【开放测试】卡饭病毒样本包 20240711 第142期

显示全部楼层 · 发表于 2024-7-11 19:16:57

Komeiji-Reimu 发表于 2024-7-11 18:13
360和Avast都有人测了，这回卡巴表现相当不错

卡巴都杀了

那个jar是远控

显示全部楼层 · 发表于 2024-7-11 19:22:41

QVM360 发表于 2024-7-11 19:16
那个jar是远控

打jar包的远控，这么神奇

显示全部楼层 · 发表于 2024-7-11 19:44:03

Komeiji-Reimu 发表于 2024-7-11 19:22
打jar包的远控，这么神奇

adwind都是jar格式

显示全部楼层 · 发表于 2024-7-11 19:46:55

QVM360 发表于 2024-7-11 19:44
adwind都是jar格式

那他们是怎么传播的？入侵winserver？

显示全部楼层 · 发表于 2024-7-11 19:53:58

本帖最后由 heheda2001 于 2024-7-11 19:58 编辑

竟然这么久没见eset的测试，那我来试试

---

eset右键扫描剩余4个

---

右键看了第三个dll后kill，目前剩余除gg.dll以外的三个

显示全部楼层 · 发表于 2024-7-11 20:25:47

Komeiji-Reimu 发表于 2024-7-11 19:46
那他们是怎么传播的？入侵winserver？

这个不知道，看这个文件名应该是通过邮件船舶

显示全部楼层 · 发表于 2024-7-11 20:48:10

本帖最后由 StarlitFuture 于 2024-7-11 21:45 编辑

COMODO 2025 Antivirus Module Kill 1, TDT Module Block 1，其余入沙

显示全部楼层 · 发表于 2024-7-11 20:52:18

本帖最后由 UNknownOoo 于 2024-7-11 20:57 编辑

X-Sec
42x

---------------------
2024/07/11 20:53:26 Threat Detected: C:\下载\1\502407267 RUAG FOODPLAZA.exe -- [rame-rdm.msil2] Malware.Obfus/MSIL@AI.100
2024/07/11 20:53:28 Threat Detected: C:\下载\1\Antilose 2.0.exe -- [rame-cloud] Backdoor.XWorm!8.1812C
2024/07/11 20:53:28 Threat Detected: C:\下载\1\468831A372D4DA91E95DDECA13DF69B6.exe -- [rame-cloud] Backdoor.Bladabindi!8.B1F
2024/07/11 20:53:29 Threat Detected: C:\下载\1\AT90USB646-MU 1300pcs.exe -- [rame-cloud] Trojan.Kryptik!8.8
2024/07/11 20:53:29 Threat Detected: C:\下载\1\COMPROVANTE DE PAGAMENTO.ppam -- [rame-vba] Malware.Obfus/VBA@AI.80
2024/07/11 20:53:30 Threat Detected: C:\下载\1\CPHC.exe -- [rame-rdm.msil2] Malware.Obfus/MSIL@AI.90
2024/07/11 20:53:30 Threat Detected: C:\下载\1\dump.exe -- [rame-classic] Trojan.SmokeLoader!1.F5D8
2024/07/11 20:53:30 Threat Detected: C:\下载\1\DELAY NOTICE - ONE_FORTUNE - 001W (MD22425W).scr -- [rame-rdm.msil2] Malware.Obfus/MSIL@AI.80
2024/07/11 20:53:30 Threat Detected: C:\下载\1\Employees_MonthlyReport.bat -- [rame-rdm.msil2] Malware.Obfus/MSIL@AI.81
2024/07/11 20:53:35 Threat Detected: C:\下载\1\explorti.exe -- [rame-cloud] Trojan.Generic!8.C3
2024/07/11 20:53:35 Threat Detected: C:\下载\1\falcata amphigoric.exe -- [rame-cloud] Trojan.Generic!8.C3
2024/07/11 20:53:35 Threat Detected: C:\下载\1\Fatura-V208-10004208.pdf -.jar -- [rame-cloud] Trojan.Undefined!8.1327C
2024/07/11 20:53:35 Threat Detected: C:\下载\1\Fatura-0724-0281-6540-1.exe -- [rame-cloud] Trojan.Kryptik!8.8
2024/07/11 20:53:36 Threat Detected: C:\下载\1\FedEx Invoice_2447707012.exe -- [rame-cloud] Trojan.Kryptik!8.8
2024/07/11 20:53:37 Threat Detected: C:\下载\1\file-4.exe -- [rame-cloud] Dropper.Agent!8.2F
2024/07/11 20:53:38 Threat Detected: C:\下载\1\file-6.exe -- [rame-classic] Trojan.Runner/SFX!1.FA4A
2024/07/11 20:53:39 Threat Detected: C:\下载\1\file-7.exe -- [rame-cloud] Stealer.Tepfer!8.13357
2024/07/11 20:53:40 Threat Detected: C:\下载\1\FlawlessLoader))).exe -- [rame-classic] Trojan.Runner/SFX!1.FA4A
2024/07/11 20:53:40 Threat Detected: C:\下载\1\GCleaner-2.exe -- [rame-cloud] Stealer.Tepfer!8.13357
2024/07/11 20:53:41 Threat Detected: C:\下载\1\GCleaner.exe -- [rame-tfe] Stealer.Tepfer!8.13357
2024/07/11 20:53:42 Threat Detected: C:\下载\1\gg (2).dll -- [rame-cloud] Stealer.Mimikatz!8.1335D
2024/07/11 20:53:43 Threat Detected: C:\下载\1\gunzipped.exe -- [rame-cloud] Trojan.Makoob!8.10A67
2024/07/11 20:53:43 Threat Detected: C:\下载\1\gg.dll -- [rame-cloud] Trojan.Convagent!8.12323
2024/07/11 20:53:44 Threat Detected: C:\下载\1\Inoue Nissei Pte - N° 972 oT RH- 1268. 2024-pdf.exe -- [rame-rdm.msil2] Malware.Obfus/MSIL@AI.90
2024/07/11 20:53:45 Threat Detected: C:\下载\1\KHJ#7723TG (.exe -- [rame-rdm.msil2] Malware.Obfus/MSIL@AI.90
2024/07/11 20:53:46 Threat Detected: C:\下载\1\linoleum preacherizes.exe -- [rame-cloud] Trojan.Leonem!8.15E05
2024/07/11 20:53:47 Threat Detected: C:\下载\1\Lzvd.exe -- [rame-cloud] Trojan.Kryptik!8.8
2024/07/11 20:53:48 Threat Detected: C:\下载\1\KWOTASIE.exe -- [rame-cloud] Trojan.Injector/NSIS!8.1294D
2024/07/11 20:53:52 Threat Detected: C:\下载\1\NEW PURCHASE ORDER REQUEST LPO PO-24-0869.exe -- [rame-cloud] Trojan.Undefined!8.1327C
2024/07/11 20:53:54 Threat Detected: C:\下载\1\NEW QUOTATION.vbs -- [rame-topis] Trojan.GuLoader/VBS!8.15FAA
2024/07/11 20:53:54 Threat Detected: C:\下载\1\PAYMENT COPY.vbs -- [rame-topis] Trojan.GuLoader/VBS!8.15FAA
2024/07/11 20:53:57 Threat Detected: C:\下载\1\MBL- B-1440 Draft Invoice.exe -- [rame-rdm.msil2] Malware.Obfus/MSIL@AI.90
2024/07/11 20:54:58 Threat Detected: C:\下载\1\PO#RSB-892378827393_2324 _REV.exe -- [rame-cloud] Trojan.Kryptik!8.8
2024/07/11 20:55:00 Threat Detected: C:\下载\1\PURCHASE ORDER - ESPLSPO2400129.exe -- [rame-cloud] Trojan.Makoob!8.10A67
2024/07/11 20:55:01 Threat Detected: C:\下载\1\PURCHASE_ORDER.exe -- [rame-rdm.msil2] Malware.Obfus/MSIL@AI.90
2024/07/11 20:55:02 Threat Detected: C:\下载\1\QUOTATION_JULQTRA071244úPDF.scr -- [rame-rdm.msil2] Malware.Obfus/MSIL@AI.91
2024/07/11 20:55:02 Threat Detected: C:\下载\1\Purchase Order.exe -- [rame-rdm.msil2] Malware.Obfus/MSIL@AI.81
2024/07/11 20:55:03 Threat Detected: C:\下载\1\RFQ_92889128.pif -- [rame-rdm.msil2] Malware.Obfus/MSIL@AI.81
2024/07/11 20:55:05 Threat Detected: C:\下载\1\RS8RlKC3V8acct1190M2K,pdf.exe -- [rame-cloud] Trojan.Runner/VBS!8.10F50
2024/07/11 20:55:06 Threat Detected: C:\下载\1\winrar.exe -- [rame-classic] Trojan.Runner/SFX!1.FA4A
2024/07/11 20:55:07 Threat Detected: C:\下载\1\USD59800.exe -- [rame-rdm.msil2] Malware.Obfus/MSIL@AI.100
2024/07/11 20:55:07 Threat Detected: C:\下载\1\XqPg.exe -- [rame-rdm.msil2] Malware.Obfus/MSIL@AI.94

复制代码

显示全部楼层 · 发表于 2024-7-11 21:07:21

本帖最后由 haol 于 2024-7-11 21:14 编辑

Emsisoft found 27 threats.

显示全部楼层 · 发表于 2024-7-11 21:12:42

本帖最后由 123456aaaafsdeg 于 2024-7-11 21:15 编辑

IKARUS - T3SCAN

[病毒样本] 【开放测试】卡饭病毒样本包 20240711 第142期

本帖子中包含更多资源

本帖子中包含更多资源

评分

评分

本帖子中包含更多资源

评分

本帖子中包含更多资源

评分