【开放测试】卡饭病毒样本包 20240822 第158期

UNknownOoo

火绒
扫描：20/43

X-Sec
扫描：28/43

877906025Z

江民（图中有重复项，实际清除数量以文本为准）
样本数量总数为：43
已删除文件数量为：33
已清除文件数量为：0
总检出数量为：33
未检出数量为：10
检出率为：76.74%

dght432

卡巴余3

xmt12

自制 36x
双击拦了一个衍生物

孤勇者

卡巴斯基 扫描kill40/43

swizzer

BD scan 14/43
executing 23/43

total 37/43

呼啸山庄

EES 11.1.2039.2 （
    来源：隔壁精睿
    Aggressive全开
）
实时文件反病毒 kill 35x miss 8x

Filtred Websites block https://upds.auzreedge.net 2x

42872113112dc9ca8b53992587d75d71f37a141c9d41b85d44ded522590f2b48.exe

687ca3acd2f56ee6059efb08ea991f7decb33a2533861d1e424c4851819ac8a8.exe

实时文件反病毒 kill x.exe 触发重启清除

Request for Quotation + sample catalog.exe

miss

打开浏览器 访问https://account.google.com/（后面还有一串我就不写了） 并全屏

07cc8eb881eff980395eb530f49e185f39e10f0825268e2fe9416aa2b7d4453a.exe

76cdfca72aa3e088d6efa8a3c047df0c65bc6c65964c1a803ca35c5bce56f980.exe

9a11dc115feeae708cfd13b8ccaf398935f52244d7d270b633001d485e48becc.exe

af9a561efadcaa33d58cf18078ec0aa122167020ff71e6521503216c9fabc94c.exe

c4db3dc8b38901831313b40f0171c1e1f858c5ecd7ffef9e0421fb948870062c.exe

Logs:

ninjagaocc

扫描日志

2024-08-22 19:54:10    右键扫描    发现35个威胁，处理35个
2024-08-22 19:53:14    右键扫描    没有发现威胁



360安全卫士国际版
离线查杀0
在线查杀35
在线查杀完成后打开文件夹还剩8个

双击均触发拦截
途中自动触发全盘扫描，强制取消
双击全部完成后被删除3个，最后剩下5个

心醉咖啡

腾讯电脑管家

1. 【扫描信息】
   
2. 
   
3. 开始时间:2024-8-22 20:52:48
   
4. 扫描用时:00:00:01
   
5. 扫描类型:自定义扫描
   
6. 扫描状态:扫描完成
   
7. 
   
8. 
   
9. 【扫描结果】
   
10. 
    
11. 扫描文件数:44
    
12. 发现风险数:41
    
13. 已处理风险数:41
    
14. 
    
15. 
    
16. ---------------------
    
17. 2024-8-22 20:53:06 MD5:2056eed137c4ccc05b92ba0dfa5c857d E:\浏览器下载\infected2024082201\Samples\07cc8eb881eff980395eb530f49e185f39e10f0825268e2fe9416aa2b7d4453a.exe [Malicious]  [删除成功]
    
18. 2024-8-22 20:53:06 MD5:861892f267f889518f3789ce0fcb0cf2 E:\浏览器下载\infected2024082201\Samples\RFQ REF-AJTAJC-766677ASD-ALJ-677888- (AL DHAFRA) AL JABER - SUPPLY DELIVERY AND SUPPLY_5763-BASE ORDER.exe [Malicious]  [删除成功]
    
19. 2024-8-22 20:53:06 MD5:597c7745de1949be25d9c4849aa11cb7 E:\浏览器下载\infected2024082201\Samples\waybill_original_invoice_bl_packing_list_shipment_22_08_2024_00000_pdf.vbs [Vbs.Trojan.Sagent.Zchl]  [删除成功]
    
20. 2024-8-22 20:53:06 MD5:1e9f8600c533eb4c5a1ada0122017d2b E:\浏览器下载\infected2024082201\Samples\VXCGMJHSDF.exe [Msil.Trojan.Kryptik.Mgil]  [删除成功]
    
21. 2024-8-22 20:53:06 MD5:c48bc1056a412d4d876624f2ddbfd5f4 E:\浏览器下载\infected2024082201\Samples\Tender_24910.exe [Malicious]  [删除成功]
    
22. 2024-8-22 20:53:05 MD5:e79eceb6ed1ad863b1f0d8e51bbb132f E:\浏览器下载\infected2024082201\Samples\SC2338R52920004392024.exe [Malicious]  [删除成功]
    
23. 2024-8-22 20:53:05 MD5:adee037a2a0e36129b2a9fb5f0413648 E:\浏览器下载\infected2024082201\Samples\SAMPLE ORDER.vbs [Vbs.Trojan.Sagent.osmw]  [删除成功]
    
24. 2024-8-22 20:53:05 MD5:a6f41865f3bef2396c639ec21063ed3c E:\浏览器下载\infected2024082201\Samples\RFQ-230802024PDF.exe [Malicious]  [删除成功]
    
25. 2024-8-22 20:53:05 MD5:5e600b594c0110f0cc817b9f60f5fb92 E:\浏览器下载\infected2024082201\Samples\Quotation.exe [Malicious]  [删除成功]
    
26. 2024-8-22 20:53:05 MD5:73ac270fc137ea80ec793d70e6dcaab3 E:\浏览器下载\infected2024082201\Samples\QUOTATION - RFQ# 2200002827.exe [Malicious]  [删除成功]
    
27. 2024-8-22 20:53:05 MD5:b9cb503314288ddb6a075032f15446ec E:\浏览器下载\infected2024082201\Samples\PURCHASE ORDER_330011 SEPTEMBER 2024.exe [Malicious]  [删除成功]
    
28. 2024-8-22 20:53:05 MD5:f24c07bf7027c4ad75afe9723f0d81e2 E:\浏览器下载\infected2024082201\Samples\PI 22_8_2024.exe [Malicious]  [删除成功]
    
29. 2024-8-22 20:53:05 MD5:d3226db8dd04c027017861652efb86c8 E:\浏览器下载\infected2024082201\Samples\Payment Swift-67654pdf.exe [Win32.Trojan.FalseSign.Mcnw]  [删除成功]
    
30. 2024-8-22 20:53:05 MD5:0ebef0bd0eb57e4c16826a928a67c0ae E:\浏览器下载\infected2024082201\Samples\PAGO DE DEPO
    
31. 2024-8-22 20:53:05 MD5:12ead7ca520aa563acfc82f1cf12558d E:\浏览器下载\infected2024082201\Samples\NEW.P.ORDER .ENQUIRY56433PDF.exe [Win32.Trojan.FalseSign.Ymhl]  [删除成功]
    
32. 2024-8-22 20:53:04 MD5:4e13d75e978c69d69b54bb9d2df516cd E:\浏览器下载\infected2024082201\Samples\NEW ORDER.exe [Malicious]  [删除成功]
    
33. 2024-8-22 20:53:04 MD5:3ce1e9f82cf31e5eb477f2d3515030cb E:\浏览器下载\infected2024082201\Samples\KDHDDKD.exe [Malicious]  [删除成功]
    
34. 2024-8-22 20:53:04 MD5:22472b6702c2b1835b018ac7a00ac134 E:\浏览器下载\infected2024082201\Samples\Halkbank_Ekstre_20240821_081328_672367.exe [Win32.Trojan.FalseSign.Gjgl]  [删除成功]
    
35. 2024-8-22 20:53:04 MD5:ef2f151c1cef2bb8b29efdf21f24bb4a E:\浏览器下载\infected2024082201\Samples\FedEx_AWB#53053132046.exe [Win32.Trojan.FalseSign.Jcnw]  [删除成功]
    
36. 2024-8-22 20:53:04 MD5:2a862d97cc67da2511680862033b5228 E:\浏览器下载\infected2024082201\Samples\eba7df179c830bbead2a78934f2bf3e77fcc4aacf90b69c5be49a2fa68adf8b4.exe [Win32.Trojan-QQPass.QQRob.Cwnw]  [删除成功]
    
37. 2024-8-22 20:53:04 MD5:fdaeba7e13e6ac00083356a9552580f7 E:\浏览器下载\infected2024082201\Samples\e74e33beca2c58b9c097c15037ecb8229ba6515c3e046b9541023e6de4fe9c5e.exe [Malicious]  [删除成功]
    
38. 2024-8-22 20:53:04 MD5:178dd43990d66184c453df31a2d52435 E:\浏览器下载\infected2024082201\Samples\DOC4634563783PDF..exe [Win64.Trojan.Kryptik.fkjl]  [删除成功]
    
39. 2024-8-22 20:53:04 MD5:979951c8de45460fff2197797b54aa1e E:\浏览器下载\infected2024082201\Samples\d1abb50ea4d533a3e57b99e347d5d8675896ce23576987edcc9c3426ffb0c380.exe [Malicious]  [删除成功]
    
40. 2024-8-22 20:53:04 MD5:4ae1aaa04a36672b99f3aac5af298655 E:\浏览器下载\infected2024082201\Samples\Copia ra
    
41. 2024-8-22 20:53:04 MD5:fb8ceb5135addb1381c35bdccb8c796f E:\浏览器下载\infected2024082201\Samples\c4db3dc8b38901831313b40f0171c1e1f858c5ecd7ffef9e0421fb948870062c.exe [Malicious]  [删除成功]
    
42. 2024-8-22 20:53:04 MD5:4777e7f05fd00c4d760eb3f2c9aed68b E:\浏览器下载\infected2024082201\Samples\bd9ca2dc4d06f966007b03c5731c94308325d43ab0c2777c99e34a41d8de73ac.exe [Malicious]  [删除成功]
    
43. 2024-8-22 20:53:04 MD5:731e80d3ba46f0d4deb8ddb84f7e63a3 E:\浏览器下载\infected2024082201\Samples\b96ab6c88f951c9bd60800a30c93b777b5dfae31cbd02218a1e9e584dc3953f8.exe [Malicious]  [删除成功]
    
44. 2024-8-22 20:53:04 MD5:80c3a4c5c220adce769d0e8c2dff063d E:\浏览器下载\infected2024082201\Samples\af9eb52fefdaea155d5129eea96e10a4b99a5538a4ea0f3c9d5c2a926d3d968e.hta [Script.Trojan.Generic.wimw]  [删除成功]
    
45. 2024-8-22 20:53:03 MD5:61250561a4ecc12a11a6afaa10aa372b E:\浏览器下载\infected2024082201\Samples\af9a561efadcaa33d58cf18078ec0aa122167020ff71e6521503216c9fabc94c.exe [Malicious]  [删除成功]
    
46. 2024-8-22 20:53:03 MD5:655a5965f6358d8391e18cff5e600815 E:\浏览器下载\infected2024082201\Samples\acc17deb417db03958118c1ac08156e0fca081605b909644523dd3fa887cf674.exe [Malicious]  [删除成功]
    
47. 2024-8-22 20:53:03 MD5:d679fa415f3ab0ddb2532ea23ea62ff6 E:\浏览器下载\infected2024082201\Samples\9a11dc115feeae708cfd13b8ccaf398935f52244d7d270b633001d485e48becc.exe [Malicious]  [删除成功]
    
48. 2024-8-22 20:53:03 MD5:11c1f8dec3c36d8a4f5df69460cf9a9a E:\浏览器下载\infected2024082201\Samples\94acc32760e093e4aea5cc43f0912e33b3969a7b7a406ba2d5241639f4d89d3c.exe [Win32.Trojan.FalseSign.ekjl]  [删除成功]
    
49. 2024-8-22 20:53:03 MD5:e79a2bcf684a6ffbc4cfad76edf27809 E:\浏览器下载\infected2024082201\Samples\88b5ed74d4fc6f2cf6394bd1766f44df61e7dc9b810cfacbecba5b34af3bf57d.exe [Malicious]  [删除成功]
    
50. 2024-8-22 20:53:03 MD5:4f132cd93fe858362c4feb4d4effd90a E:\浏览器下载\infected2024082201\Samples\82d99b840ac392300eb572ed71f77b62278361bce95488e24b0f53de4d67ad8c.exe [Win32.Trojan.Ad.gajl]  [删除成功]
    
51. 2024-8-22 20:53:03 MD5:cf7788f4c3c7c5e58f5b05c15d076dc3 E:\浏览器下载\infected2024082201\Samples\76cdfca72aa3e088d6efa8a3c047df0c65bc6c65964c1a803ca35c5bce56f980.exe [Malicious]  [删除成功]
    
52. 2024-8-22 20:53:03 MD5:126e60b91cfe9668d55982489a68d58a E:\浏览器下载\infected2024082201\Samples\75a5173ae9a99933323ffc8f635686739c847933288a1cf465270c8648cee22b.hta [Win32.Trojan.Malware.juzi]  [删除成功]
    
53. 2024-8-22 20:53:03 MD5:cf7c1cb71ad11a8c4ab07ffc3afa2f67 E:\浏览器下载\infected2024082201\Samples\6eb12a217689847fa90ae6ac61401fe0349653808da3e4386abf01ee4f56e2f9.exe [Win32.Trojan.Strab.Fkjl]  [删除成功]
    
54. 2024-8-22 20:53:03 MD5:baca20176152b3fe10c617728055ddbc E:\浏览器下载\infected2024082201\Samples\687ca3acd2f56ee6059efb08ea991f7decb33a2533861d1e424c4851819ac8a8.exe [Malicious]  [删除成功]
    
55. 2024-8-22 20:53:03 MD5:752bb9d031dd925b12f3ebde35f8ba9d E:\浏览器下载\infected2024082201\Samples\658d178daf7d2e339c220225e2fc4194419d976a8702aa2ccd7339842f84b699.exe [Win32.Trojan.Miner.Rgil]  [删除成功]
    
56. 2024-8-22 20:53:02 MD5:cf30d7842cee35c1e4d15a00e9b920dc E:\浏览器下载\infected2024082201\Samples\5831205-POS.exe [Malicious]  [删除成功]
    
57. 2024-8-22 20:53:02 MD5:133fc4990dda68fb30417b81aa4d3d59 E:\浏览器下载\infected2024082201\Samples\53c21c1975b578d25f6f634ffbf374e04ec908af4813bdedc721d271f8598df9.exe [Win32.Trojan.Miner.Twhl]  [删除成功]
    
58. ---------------------
    

复制代码

YU2711

Avira 37x


双击
3个脚本





允许后



剩下的2个皆无法运行