fake app 12x vt都是首次上传

zhuzhu009

https://pan.huang1111.cn/s/MNgGoFx

VirusTotal - File - 35991caa2395fb7266e0c8c41e5e9cfe81e4363c3da7d30254c9dd288dae1682 vt=8
VirusTotal - File - 236e7ed79247597925272310310ec69e8c670ac0b1c5f269a699f453a4a42532 vt=15
VirusTotal - File - 0ea34f080dbd9b29d316feb5cc9fb73440db0df5b4f1d56874276ac7c697f90a vt=1
VirusTotal - File - 55884dd052613e18da67ca7a2c9bdf4221102b5328d13619c73187590a07249b vt=13
VirusTotal - File - 7f7c1f6bc75903589b4ded68250f2074fefcfe82f7417fe867bc13fbb5508957 vt=13
VirusTotal - File - 31dd6fe29e918c68d6c9f23bb8a3ee75f5c924c0187b849c5779ab947d1907c7 vt=9
VirusTotal - File - 7fe6d0dfa4f39474e9754a14ef0a4fd4d544f1e1a60f15bc714784f5760d7547 vt=6
VirusTotal - File - d024c1802f909b88a4ee6ac1c35951252fd6db8e4a963d0184c1bf8a954156c7 vt=8
VirusTotal - File - 04755c3573a9917058f29eb4887772c58231876710b72a7778d91146282d49d0 vt=3
VirusTotal - File - d2ca0f41d95b8d93bee023245de3b33444a786529ee8982294ac37aa093af31a vt=2
VirusTotal - File - 448f60f086f167618fa1a85b977ec389cd86412ba3c2ef64635bf8e7ce4e1377 vt=12
VirusTotal - File - d7d8e22e03fedb4d90f1466506f4ac6a236e47abc0a84ffdbffe1aaf4bc26284 vt=30

玛姆库特

（EIS+智量）实机，解压EIS 1x，再扫描6x剩下5x双击。
31dd6fe29e918c68d6c9f23bb8a3ee75f5c924c0187b849c5779ab947d1907c7.exe 双击留下衍生，进程自退。
d2ca0f41d95b8d93bee023245de3b33444a786529ee8982294ac37aa093af31a.msi 安装后EIS杀内存，同时智量拦截注入，添加一个任务计划启动项，翻车一半
7fe6d0dfa4f39474e9754a14ef0a4fd4d544f1e1a60f15bc714784f5760d7547.msi EIS杀衍生dll，智量拦截启动项。
0ea34f080dbd9b29d316feb5cc9fb73440db0df5b4f1d56874276ac7c697f90a.exe 安装完，智量杀衍生。04755c3573a9917058f29eb4887772c58231876710b72a7778d91146282d49d0.exe 安装完，EIS杀内存，智量拦截启动项。

AEht

卡巴SCAN太慢中途暂停kill 1


双击kill 了一些样本的衍生物

miss的11中的10个个样本均已上传opentip
236e7ed79247597925272310310ec69e8c670ac0b1c5f269a699f453a4a42532.exe 过大无法上传
https://opentip.kaspersky.com/0E ... /results?tab=upload clean
https://opentip.kaspersky.com/7F ... /results?tab=upload Trojan.Win32.Blamon.sb
https://opentip.kaspersky.com/31 ... /results?tab=upload Trojan-Dropper.Win32.BadUpdate.sb
https://opentip.kaspersky.com/04 ... /results?tab=upload
https://opentip.kaspersky.com/35 ... /results?tab=upload
https://opentip.kaspersky.com/55 ... /results?tab=upload
https://opentip.kaspersky.com/D7 ... /results?tab=upload Backdoor.Win32.Farfli.sb
https://opentip.kaspersky.com/D0 ... /results?tab=upload
https://opentip.kaspersky.com/D2 ... /results?tab=upload
https://opentip.kaspersky.com/44 ... /results?tab=upload Backdoor.Win32.Lotok.ywd

xmt12

自制已老实

1. XAS扫描日志
   
2. ---------------
   
3. 扫描开始时间:2024/11/7 20:06:12
   
4. 
   
5. 
   
6. 危险文件:
   
7. ---------
   
8. 
   
9. D:/用户文件/2/桌面/fakeapp12x\0ea34f080dbd9b29d316feb5cc9fb73440db0df5b4f1d56874276ac7c697f90a.exe[XAS特征引擎][Trojan.Generic!id=C36685F1]
   
10. D:/用户文件/2/桌面/fakeapp12x\448f60f086f167618fa1a85b977ec389cd86412ba3c2ef64635bf8e7ce4e1377.exe[XAS特征引擎][Trojan.Generic!id=237C9E0B]
    
11. D:/用户文件/2/桌面/fakeapp12x\55884dd052613e18da67ca7a2c9bdf4221102b5328d13619c73187590a07249b.msi[msi查杀引擎][SoftUpdate.exe -> Trojan(0.9942)]
    
12. D:/用户文件/2/桌面/fakeapp12x\7f7c1f6bc75903589b4ded68250f2074fefcfe82f7417fe867bc13fbb5508957.msi[msi查杀引擎][CommunityToolkit.Mvvm.dll -> Trojan.Generic!id=E690C862]
    
13. D:/用户文件/2/桌面/fakeapp12x\7fe6d0dfa4f39474e9754a14ef0a4fd4d544f1e1a60f15bc714784f5760d7547.msi[msi查杀引擎][!InstallExecuteSequence -> HashKill/6b360d1e1f2995feaa8985ab1b0051ef]
    
14. D:/用户文件/2/桌面/fakeapp12x\d2ca0f41d95b8d93bee023245de3b33444a786529ee8982294ac37aa093af31a.msi[msi查杀引擎][snan12.exe -> Trojan(0.9922)]
    
15. 
    
16. 总文件数:12
    
17. 病毒文件个数:6
    
18. 查杀率:50.0%
    
19. 扫描结束时间:2024/11/7 20:06:49

复制代码

心醉咖啡

求分流，访问不了huang网盘

xiaoxing365

AEht 发表于 2024-11-7 20:06
卡巴SCAN太慢中途暂停kill 1

扫描完了没给我提醒，三个未处理，五个删除，剩下的正在上传opentip.

AEht

xiaoxing365 发表于 2024-11-7 20:43
扫描完了没给我提醒，三个未处理，五个删除，剩下的正在上传opentip.

以你为准，我们测试时间方式环境可能不同

zhuzhu009

心醉咖啡 发表于 2024-11-7 20:28
求分流，访问不了huang网盘

https://t.wss.pet/f/fii9d2wbzhp 复制链接到浏览器打开

星河大帝

MD剩余4x
0ea34f080dbd9b29d316feb5cc9fb73440db0df5b4f1d56874276ac7c697f90a

7fe6d0dfa4f39474e9754a14ef0a4fd4d544f1e1a60f15bc714784f5760d7547

55884dd052613e18da67ca7a2c9bdf4221102b5328d13619c73187590a07249b

d2ca0f41d95b8d93bee023245de3b33444a786529ee8982294ac37aa093af31a

心醉咖啡

金山毒霸