【开放测试】卡饭病毒样本包 20240825 第159期

QVM360

警告：

       本主题帖中所包含的任何文件和附件都有危害你的计算机的可能，并且没有安全软件可以100%防护这些样本。样本仅供测试、交流和学习，禁止用于任何非法用途。
       请在虚拟机中测试样本。对于下载样本、附件以及点击链接所导致的任何数据泄露、破坏，以及所产生的任何损失，本人和卡饭论坛不负任何责任。

样本下载：

https://mc163.lanzoue.com/iWbYr28cngob
https://pan.huang1111.cn/s/dkab3SV
https://homeserver.iepose.cn/dow ... 1BDBA1020E4B55E.zip
SHA256: A018C194366ED70FAD292D9EB481C52FDD5EBBEE60BE19C1A3BE4B1F8E45D9E2
压缩包密码：infected


如果样本中包含.ps1文件(Powershell脚本)，则需要手动打开cmd.exe输入以下指令允许运行ps1脚本:

Powershell.exe Set-ExecutionPolicy Bypass

奖励/惩罚规则：
正式测试期间的奖励规则：
1、参加完整扫描测试并提供未检测的样本名，+5经验
2、上传相关截图，+5经验。
3、上传双击结果（必须带图或日志），+10~20经验。
4、测试多款安全软件的，奖励累加。
5、每期样本包会在正式测试期间评选最佳测试贴，只评选1贴，加80经验。
      被评选次数达到5次可PM我领取1魅力奖励。长期测试样本，也有魅力奖励。
惩罚规则：
1、占楼后2小时内未能给出测试结果的，视为灌水，按照论坛规定处理
2、其他违规行为，按照论坛相关规定处理。

注意：扫描/双击日志请以附件形式（压缩包）或图片上传，也可以 以1号字体放在回复中。         
          对于日志过长以至于影响会员刷帖/回帖体验的回复，管理人员有权进行屏蔽处理。

当前测试阶段：开放测试

----------------------------------------------------
往期测试样本包下载（可能不全）：
https://mc163.lanzoue.com/b0edaxo1g
密码:GkNO64bFD5bf


有个.unknown文件实际上是.msc格式，忘记修改拓展名了

ongarabazanade

360杀毒-扫描52X+双击2X=54X

yeahnangua

elastic defend解压后剩余

双击后剩余：1cd83928bbee6ff1f341904a82b878fcbd05fbe18009736c622550448227f5d2.msi 似乎没跑出行为

莒县小哥

WD杀62枚

上报后

心醉咖啡

腾讯电脑管家

1. <font size="1">【扫描信息】
   
2. 
   
3. 开始时间:2024-8-25 17:27:28
   
4. 扫描用时:00:00:02
   
5. 扫描类型:自定义扫描
   
6. 扫描状态:扫描完成
   
7. 
   
8. 
   
9. 【扫描结果】
   
10. 
    
11. 扫描文件数:113
    
12. 发现风险数:64
    
13. 已处理风险数:64
    
14. 
    
15. 
    
16. ---------------------
    
17. 2024-8-25 17:28:05 MD5:5b7097912960607daaa5512ac31c0963 E:\浏览器下载\67x (2024-08-25)\1\0380ad0e1ec6b522801c179cac24a5da871e0b46cb51ce7d16ca1faf9ac39185.exe [Msil.Trojan-QQPass.QQRob.Nzfl]  [删除成功]
    
18. 2024-8-25 17:28:05 MD5:1b596dcf471c7fc5c61b97e56c8377c4 E:\浏览器下载\67x (2024-08-25)\1\9e9c2fb86b9215aabb51108105b5c5a553f9c2d4904f8f03c4a8b7ff3602c989.exe [Msil.Trojan.Kryptik.Tnkl]  [删除成功]
    
19. 2024-8-25 17:28:04 MD5:0fcffc0e5bca1874887bef4e68d40636 E:\浏览器下载\67x (2024-08-25)\1\a7ac669fd2de191ac8646191592bee752ee99e5cccfd560617cd22124fb6df36.hta [Script.Trojan.Generic.jflw]  [删除成功]
    
20. 2024-8-25 17:28:04 MD5:4b0481822a305ed0953842f5b3a3806d E:\浏览器下载\67x (2024-08-25)\1\b91b54efd84fa64888501a28e5f1559af5fa96537ea73c77a415a201de407aa8.exe [Msil.Trojan.Agent.Hplw]  [删除成功]
    
21. 2024-8-25 17:28:04 MD5:afb8793370f8680ebb62340f37ca53d9 E:\浏览器下载\67x (2024-08-25)\1\fefcfa8597b5fa49c388a6f9423888f6ec68a0aab2becdbf93dd42b539649853.exe [Malicious]  [删除成功]
    
22. 2024-8-25 17:28:04 MD5:2c506a37b9c8aaabb0adfd87c2a59904 E:\浏览器下载\67x (2024-08-25)\1\f35f0e4e75cecd966522d441ee8e8a736b3ed4cffb7c09e95b20181bc807f932.exe [Win32.Trojan.Avi.Lcnw]  [删除成功]
    
23. 2024-8-25 17:28:04 MD5:25243822b373e327d5b11bfbf35096fe E:\浏览器下载\67x (2024-08-25)\1\f1e926c920a1237359c19c38e305d884c3bad3dc6c0993ebb5c83e41ef7e50ae.msi [Malicious]  [删除成功]
    
24. 2024-8-25 17:28:03 MD5:6cfcb4c2224743f8f606f2278fbdd514 E:\浏览器下载\67x (2024-08-25)\1\ee8ebb3f722c9e0c099c5fb4fb6cb851ddc30a67e18c85b9d691e88b9f06f758.exe [Win32.Trojan-QQPass.QQRob.Fwnw]  [删除成功]
    
25. 2024-8-25 17:28:03 MD5:f2d12112667e6027cbd4f42b91914da6 E:\浏览器下载\67x (2024-08-25)\1\ea6805bd9c1003cdbf40519d712c7bb6c09246a69f0b72c8b62e830f9606b9d1.exe [Win32.Script.Agent.Bwnw]  [删除成功]
    
26. 2024-8-25 17:28:03 MD5:c5b35da7aa7f99460eaa845b640d25ac E:\浏览器下载\67x (2024-08-25)\1\e0be120f524ee2bbfe7878f69f836d422139c4e4e4ad8feee7a2a9c3a19b0585.exe [Win32.Trojan.Avi.Msmw]  [删除成功]
    
27. 2024-8-25 17:28:03 MD5:c803083844ffe198e790c3ef5f73412b E:\浏览器下载\67x (2024-08-25)\1\dbdad9f84fcfb2f1213417be79c8df2981fc9aba527e8f0e49605e7c4a94ba23.exe [Msil.Trojan-QQPass.QQRob.Gmnw]  [删除成功]
    
28. 2024-8-25 17:28:03 MD5:042349274adf924c1895f61d34511569 E:\浏览器下载\67x (2024-08-25)\1\db8822b6a2dd963205143dfca7346b1c8cfc5e009de8254bd0e019c42ce34aac.lnk [Win32.Trojan.Agent.Gmnw]  [删除成功]
    
29. 2024-8-25 17:28:03 MD5:6e6fe5129fa655edfdfd329e7f9439cf E:\浏览器下载\67x (2024-08-25)\1\d55bf242cf55b18737f72327ea752d3657a5b7c79bc2f71a27c7533ff7be4c3f.exe [Win32.Trojan.Injector.vimw]  [删除成功]
    
30. 2024-8-25 17:28:02 MD5:13facf5abdf5f741c24b640b0e60347a E:\浏览器下载\67x (2024-08-25)\1\d53641a8cbaa9208b0efa58d6dda60c62a8883ed4eea4bd9507ed761cf648d34.exe [Win32.Trojan.FalseSign.Vimw]  [删除成功]
    
31. 2024-8-25 17:28:02 MD5:e29081b6a3a9204379abd03cb3c8b622 E:\浏览器下载\67x (2024-08-25)\1\d29f332c6b049cd51cef8b50e0174f1e9e8aa0a50858558490a64bbd23291a56.exe [Msil.Trojan.Agent.Simw]  [删除成功]
    
32. 2024-8-25 17:28:02 MD5:4e02977deb299f825827b8f72dda2453 E:\浏览器下载\67x (2024-08-25)\1\d1da093ac49949a3dde10a26463c983fb97920f95e51559190845a6a1d4c2497.exe [Win32.Trojan-QQPass.QQRob.Rimw]  [删除成功]
    
33. 2024-8-25 17:28:01 MD5:43836ffa128f094572f6c3f68114f07a E:\浏览器下载\67x (2024-08-25)\1\cccb59dbcce9a68ffed699333477bba15ef02b19de9e5a345eed09e87440fc28.exe [Msil.Backdoor.Dcrat.Lcnw]  [删除成功]
    
34. 2024-8-25 17:28:01 MD5:0ede12f097d29c21ea7529752cc68dd3 E:\浏览器下载\67x (2024-08-25)\1\9a4b0c02ec1fa56e2f1bd9993c466d114de05dafec3f6c59d3819337186d1f56.exe [Win32.Trojan-QQPass.QQRob.Pnkl]  [删除成功]
    
35. 2024-8-25 17:28:01 MD5:1333eed37ea01795d72a67b7957e9392 E:\浏览器下载\67x (2024-08-25)\1\9894f10975f52720336d2bb142fe3c985501c1402aab2a471b0f8ea5bbc14acc.exe [Msil.Trojan-QQPass.QQRob.Ikjl]  [删除成功]
    
36. 2024-8-25 17:28:01 MD5:acd6100b0f2c783fe09740e441c8db8d E:\浏览器下载\67x (2024-08-25)\1\9690eff3fd51fb5810464f53529bb39b4327fb74c75be52e9bd5565ae3ee1ec7.exe [Win32.Trojan.Miner.Gkjl]  [删除成功]
    
37. 2024-8-25 17:28:01 MD5:5a906023e898f54a6476852576224727 E:\浏览器下载\67x (2024-08-25)\1\9363c7e1f53307e5ff04f282616f2204d8b1167cfbc4210378ade6a06ff337af.exe [Win32.Trojan.Dropper.Dkjl]  [删除成功]
    
38. 2024-8-25 17:28:01 MD5:91dd6ee8e62b032c8264b3b55e69eddb E:\浏览器下载\67x (2024-08-25)\1\895417f8fd168a02d71365994d4e4500cdbf31af01be6ce8998fc38a342cac2e.exe [Win32.Trojan.FalseSign.Najl]  [删除成功]
    
39. 2024-8-25 17:28:01 MD5:2f211e0b650b06d8d04d07a356632366 E:\浏览器下载\67x (2024-08-25)\1\c600989ebd427e04cee3f3c9ef72bd303978ae06baa71a8799214a5cf4fea4fb.exe [Win32.Trojan.Avi.azlw]  [删除成功]
    
40. 2024-8-25 17:28:00 MD5:367009ea6fe948f4c0773f4cd1274a5f E:\浏览器下载\67x (2024-08-25)\1\ace74890b732a42e4d481744266121b1bca84a36c730dc563813e26f781a7512.exe [Msil.Backdoor.Crysan.Timw]  [删除成功]
    
41. 2024-8-25 17:28:00 MD5:d1d823832afb7df34906c2fde1ad760f E:\浏览器下载\67x (2024-08-25)\1\a92ebbd861bebbb9538f8239b9cd01bd909c51f75205ad531a45036c3f72d2f7.exe [Msil.Trojan.Bladabindi.Lflw]  [删除成功]
    
42. 2024-8-25 17:28:00 MD5:e22588b227673158f945994b75891b19 E:\浏览器下载\67x (2024-08-25)\1\a59640e1fd35cc864861dda2e4fb1fdcadbb6a0668fcb3bf9ff5ab2675ad8d4e.exe [Win32.Trojan.Miner.Hflw]  [删除成功]
    
43. 2024-8-25 17:28:00 MD5:aa513aeb77795e0b8fb42a7c8d650b42 E:\浏览器下载\67x (2024-08-25)\1\a542d970968b57ab4173cd039ddb1fd3cc0ff5e7090b45d412ca0f43df52de4c.exe [Msil.Trojan-Spy.Downeks.Hflw]  [删除成功]
    
44. 2024-8-25 17:28:00 MD5:fc3e901fdbe99e7af967d7cc694596d7 E:\浏览器下载\67x (2024-08-25)\1\9ae5e9a733c073e37ca44d3405d1f5d0c62c9f4a045ab5add8c293986516ebfb.exe [Msil.Trojan-QQPass.QQRob.Pnkl]  [删除成功]
    
45. 2024-8-25 17:28:00 MD5:3d320aedb4dde84e584b539b62b98497 E:\浏览器下载\67x (2024-08-25)\1\81d7b2b6e5566698ac4465ef8e720ab06f53045fdfcf8b74be09cb118b8ab993.exe [Msil.Trojan.Filecoder.fajl]  [删除成功]
    
46. 2024-8-25 17:28:00 MD5:d26b933aca99728327906192603a5569 E:\浏览器下载\67x (2024-08-25)\1\7bb5065427ae8c97d5839ae66c67bda992acd9f761401d259af4ebcf9e6ff586.exe [Win32.Trojan.Avi.Ytjl]  [删除成功]
    
47. 2024-8-25 17:27:59 MD5:1e7d63713cd0183c9533046523c36897 E:\浏览器下载\67x (2024-08-25)\1\7819baf7b4f9ad38195fb6756b0e94f1efd4116f4a5efda282354ce8288593d4.exe [Win32.Trojan-QQPass.QQRob.Qqil]  [删除成功]
    
48. 2024-8-25 17:27:59 MD5:7a9487ce2c00a5c4300fa9ecc2bd884f E:\浏览器下载\67x (2024-08-25)\1\76846c41892808fe140e19cc79ad61458e97e2b557ddc591f68cbae759eeb5a4.exe [Msil.Backdoor.Crysan.Oqil]  [删除成功]
    
49. 2024-8-25 17:27:59 MD5:d3348d383a614ddf7405f189fcf10a4b E:\浏览器下载\67x (2024-08-25)\1\74578b222794e3342c4f7d4ee59d0191e7bdd6a2329eabf6e034e285393ddadb.exe [Win32.Trojan.Miner.Mqil]  [删除成功]
    
50. 2024-8-25 17:27:59 MD5:32acbdf48472ba783782b6e201bdff5d E:\浏览器下载\67x (2024-08-25)\1\529ff848c96ad5781e1fca999b5abdbcf40fc9696f3a1e4171418bb40ca34ff0.exe [Msil.Trojan.Agent.Swhl]  [删除成功]
    
51. 2024-8-25 17:27:59 MD5:1d583232f3c2b05528bc0933838bfc11 E:\浏览器下载\67x (2024-08-25)\1\506a31efcda3ac332e2f7ea696b967aeb7f96dc028812500b8f9c69f3201769c.exe [Msil.Backdoor.Agent.Qwhl]  [删除成功]
    
52. 2024-8-25 17:27:59 MD5:59e2915249df7dd278f9fd216cfe2b28 E:\浏览器下载\67x (2024-08-25)\1\4f9b94d86d678e910ca6a563563baa80d7575852dc9f2b05553bb0fae2b1232e.exe [Win32.Trojan.Avi.oqil]  [删除成功]
    
53. 2024-8-25 17:27:58 MD5:9f3505d4d53376c68d28e5c76449d6f9 E:\浏览器下载\67x (2024-08-25)\1\4c840a0355723638725621473ca6d5c98cb9efec4c848b10d57c9ab4883c413b.exe [Win32.Trojan.Generic.Lqil]  [删除成功]
    
54. 2024-8-25 17:27:58 MD5:a8c50d90885cd6ee4210bcdebfc583e9 E:\浏览器下载\67x (2024-08-25)\1\4742bb6c8ce1f057a84e6fd8a53234b858c6242e4b707f868897c33a48d29307.exe [Win32.Trojan.Generic.Bnhl]  [删除成功]
    
55. 2024-8-25 17:27:58 MD5:56130894f8bfb3a0f4b33cd2f9d765b4 E:\浏览器下载\67x (2024-08-25)\1\42449a23a43b96161f6360e53895ca8dc6487c2966ab579889ffa76b3223f75e.msi [Malicious]  [删除成功]
    
56. 2024-8-25 17:27:58 MD5:21ff984e7125b257066024c0af0b7d84 E:\浏览器下载\67x (2024-08-25)\1\74442c540f07200122c8b3eab2a8bfd91709414c6571e1492c7b5ab7d1e0a7e7.exe [Win32.Trojan.FalseSign.Mqil]  [删除成功]
    
57. 2024-8-25 17:27:58 MD5:8ccc4ccb2d53f699bca2cfc801b300b5 E:\浏览器下载\67x (2024-08-25)\1\6be4dd9af27712f5ef6dc7d684e5ea07fa675b8cbed3094612a6696a40c664ce.unknown [Vbs.Trojan.Agent.ckjl(aiScore=m)]  [删除成功]
    
58. 2024-8-25 17:27:58 MD5:8af7ce731b2ed48aabb19211713e89d9 E:\浏览器下载\67x (2024-08-25)\1\6b2b12acaa74119ad165b5961c1e913f5272f6bf535f424788fd1fbf4151ee41.exe [Msil.Backdoor.Dcrat.Ckjl]  [删除成功]
    
59. 2024-8-25 17:27:58 MD5:8ac3d32ddd136180b75c36a39398f39f E:\浏览器下载\67x (2024-08-25)\1\645697f87e53786ed389243b7c493452d1f4dde157741bbe27d31f4bd87f833b.exe [Msil.Trojan.Agent.Qgil]  [删除成功]
    
60. 2024-8-25 17:27:58 MD5:5ff5712069f1f56f5f7ce88bca97ba2e E:\浏览器下载\67x (2024-08-25)\1\5e4fa07bf0f249c715efac189ccd912b2c47f3117db72d2a96f9cc87080a910e.exe [Win32.Trojan-Spy.Stealer.Jajl]  [删除成功]
    
61. 2024-8-25 17:27:57 MD5:ec11395a4f9b30672b9392e14e684c24 E:\浏览器下载\67x (2024-08-25)\1\57716a4b2bcadec1a8ed2a88e33f79e49deb095f18f71eafd05ec18b80c60691.exe [Win32.Trojan.FalseSign.Xwhl]  [删除成功]
    
62. 2024-8-25 17:27:57 MD5:c4c96777b904f7607a6cbcf2c0f2fd5f E:\浏览器下载\67x (2024-08-25)\1\1888e01f3cc9fe82d7396c71bc232dbed09c1f0313953a9716e7e2f4cbc1c160.lnk [Win32.Trojan.Agent.Ojgl]  [删除成功]
    
63. 2024-8-25 17:27:57 MD5:2b6f6836db46f93418fadfdb93672fe5 E:\浏览器下载\67x (2024-08-25)\1\15b7a9a420c80d9e2609f3933a23b233ddb6b3a0a6d0f28a92a20d2016f36cd7.exe [Msil.Trojan.Xeno.Ljgl]  [删除成功]
    
64. 2024-8-25 17:27:57 MD5:785607a320f7338a45583ba5a4351cfc E:\浏览器下载\67x (2024-08-25)\1\1353ef9da4acb986188b6aae8930ecd1618afc282c4f9d6a85b7f07412d93efd.exe [Msil.Backdoor.Dcrat.Jjgl]  [删除成功]
    
65. 2024-8-25 17:27:57 MD5:3cdd56c8c4b3fa16951d3a014293bc23 E:\浏览器下载\67x (2024-08-25)\1\0f36b29682773fc287bb3095b2da4da3ad3d46d9a86d717cffc5a7109a7e1e0f.lnk [Win32.Trojan.Agent.Edhl]  [删除成功]
    
66. 2024-8-25 17:27:57 MD5:9be855a91d73fd96f358170f53f7258f E:\浏览器下载\67x (2024-08-25)\1\0b7224d095d4aea60bddacaaabd28b7ea89b7d065181a3943fb125d3a10ab77f.exe [Win32.Trojan-QQPass.QQRob.Adhl]  [删除成功]
    
67. 2024-8-25 17:27:56 MD5:adb81ee2c652fa0dfee02412dd29cab2 E:\浏览器下载\67x (2024-08-25)\1\05f166422fb22b19535d1a5760d016891e8f3df65f682c616a6a92805f4c7746.exe [Win64.Trojan-Ransom.Agent.Pzfl]  [删除成功]
    
68. 2024-8-25 17:27:56 MD5:530a1c69fdcf416dfb4bacd22fddbcc1 E:\浏览器下载\67x (2024-08-25)\1\03a0840fdc9689368d1dd8cf6d7b7ec8b09e5e71982c8022680190592f3d791c.exe [Msil.Backdoor.Crysan.Nzfl]  [删除成功]
    
69. 2024-8-25 17:27:56 MD5:2ac52dc8615b7b7fb21b3cc7c71520fc E:\浏览器下载\67x (2024-08-25)\1\272782fc32b1a84b4260f11a1e5bff285add1fed8e89cab5366307ac8fad34c5.exe [Msil.Backdoor.Agent.Jtgl]  [删除成功]
    
70. 2024-8-25 17:27:56 MD5:bac096285504e0dd7865ece7088293e4 E:\浏览器下载\67x (2024-08-25)\1\1dd72465d073061b2d444bf5765b27db4b1ce6e501f142c5b49ea221ac3da1f3.exe [Win32.Script.Agent.Ymhl]  [删除成功]
    
71. 2024-8-25 17:27:56 MD5:78e42be60a0108b16c0a68b29af1b711 E:\浏览器下载\67x (2024-08-25)\1\1cd83928bbee6ff1f341904a82b878fcbd05fbe18009736c622550448227f5d2.msi [Script.Trojan-Downloader.Sload.Xmhl]  [删除成功]
    
72. 2024-8-25 17:27:56 MD5:8aa82edc08c49bb81cb4c45e6d6d72fd E:\浏览器下载\67x (2024-08-25)\1\1cd67fdb3775cbff262e7f7763fac8c3c86730d855611c3b236e8b99ec80d02b.exe [Win32.Trojan.Avi.Xmhl]  [删除成功]
    
73. 2024-8-25 17:27:56 MD5:f03f923a946b08616fee19c2a9076b3f E:\浏览器下载\67x (2024-08-25)\1\1bffa15a83bd20f9270ae364b13085f8e3214b0acacf49d85694eb463fbcf4b8.hta [Vbs.Trojan-Downloader.Der.Wmhl]  [删除成功]
    
74. 2024-8-25 17:27:55 MD5:c7d85e67f5fdc3192ca7e353f2b4aa4a E:\浏览器下载\67x (2024-08-25)\1\1895041a55e8140edb13224deb2a5ec651cbcc19ee3700cd0cc2e90fce2f3751.bat [Win32.Trojan.Kryptik.ojgl(aiScore=m)]  [删除成功]
    
75. 2024-8-25 17:27:55 MD5:1a283f35d7e975a7bddeefa78241391f E:\浏览器下载\67x (2024-08-25)\1\41ffba55c3d4f5e91b55a889a6657272867d3c386cf9e81dc07b7ad8752e32e2.exe [Win32.Backdoor.Remcos.Vmhl]  [删除成功]
    
76. 2024-8-25 17:27:55 MD5:0aed5461aac50ce1f8e2ecd99f3015d7 E:\浏览器下载\67x (2024-08-25)\1\411ad55772b124c0bd043cf23bc4b17ea5c4148e76118bc62f767dacc4651486.exe [Msil.Worm.Xworm.Vmhl]  [删除成功]
    
77. 2024-8-25 17:27:55 MD5:a4fb7315c8f17cbfbf9c341209ec3788 E:\浏览器下载\67x (2024-08-25)\1\378d287411180c7a4a675116862bd810b8250a7c11a3c5fd04b04ef59e0e4cf8.exe [Msil.Trojan.Quasar.Xdkl]  [删除成功]
    
78. 2024-8-25 17:27:55 MD5:d0ad1150a2e7c9699e00e265bf46d236 E:\浏览器下载\67x (2024-08-25)\1\31eb20b5c7a48b125b80229b085e19088463e388f8a76e948e37b8c40aad1ecd.exe [Win64.Trojan.Cobalstrike.Zchl]  [删除成功]
    
79. 2024-8-25 17:27:55 MD5:af7a7e841a1d2058face99a3569fd3dc E:\浏览器下载\67x (2024-08-25)\1\2b17ed4a6cb47f0c38e7d21aec4dc0db0df9369506faf6ba60239431c9ec677a.exe [Win32.Trojan.Agen.Swhl]  [删除成功]
    
80. 2024-8-25 17:27:55 MD5:9ca88a66e64760c3338dc5c1928c80be E:\浏览器下载\67x (2024-08-25)\1\29db4d6bce2297d878cfef9b5ffc452dc7299a25b53219fa215cce7f7bdd3910.exe [Win32.Trojan.Deyma.Ltgl]  [删除成功]
    
81. ---------------------
    
82. </font>

复制代码

xmt12

360 52x

QVM360

yeahnangua 发表于 2024-8-25 17:05
elastic defend解压后剩余

双击后剩余：1cd83928bbee6ff1f341904a82b878fcbd05fbe18009736c622550448227 ...

这么多双击全杀了？发个日志

xmt12

自制 50x
双击日志

1. 病毒拦截:C:\Users\x\Desktop\1\fefcfa8597b5fa49c388a6f9423888f6ec68a0aab2becdbf93dd42b539649853.exe(Trojan(0.9662))
   
2. 病毒拦截:C:\Users\x\Desktop\1\fefcfa8597b5fa49c388a6f9423888f6ec68a0aab2becdbf93dd42b539649853.exe(Trojan(0.9662))
   
3. 病毒拦截:C:\Users\x\AppData\Roaming\fa.exe(Trojan(1.0))
   

复制代码

合计53/69

yeahnangua

QVM360 发表于 2024-8-25 17:30
这么多双击全杀了？发个日志

加在附件里了

Loyisa

红伞 扫描 59/67x
双击 2/67x
共计 61/67x

余


双击后余

1bffa15a83bd20f9270ae364b13085f8e3214b0acacf49d85694eb463fbcf4b8.hta - 主防kill

6be4dd9af27712f5ef6dc7d684e5ea07fa675b8cbed3094612a6696a40c664ce.unknown - miss 外联成功

1. 运行方法:
   
2. mmc.exe 6be4dd9af27712f5ef6dc7d684e5ea07fa675b8cbed3094612a6696a40c664ce.unknown

复制代码

7c17416063fed1326321d220e18cabc48ff88c49d5d4aa220f0ebf7846c29e5d.exe - 无行为
唯一的行为是外联本地端口 50528
95aa0d2f351cee93dba54d8813bd2038598f2acf1a30237ee8e5989956fac1f6.ps1 - 双击后miss 建立外联成功

1895041a55e8140edb13224deb2a5ec651cbcc19ee3700cd0cc2e90fce2f3751.bat - 双击后主防拦截

a7ac669fd2de191ac8646191592bee752ee99e5cccfd560617cd22124fb6df36.hta - miss 外联建立成功

d808c118c79794569869cf92a8bbcb60ed29b2815282f048da66a7ecc4e254bd.ps1 - miss
f1e926c920a1237359c19c38e305d884c3bad3dc6c0993ebb5c83e41ef7e50ae.msi - miss 外联建立成功

---

Comodo 扫描 2/67x