【开放测试】卡饭病毒样本包 20241109 第187期

显示全部楼层 · 发表于 2024-11-9 14:11:17

本帖最后由呼啸山庄于 2024-11-9 18:42 编辑

avast 手机版 0x（估计是不扫描或者没有相应的病毒库）

Hypatia 0x （clamav，但是貌似一个都没扫出来，上上期进垃圾桶倒是扫出来几个（因该是剩三个））

话说，感觉大部分移动端杀毒软件基本都不检测呃。估计应该是为了节省资源？

显示全部楼层 · 发表于 2024-11-9 14:30:22

瑞星V17
文件监控+右键扫描，剩余9x
双击后驾崩

显示全部楼层 · 发表于 2024-11-9 14:44:38

本帖最后由 dght432 于 2024-11-9 14:47 编辑

卡巴剩余4个，等下全部上报OP

显示全部楼层 · 发表于 2024-11-9 14:50:19

本帖最后由御坂14857号于 2024-11-9 15:15 编辑

久违地测一下智量：扫描检出14x

双击测试：
2a0f495cd25dcbf02b2b0b11032d32a0460c9b7c5ad491afa4060ea3ca675f90.msi：杀衍生文件

2fe3b7794ff7e5488913c83760bf3e4ad805206f4ee9ae7a9756091e0679bb0a.exe：检出并回滚

66fe30aa98bc487c448abe2032136dc454872d1a30f0a03dfb7ad68bd59e1f04.exe：检出并回滚

80721d55ebc35b8731cb396bf7a4a9870bacae2275b7edbfd2a09c49aae62050.exe：拦截后样本自退

a0e0f7bb74d4fe1ee0b27034e25e9561306d39241d5cff287cf07522c6b6700a.exe：启发杀多个衍生文件

aa4b5885fb45ac8e1463eb4ef2c1e662b37ecd1d4a3901b1d1a8c5c5953ce5a9.ps1：默认拦截powershell命令，允许后默认拦截外连，再允许后没发现行为

602c830746839dff69df264fd6139aa71309b4c49722bc45c6f810ef351aedf7.msi、a1720d68eef7dc381a533fd8584a227db3dbcaed16098a0d7f31077f95355e8c.exe、aba274bc5f1ac81248abd741da6ee2c7ee88cb9df08f21f8fce285b56cdc5a77.msi：测试时未拦截，不排除检测虚拟环境的原因

共杀20/23x

显示全部楼层 · 发表于 2024-11-9 15:10:52

本帖最后由 2712711 于 2024-11-9 18:14 编辑

KVRT 19/23

DrWebcureit! 4/23

WD 4/23

eset scanner （18+3）21/23 （3个无法清除）

NPE 21/23

EEK 9/23

火绒6 17/23

avria free 19/23

360急救箱 19/23

显示全部楼层 · 发表于 2024-11-9 15:20:46

御坂14857号发表于 2024-11-9 14:50
久违地测一下智量：扫描检出14x

双击测试：

即便停更很久也有这样的查杀能力真的太厉害了，如果现在还在的话我觉得杀毒能力可以和360差不多

显示全部楼层 · 发表于 2024-11-9 15:24:50

本帖最后由 tony099 于 2024-11-9 15:27 编辑

火绒 21X

显示全部楼层 · 发表于 2024-11-9 15:37:56

本帖最后由玛姆库特于 2024-11-9 15:58 编辑

（EIS+智量）实机，EIS扫描剩下2x，双击

7347e156b759d1d07c9289e356e196cdba929199e366b64fb1f31bb39c5e1f32.exe 双击可疑，阻止运行。
80721d55ebc35b8731cb396bf7a4a9870bacae2275b7edbfd2a09c49aae62050.exe 双击智量拦截启动项，同时EIS阻止衍生运行。
ESET关双浅扫描，剩下2x

显示全部楼层 · 发表于 2024-11-9 16:03:04

本帖最后由 Nocria 于 2024-11-9 16:24 编辑

IKARUS - 15/23

[09.11.2024 16:05:37] On-demand scan started: "TemporaryScan"
[09.11.2024 16:05:37] Found, 0.14s, SigName: "Trojan.Crypt", SigId: 5275398, Type: "VIRUS", File: "C:\Users\promi\Desktop\infected20241109\58816b3ec76e87f815ea9af0c2f0aaa60cd0a7b158c12df90f56a833c7deb54a.exe"
[09.11.2024 16:05:38] Found, 0.56s, SigName: "Trojan.Win32.Netsupportmanager", SigId: 511626212, Type: "VIRUS", File: "C:\Users\promi\Desktop\infected20241109\2a0f495cd25dcbf02b2b0b11032d32a0460c9b7c5ad491afa4060ea3ca675f90.msi"
[09.11.2024 16:05:38] Found, 0.68s, SigName: "Trojan.Win64.Agent", SigId: 5606177, Type: "VIRUS", File: "C:\Users\promi\Desktop\infected20241109\602c830746839dff69df264fd6139aa71309b4c49722bc45c6f810ef351aedf7.msi"
[09.11.2024 16:05:38] Found, 0.09s, SigName: "Trojan.Win32.Azorult", SigId: 5649624, Type: "VIRUS", File: "C:\Users\promi\Desktop\infected20241109\71bb419ae2320b7d15c92c2929e983ac474c9f57a85537b978ea85e2a27eccf9.exe"
[09.11.2024 16:05:38] Found, 0.22s, SigName: "Trojan.MSIL.Disabler", SigId: 5166786, Type: "VIRUS", File: "C:\Users\promi\Desktop\infected20241109\6ca1373cd3bdb9f44d727ce9bc57313e6cd0b4aec358878b0898694021fa2277.exe"
[09.11.2024 16:05:38] Found, 0.07s, SigName: "Trojan-Spy.Win32.StealC", SigId: 5669513, Type: "VIRUS", File: "C:\Users\promi\Desktop\infected20241109\7866a89c6f42515fa054330c648112c7b1ace05ddaa172a8ca7c20da1136988d.exe"
[09.11.2024 16:05:38] Found, 0.31s, SigName: "Trojan.Inject", SigId: 5014641, Type: "VIRUS", File: "C:\Users\promi\Desktop\infected20241109\946db06f27aa021ed00ee4c0619034925a00a577aa310178f47fab8dddc81733.exe"
[09.11.2024 16:05:39] Found, 0.16s, SigName: "Trojan.Kryptik", SigId: 4769646, Type: "VIRUS", File: "C:\Users\promi\Desktop\infected20241109\a0e0f7bb74d4fe1ee0b27034e25e9561306d39241d5cff287cf07522c6b6700a.exe"
[09.11.2024 16:05:39] Found, 0.28s, SigName: "Trojan-Spy.Win32.StealC", SigId: 5669513, Type: "VIRUS", File: "C:\Users\promi\Desktop\infected20241109\a9815da28d050524ff8fe237b04c6ccd5fdcc3dc0cf55216cea114fcffb5bdac.exe"
[09.11.2024 16:05:39] Found, 0.13s, SigName: "Trojan.Win64.Agent", SigId: 5606177, Type: "VIRUS", File: "C:\Users\promi\Desktop\infected20241109\aba274bc5f1ac81248abd741da6ee2c7ee88cb9df08f21f8fce285b56cdc5a77.msi"
[09.11.2024 16:05:39] Found, 0.89s, SigName: "Trojan-Spy.Win32.KeyLogger", SigId: 516437168, Type: "VIRUS", File: "C:\Users\promi\Desktop\infected20241109\80721d55ebc35b8731cb396bf7a4a9870bacae2275b7edbfd2a09c49aae62050.exe"
[09.11.2024 16:05:39] Found, 0.24s, SigName: "Win32.SuspectCrc", SigId: 516442565, Type: "VIRUS", File: "C:\Users\promi\Desktop\infected20241109\bcd2af5fd6fdac5f0bdfcc38acbaa7d941a30cc75004c1f10731d6ad9efa7632.exe"
[09.11.2024 16:05:39] Found, 0.12s, SigName: "Trojan.Crypt", SigId: 5275398, Type: "VIRUS", File: "C:\Users\promi\Desktop\infected20241109\c0063fd3b17eb6e53d8da981ebbe907a7a523c220e73b2e3abc8ecd62b417202.exe"
[09.11.2024 16:05:40] Found, 1.33s, SigName: "Trojan.Win32.Generic", SigId: 516168655, Type: "VIRUS", File: "C:\Users\promi\Desktop\infected20241109\a1720d68eef7dc381a533fd8584a227db3dbcaed16098a0d7f31077f95355e8c.exe"
[09.11.2024 16:05:40] Found, 0.73s, SigName: "Trojan.Win32.Krypt", SigId: 516441316, Type: "VIRUS", File: "C:\Users\promi\Desktop\infected20241109\f48f3f2a77f82e46142f1d8847bd2c0074826b61c7365a5b5815b0e4ac181c97.exe"
[09.11.2024 16:05:41] On-demand scan FINISHED: "TemporaryScan"
[09.11.2024 16:05:41] ----------------------------------------------------
[09.11.2024 16:05:41] Directories scanned: 1
[09.11.2024 16:05:41] Files scanned: 45
[09.11.2024 16:05:41] Virus found: 15
[09.11.2024 16:05:41] ----------------------------------------------------

复制代码

————————————

Avira - (17+1)/23

显示全部楼层 · 发表于 2024-11-9 16:36:55

本帖最后由 ELOHIM 于 2024-11-9 17:04 编辑

2147845575|containerfile|C:\Users\**\Downloads\infected20241109\a0e0f7bb74d4fe1ee0b27034e25e9561306d39241d5cff287cf07522c6b6700a.exe
2147845575|file|C:\Users\**\Downloads\infected20241109\a0e0f7bb74d4fe1ee0b27034e25e9561306d39241d5cff287cf07522c6b6700a.exe->(WExtract)->lr455883.exe
2147925768|file|C:\Users\**\Downloads\infected20241109\71bb419ae2320b7d15c92c2929e983ac474c9f57a85537b978ea85e2a27eccf9.exe
2147893650|containerfile|C:\Users\**\Downloads\infected20241109\6ca1373cd3bdb9f44d727ce9bc57313e6cd0b4aec358878b0898694021fa2277.exe
2147893650|file|C:\Users\**\Downloads\infected20241109\6ca1373cd3bdb9f44d727ce9bc57313e6cd0b4aec358878b0898694021fa2277.exe->(WExtract)->vdl4590bl.exe
2147847328|containerfile|C:\Users\**\Downloads\infected20241109\6ca1373cd3bdb9f44d727ce9bc57313e6cd0b4aec358878b0898694021fa2277.exe
2147847328|file|C:\Users\**\Downloads\infected20241109\6ca1373cd3bdb9f44d727ce9bc57313e6cd0b4aec358878b0898694021fa2277.exe->(WExtract)->uwv74RY97.exe
2147845197|file|C:\Users\**\Downloads\infected20241109\946db06f27aa021ed00ee4c0619034925a00a577aa310178f47fab8dddc81733.exe
2147848612|containerfile|C:\Users\**\Downloads\infected20241109\a0e0f7bb74d4fe1ee0b27034e25e9561306d39241d5cff287cf07522c6b6700a.exe
2147848612|file|C:\Users\**\Downloads\infected20241109\a0e0f7bb74d4fe1ee0b27034e25e9561306d39241d5cff287cf07522c6b6700a.exe
2147848612|file|C:\Users\**\Downloads\infected20241109\a0e0f7bb74d4fe1ee0b27034e25e9561306d39241d5cff287cf07522c6b6700a.exe->(WExtract)->ziIQ6977.exe->(WExtract)->ziCo5171.exe->(WExtract)->it457909.exe
2147897982|containerfile|C:\Users\**\Downloads\infected20241109\a0e0f7bb74d4fe1ee0b27034e25e9561306d39241d5cff287cf07522c6b6700a.exe
2147897982|file|C:\Users\**\Downloads\infected20241109\a0e0f7bb74d4fe1ee0b27034e25e9561306d39241d5cff287cf07522c6b6700a.exe->(WExtract)->ziIQ6977.exe->(WExtract)->ziCo5171.exe->(WExtract)->jr920214.exe
2147845755|containerfile|C:\Users\**\Downloads\infected20241109\a0e0f7bb74d4fe1ee0b27034e25e9561306d39241d5cff287cf07522c6b6700a.exe
2147845755|file|C:\Users\**\Downloads\infected20241109\a0e0f7bb74d4fe1ee0b27034e25e9561306d39241d5cff287cf07522c6b6700a.exe->(WExtract)->ziIQ6977.exe->(WExtract)->kp676674.exe
2147842174|file|C:\Users\**\Downloads\infected20241109\6ca1373cd3bdb9f44d727ce9bc57313e6cd0b4aec358878b0898694021fa2277.exe
2147814523|file|C:\Users\**\Downloads\infected20241109\1484987fb7fa38b513ea672d34e3b093eaa9e44cb414cf6e16bda4696699de70.exe
2147814523|file|C:\Users\**\Downloads\infected20241109\2fe3b7794ff7e5488913c83760bf3e4ad805206f4ee9ae7a9756091e0679bb0a.exe
2147814523|file|C:\Users\**\Downloads\infected20241109\58816b3ec76e87f815ea9af0c2f0aaa60cd0a7b158c12df90f56a833c7deb54a.exe
2147814523|file|C:\Users\**\Downloads\infected20241109\66fe30aa98bc487c448abe2032136dc454872d1a30f0a03dfb7ad68bd59e1f04.exe
2147814523|file|C:\Users\**\Downloads\infected20241109\7347e156b759d1d07c9289e356e196cdba929199e366b64fb1f31bb39c5e1f32.exe
2147814523|file|C:\Users\**\Downloads\infected20241109\7866a89c6f42515fa054330c648112c7b1ace05ddaa172a8ca7c20da1136988d.exe
2147814523|file|C:\Users\**\Downloads\infected20241109\7ddc0a2322a4addb00099560c3b2e2d6ffdc24babdd82df894cb64a77a6ecb56.exe
2147814523|file|C:\Users\**\Downloads\infected20241109\ca87e1282bfd72af8ef9181fa8a50158f000e5e33add3d1fa10bddb291492e9a.exe
2147814523|file|C:\Users\**\Downloads\infected20241109\e554edba080baa3b153e6cfce6a7e60bf91672816aea798d9eb0a8c46e8ff2f9.exe
2147814523|file|C:\Users\**\Downloads\infected20241109\f48f3f2a77f82e46142f1d8847bd2c0074826b61c7365a5b5815b0e4ac181c97.exe
2147735505|file|C:\Users\**\Downloads\infected20241109\a1720d68eef7dc381a533fd8584a227db3dbcaed16098a0d7f31077f95355e8c.exe
2147749134|file|C:\Users\**\Downloads\infected20241109\bcd2af5fd6fdac5f0bdfcc38acbaa7d941a30cc75004c1f10731d6ad9efa7632.exe
2147923544|file|C:\Users\**\Downloads\infected20241109\c0063fd3b17eb6e53d8da981ebbe907a7a523c220e73b2e3abc8ecd62b417202.exe
2147921913|file|C:\Users\**\Downloads\infected20241109\a9815da28d050524ff8fe237b04c6ccd5fdcc3dc0cf55216cea114fcffb5bdac.exe
265744|file|C:\Users\**\Downloads\infected20241109\80721d55ebc35b8731cb396bf7a4a9870bacae2275b7edbfd2a09c49aae62050.exe

复制代码

扫描结束剩 4。双击剩 1。

[病毒样本] 【开放测试】卡饭病毒样本包 20241109 第187期

本帖子中包含更多资源

评分

本帖子中包含更多资源

评分

评分

本帖子中包含更多资源

评分

本帖子中包含更多资源

评分

本帖子中包含更多资源

评分

本帖子中包含更多资源

评分

本帖子中包含更多资源

评分

本帖子中包含更多资源

评分