.Autoit.GCR trojan - cleaned by deleting [1]
D:\virus\17x (2024-06-27)\PRODUCTS LIST pdf.exe - a variant of MSIL/Kryptik.ALVK trojan - cleaned by deleting [1]
D:\virus\17x (2024-06-27)\Quote Request (Tupy S.A.) 523AM - 924BR·pdf.exe » NSIS » Script.nsi - NSIS/Injector.ASH trojan - cleaned by deleting [1]
D:\virus\17x (2024-06-27)\REQUEST FOR QUOTATION_pdf.exe » AUTOIT » script.bin - a variant of Win32/Injector.Autoit.GCR trojan - cleaned by deleting [1]
D:\virus\17x (2024-06-27)\Transaction_Execution_Confirmation_000000.vbs - VBS/TrojanDownloader.Agent.AAOE trojan - cleaned by deleting [1]
D:\virus\17x (2024-06-27)\faktura_7171503997·pdf.exe » NSIS » Script.nsi - NSIS/Injector.ASH trojan - cleaned by deleting [1]
D:\virus\17x (2024-06-27)\faktura_7171503997·pdf.exe » NSIS » Indstningernes.Svi - PowerShell/Agent.BTQ trojan - cleaned by deleting [1]
D:\virus\17x (2024-06-27)\ups_awb_shipping_post_26062024224782020031808174CN18240624000002624(991KB).vbs - VBS/TrojanDownloader.Agent.AAOE trojan - cleaned by deleting [1]
D:\virus\17x (2024-06-27)\帳單發票_200548224648·pdf.exe » NSIS » Script.nsi - NSIS/Injector.ASH trojan - cleaned by deleting [1]
Number of scanned objects: 143
Number of detections: 16
Number of cleaned objects: 16
Time of completion: 17:59:31  Total scanning time: 60 sec (00:01:00)
剩余两个表格文档