收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 【开放测试】卡饭病毒样本包 20241204 第203期
12345下一页
返回列表 发新帖
楼主: zhuzhu009
 收起左侧

[病毒样本] 【开放测试】卡饭病毒样本包 20241204 第203期

  [复制链接]
xmt12
发表于 2024-12-4 18:54:42 | 显示全部楼层
本帖最后由 xmt12 于 2024-12-4 18:58 编辑

自制
  1. XAS扫描日志扫描开始时间:2024/12/4 18:56:59

  3. 主程序版本:3.0.5 病毒库版本:1781(2024.12.3)
  4. 特征库个数:17431
  5. 黑md5个数:2333416
  6. 白md5个数:150512

  8. 危险文件:
  9. ---------

  11. D:/用户文件/2/桌面/infected20241204\0728cc536e45cadc41fd6e18265ebcfd2f0a5a8fa915de35f7e66f641089d165.exe[特征引擎][Win32/Packed.Themida]
  12. D:/用户文件/2/桌面/infected20241204\086cd8c3be6b4344b2ffa4b4996457a10411f2ff5cffd0b35b04c4bd91e8e44d.exe[特征引擎][Win32/Packed.Themida]
  13. D:/用户文件/2/桌面/infected20241204\1132bcc4ecf911d0bdac09c0facf4b64aed883bb1f6535508b3193939b7bf88a.exe[特征引擎][Win32/Packed.Themida]
  14. D:/用户文件/2/桌面/infected20241204\117748bbea88985c6ce0aa4af1086fa41f467ddf76f7fdad05125925644d3b84.exe[特征引擎][Win32/Packed.Themida]
  15. D:/用户文件/2/桌面/infected20241204\145d98e48d061103fe23cc3be16b2cc47dcb8889a9a728d75f968fd83a3b1903.exe[特征引擎][Win32/Packed.Themida]
  16. D:/用户文件/2/桌面/infected20241204\1982954e871875a402e156d0d2dd22ff2b3b100290129a10d6fd4e4c7da9b920.exe[特征引擎][Win32/Packed.Themida]
  17. D:/用户文件/2/桌面/infected20241204\1a0bdc949fba81cad9505e074d506b5c9c60d46afc52a785962529eb12984650.exe[特征引擎][Win32/Packed.Themida]
  18. D:/用户文件/2/桌面/infected20241204\1f2247f9d34d7916c4c22285fb53f6182fec18e18c04ef5b09eb5332cabcf4e6.exe[特征引擎][Win32/Packed.Themida]
  19. D:/用户文件/2/桌面/infected20241204\1f70a12bdf3efe77255ffeb9a2b1f6b13912d6293a6f981360cb34ec0382f93f.exe[特征引擎][Win32/Trojan.Generic.51A3141b]
  20. D:/用户文件/2/桌面/infected20241204\1f8a1b9288323f99062aedd96914cdaf80a4fc2516a59e6897197e01e9a86afb.exe[特征引擎][Win32/Trojan.Generic.51A3141b]
  21. D:/用户文件/2/桌面/infected20241204\20d9945ebdc4b284e25427b22d57e86c06a828fb72b2ff2df68e9628ba173157.exe[特征引擎][Win32/Packed.Themida]
  22. D:/用户文件/2/桌面/infected20241204\2282f321cef3045b8946d86122b2f4b3c2a7ba0b09420abd37cec922b39e556e.exe[特征引擎][Win32/Packed.Themida]
  23. D:/用户文件/2/桌面/infected20241204\2459f7ba7d658b43e28bd50aab8818733c45512362244166c052a5e0d1db3c96.exe[特征引擎][Win32/Packed.Themida]
  24. D:/用户文件/2/桌面/infected20241204\24a043af69762d8f53cd4b8ab5e4e58f81462c3d0e6a60d0ad0e68ad8f451a4b.exe[特征引擎][Win32/Packed.Themida]
  25. D:/用户文件/2/桌面/infected20241204\269382d2679c2408e265597f15d3b6c120bdbc0be76d616bc4c72d7dd758fc87.exe[特征引擎][Win32/Packed.Themida]
  26. D:/用户文件/2/桌面/infected20241204\2840ded7408a604248f60f9566a19c5f8dca193d7f6605c68ea1c04b8a7adc16.exe[特征引擎][Win32/Packed.Themida]
  27. D:/用户文件/2/桌面/infected20241204\293001cf084b8f338989a1f80c8e6315fa99a275525d4897b9be31a1e669021b.exe[特征引擎][Win32/Packed.Themida]
  28. D:/用户文件/2/桌面/infected20241204\2abd15952cfde9f15b9a8b77bd4eee62f546d21b2ab451298fd81cc7e8d2aa52.exe[特征引擎][Win32/Packed.Themida]
  29. D:/用户文件/2/桌面/infected20241204\31f965407764f0da15f8e28f611fdcca9dc454ec5afe1a047fe24c946867394f.exe[特征引擎][Win32/Packed.Themida]
  30. D:/用户文件/2/桌面/infected20241204\3672f19834cbb64ac048209b8cc17611e579c99835f9f2813f89f6891c29c52d.exe[特征引擎][Win32/Trojan.Generic.51A3141b]
  31. D:/用户文件/2/桌面/infected20241204\376557b12d58276ed8ea595d865315d7ada62558fc776d15cc8e2cae6529071e.exe[特征引擎][Win32/Trojan.Generic.51A3141b]
  32. D:/用户文件/2/桌面/infected20241204\38f2eb88fe012287edab3bd9ecb5ae6be0284555422783f5f9f518afec20fc49.exe[ANK云引擎][Win32/ANKCloud.Trojan(0.9992)]
  33. D:/用户文件/2/桌面/infected20241204\3b86be9d0d99dd117f543e6abe8b02c317e7b8036196e54c1f98a3241258c0b4.exe[特征引擎][Win32/Packed.Themida]
  34. D:/用户文件/2/桌面/infected20241204\44df9121bb679cd42af8636e69cc566e77d84413eeb0f0a951f4f25d24dd8115.exe[特征引擎][Win32/Packed.Themida]
  35. D:/用户文件/2/桌面/infected20241204\501146ee033ac337cda7f3f085983022d1c76450a8521d70b036a50bf43c6a1e.exe[特征引擎][Win32/Trojan.Generic.51A3141b]
  36. D:/用户文件/2/桌面/infected20241204\5b7938dc4feb9b3ff8ecc707d77c9fcd5318fc63c092302a7773e4de344b7e08.exe[特征引擎][Win32/Packed.Themida]
  37. D:/用户文件/2/桌面/infected20241204\613609b2fb9f236b8a9cf96c4880fdb08c4cb539ebeb77fbfdade95025fe8ab4.exe[特征引擎][Win32/Packed.Themida]
  38. D:/用户文件/2/桌面/infected20241204\6c26ef7905d6c2a10d9fc53ceeca36ef6abc16ba7c3ecc122d17b2d58383f8a4.exe[特征引擎][Win32/Packed.Themida]
  39. D:/用户文件/2/桌面/infected20241204\712c1c076e2b47e802583598848dfdb28ba7a70bc6a714f3f6a44a2801188df4.exe[ANK云引擎][Win32/ANKCloud.Trojan(0.9976)]
  40. D:/用户文件/2/桌面/infected20241204\7201161135a510258fd94e0f4c94849f1c4e24892fee578dcf5a167f7e3bc656.exe[特征引擎][Win32/Packed.Themida]
  41. D:/用户文件/2/桌面/infected20241204\78573d6499a1657813fea56d743e918b61a70731865f3bfb13f57f0d2199bdcd.exe[特征引擎][Win32/Packed.Themida]
  42. D:/用户文件/2/桌面/infected20241204\7aa6f31c0b2c15cdfcc87d8c2a10a9f091b67cf10469f7d2a9d6e51093d0bdb6.exe[ANK云引擎][Win32/ANKCloud.Trojan(0.9987)]
  43. D:/用户文件/2/桌面/infected20241204\81408b3737787d9cc5fc3fd4641fb8035ccdff77431911d60d350b5a0d747b85.exe[特征引擎][Win32/Trojan.Generic.51A3141b]
  44. D:/用户文件/2/桌面/infected20241204\83225ba8ef6af138d141059cbdcd50ebfdc120a83650d26cbbddd8607097498e.exe[特征引擎][Win32/Packed.Themida]
  45. D:/用户文件/2/桌面/infected20241204\87c75f422f9a84fd3324694254292bcb6f57c6293ef1c11548bd8c199b0c7f2b.exe[特征引擎][Win32/Packed.Themida]
  46. D:/用户文件/2/桌面/infected20241204\8ceef7d0eadf1f0ee32343bc88a1f368d5e3bf744d67ec8a402808bc17411dba.exe[特征引擎][Win32/Packed.Themida]
  47. D:/用户文件/2/桌面/infected20241204\8fc1e876d9a0bca4c1124bdd06cdfed283d8e5aef2c80498ca3a4d6c07dc8853.exe[特征引擎][Win32/Packed.Themida]
  48. D:/用户文件/2/桌面/infected20241204\9394bd6614fce6d3e79fa285412872b501b12cb7c55e38fd38f335fbaf98e00b.exe[特征引擎][Win32/Trojan.Generic.51A3141b]
  49. D:/用户文件/2/桌面/infected20241204\967387e0352f28e603c204a217d8ce3c858ee62bf41e1476bb911c03b1e2baed.exe[特征引擎][Win32/Packed.Themida]
  50. D:/用户文件/2/桌面/infected20241204\9701cdcc203ab89878ce8128d188bc23980c5b571ad18c87b4011cac0e95697f.exe[ANK云引擎][Win32/ANKCloud.Trojan(0.9992)]
  51. D:/用户文件/2/桌面/infected20241204\99ffd59f67c36c7c9df243734375967bb80758bd5965ebe7803cbdd36227409f.exe[特征引擎][Win32/Trojan.Generic.51A3141b]
  52. D:/用户文件/2/桌面/infected20241204\9c6c5727324e4e7ff17b6106df1a9eadaecf6453510d11f92c0cb2baef5833a2.exe[特征引擎][Win32/Packed.Themida]
  53. D:/用户文件/2/桌面/infected20241204\b27fca15ab11961e5baa588e04a60f256fb8a73d17f57474394cca329d51b83c.exe[特征引擎][Win32/Trojan.Generic.51A3141b]
  54. D:/用户文件/2/桌面/infected20241204\b425c5865043bff99036c847ca6d5c0bff6a25945b365641f2481786331db874.exe[特征引擎][Win32/Packed.Themida]
  55. D:/用户文件/2/桌面/infected20241204\b6904d59e10e8349493b64fad899e70b694c60af552fcc8f70a7f090d7b3559b.exe[特征引擎][Win32/Packed.Themida]
  56. D:/用户文件/2/桌面/infected20241204\b9e7f1ef6bcc692934036d830bb8b74447c949086bb64cb29d26382ed48c9e64.exe[特征引擎][Win32/Packed.Themida]
  57. D:/用户文件/2/桌面/infected20241204\bbd809a13d706d33a25f90c3588393f681a1bd3c119ec0c094aa87f834638fd7.exe[ANK云引擎][Win32/ANKCloud.Trojan(0.9992)]
  58. D:/用户文件/2/桌面/infected20241204\c006fc45ccd90fd47319f6aa0ee4694d8b17e4fd35b237ada54db1cc649b0367.exe[特征引擎][Win32/Packed.Themida]
  59. D:/用户文件/2/桌面/infected20241204\c1795280e96fda95735afb7212fe69d6ca9ddd57c3c856c3a91f4379a78e82ce.exe[特征引擎][Win32/Packed.Themida]
  60. D:/用户文件/2/桌面/infected20241204\cb1142bbbc794fdb6d25ad25711ef58f2e945b7ad49ff170cf1bd4b317e94e18.exe[特征引擎][Win32/TrojanDropper.Agent]
  61. D:/用户文件/2/桌面/infected20241204\d34d80f0c45c81e78228eade52bf7a79fd32c8e2d6ec00a11d540f480bd28609.exe[特征引擎][Win32/Packed.Themida]
  62. D:/用户文件/2/桌面/infected20241204\d564abdfcca4591daefa88ed6a8cf8baa70d2d7f8ad99f1705e1d87becc910ff.exe[特征引擎][Win32/Packed.Themida]
  63. D:/用户文件/2/桌面/infected20241204\d658d227a69ed9749e31501e56ba8c9229f29f0b5dd62fa2914bd34956330ab4.exe[特征引擎][Win32/Packed.Themida]
  64. D:/用户文件/2/桌面/infected20241204\d9d26b62fef8fd2e8ce7bd875971824d5e6690d36853c13ab0bf53338ba33ed2.exe[特征引擎][Win32/Packed.Themida]
  65. D:/用户文件/2/桌面/infected20241204\da82529895963aecf4527c8d725a0de9009028948642d3a57649fe2dd5c664e6.exe[特征引擎][Win32/Trojan.Generic.51A3141b]
  66. D:/用户文件/2/桌面/infected20241204\e87e422dd8d8e489ed603d437f5fda20423f935e595d7a0f209d0a98a8432f37.exe[特征引擎][Win32/Packed.Themida]
  67. D:/用户文件/2/桌面/infected20241204\e94e42c9e74889aeb0fdded867e018fd55cfc7e649d5a63a1f2f4275e770561f.exe[特征引擎][Win32/Packed.Themida]
  68. D:/用户文件/2/桌面/infected20241204\ea791e55bbc9df63ac4a4db182293f3ca90c538b7496126664225d6bb725fb9e.exe[ANK云引擎][Win32/ANKCloud.Trojan(0.9987)]
  69. D:/用户文件/2/桌面/infected20241204\eb1cabaf797ce33ebcf54847940c5247a0f0b4db52dc49de8cfa794d9194656a.exe[ANK云引擎][Win32/ANKCloud.Trojan(0.9992)]
  70. D:/用户文件/2/桌面/infected20241204\ec0b95a64a7b05290e1695ef6a0184b7ae47fb64af3d53cffa49c4989fb28b27.exe[特征引擎][Win32/Packed.Themida]
  71. D:/用户文件/2/桌面/infected20241204\f279f7169abe7188aa508f6b424ee36f307bc345280651dd9ecec1d511f0e156.exe[特征引擎][Win32/Trojan.Generic.51A3141b]
  72. D:/用户文件/2/桌面/infected20241204\f4c63d2b95619df83a56415e917a90e8d593f8d32409e7f4e6bc5f3f30a0a7bc.exe[特征引擎][Win32/Packed.Themida]
  73. D:/用户文件/2/桌面/infected20241204\fae41c9cd3c7b33f4a46f5a5bcc54f0cb464c7a41bd11e59a9f47a806da2ba64.exe[特征引擎][Win32/Packed.Themida]
  74. D:/用户文件/2/桌面/infected20241204\fc7e11d623020d9f410810be7ce3f367cdddf7d0ef1ea0d1f281ae67c53c92cc.exe[特征引擎][Win32/Packed.Themida]
  75. D:/用户文件/2/桌面/infected20241204\fdeb0fb498eb3395106e358d1cf73f770e4fc31818bc7ed11261f068f918ced3.exe[ANK云引擎][Win32/ANKCloud.Trojan(0.9929)]

  77. 总文件数:74
  78. 病毒文件个数:65
  79. 查杀率:87.84%
  80. 扫描结束时间:2024/12/4 18:57:39
复制代码
回复

举报

全身发抖
发表于 2024-12-4 18:56:17 | 显示全部楼层
本帖最后由 全身发抖 于 2024-12-4 20:58 编辑

kes miss10x
双击
均无法运行
可能被卡巴kill了

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

z614606517
头像被屏蔽
发表于 2024-12-4 19:20:04 | 显示全部楼层
1
回复

举报

mmmaoo
发表于 2024-12-4 19:32:15 | 显示全部楼层
本帖最后由 mmmaoo 于 2024-12-4 19:42 编辑

江民样本数量总数为:74
已删除文件数量为:68
总检出数量为:68
未检出数量为:6
检出率为:91.89%


本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

ninjagaocc
发表于 2024-12-4 19:35:28 | 显示全部楼层
本帖最后由 ninjagaocc 于 2024-12-4 20:27 编辑

EIS 解压52x
2024/12/4 19:28:37;文件系统实时防护;文件;G:\infected20241204\0728cc536e45cadc41fd6e18265ebcfd2f0a5a8fa915de35f7e66f641089d165.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;3CD45B1F9D1A1589AF1660C1B65D5E404859CF42;2024/12/4 19:28:22
2024/12/4 19:28:40;文件系统实时防护;文件;G:\infected20241204\086cd8c3be6b4344b2ffa4b4996457a10411f2ff5cffd0b35b04c4bd91e8e44d.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;5A7F68AD9D89CEC759C87175731FE95053DEA82E;2024/12/4 19:28:24
2024/12/4 19:28:41;文件系统实时防护;文件;G:\infected20241204\1132bcc4ecf911d0bdac09c0facf4b64aed883bb1f6535508b3193939b7bf88a.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;40234AE6BBF837CFAACA4F430698E9E6F1A89582;2024/12/4 19:28:26
2024/12/4 19:28:42;文件系统实时防护;文件;G:\infected20241204\117748bbea88985c6ce0aa4af1086fa41f467ddf76f7fdad05125925644d3b84.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;93DCDCCCB2B468D45A9FF805364B86344716EC23;2024/12/4 19:28:28
2024/12/4 19:28:47;文件系统实时防护;文件;G:\infected20241204\145d98e48d061103fe23cc3be16b2cc47dcb8889a9a728d75f968fd83a3b1903.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;8497A3D1AED7DC19A5C1299FCEA08FB6D1F38FD0;2024/12/4 19:28:30
2024/12/4 19:28:50;文件系统实时防护;文件;G:\infected20241204\1982954e871875a402e156d0d2dd22ff2b3b100290129a10d6fd4e4c7da9b920.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;107541228E46191C40601413D3B1AE36300E5514;2024/12/4 19:28:32
2024/12/4 19:28:52;文件系统实时防护;文件;G:\infected20241204\1f2247f9d34d7916c4c22285fb53f6182fec18e18c04ef5b09eb5332cabcf4e6.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;A09E5F3DA13660385D0D0E3E8D2795895A924166;2024/12/4 19:28:35
2024/12/4 19:28:52;文件系统实时防护;文件;G:\infected20241204\1a0bdc949fba81cad9505e074d506b5c9c60d46afc52a785962529eb12984650.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;8DE86054F3BB235CAA32CE7121760FF2B1477B45;2024/12/4 19:28:33
2024/12/4 19:28:57;文件系统实时防护;文件;G:\infected20241204\20d9945ebdc4b284e25427b22d57e86c06a828fb72b2ff2df68e9628ba173157.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;1DB829E0945135EC7BB20B1A47DCEC3AA974339E;2024/12/4 19:28:38
2024/12/4 19:28:59;文件系统实时防护;文件;G:\infected20241204\2282f321cef3045b8946d86122b2f4b3c2a7ba0b09420abd37cec922b39e556e.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;60F7A75CF9B7EF21BE8E6B1BC997AC8DA2AADD84;2024/12/4 19:28:41
2024/12/4 19:29:00;文件系统实时防护;文件;G:\infected20241204\24a043af69762d8f53cd4b8ab5e4e58f81462c3d0e6a60d0ad0e68ad8f451a4b.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;A973A37B392344B4EB3E53A7338D7FE160D166C5;2024/12/4 19:28:45
2024/12/4 19:29:03;文件系统实时防护;文件;G:\infected20241204\2459f7ba7d658b43e28bd50aab8818733c45512362244166c052a5e0d1db3c96.exe;Win32/Packed.Themida.HWD 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;B44D92F7EBA8E14D51AEAEEB7D13DDA4E0B0DC0D;2024/12/4 19:28:43
2024/12/4 19:29:04;文件系统实时防护;文件;G:\infected20241204\25e382873975a7534c46d8149660988c1dd34ad16b9a1e25ec001de010ebbc1a.xls;Win32/Exploit.CVE-2017-0199.ADY 特洛伊木马;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;A7539E89613EB4BA09E6566848A2FFD3213EFBC4;2024/12/4 19:28:47
2024/12/4 19:29:07;文件系统实时防护;文件;G:\infected20241204\269382d2679c2408e265597f15d3b6c120bdbc0be76d616bc4c72d7dd758fc87.exe;Win32/Packed.Themida.HWD 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;0FE8BB05A24C52091C7FD8BDA3DF4D8254E691E4;2024/12/4 19:28:47
2024/12/4 19:29:10;文件系统实时防护;文件;G:\infected20241204\2840ded7408a604248f60f9566a19c5f8dca193d7f6605c68ea1c04b8a7adc16.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;C949801C7EA9D88D8769696E5DDF22E06E95F241;2024/12/4 19:28:49
2024/12/4 19:29:12;文件系统实时防护;文件;G:\infected20241204\293001cf084b8f338989a1f80c8e6315fa99a275525d4897b9be31a1e669021b.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;EB1868FBB202085231D0296B1844B23361DF157B;2024/12/4 19:28:52
2024/12/4 19:29:16;文件系统实时防护;文件;G:\infected20241204\2abd15952cfde9f15b9a8b77bd4eee62f546d21b2ab451298fd81cc7e8d2aa52.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;683B2A69F7302B12B1C6F0F416F8F51FB52F3F47;2024/12/4 19:28:54
2024/12/4 19:29:17;文件系统实时防护;文件;G:\infected20241204\31f965407764f0da15f8e28f611fdcca9dc454ec5afe1a047fe24c946867394f.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;D492AD2651BC4EC40A5B410ED8C9691E31FFB701;2024/12/4 19:28:57
2024/12/4 19:29:18;文件系统实时防护;文件;G:\infected20241204\3b86be9d0d99dd117f543e6abe8b02c317e7b8036196e54c1f98a3241258c0b4.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;A03B716CF76D3FB56475718DC968E641C304C189;2024/12/4 19:29:02
2024/12/4 19:29:19;文件系统实时防护;文件;G:\infected20241204\44df9121bb679cd42af8636e69cc566e77d84413eeb0f0a951f4f25d24dd8115.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;DD300D7AEAB13FFF922751E6A931594F10CCF6D7;2024/12/4 19:29:04
2024/12/4 19:29:24;文件系统实时防护;文件;G:\infected20241204\5e123da0222a43a219c9906fbb27748d1c3f8273855a9bc27c20720f58ed563a.rtf;Win32/Exploit.CVE-2017-11882.BLZ 特洛伊木马;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;D2C2980731E1A461BAC9500D98CDA6AACA5FAD51;2024/12/4 19:29:09
2024/12/4 19:29:25;文件系统实时防护;文件;G:\infected20241204\5b7938dc4feb9b3ff8ecc707d77c9fcd5318fc63c092302a7773e4de344b7e08.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;B3F33C860A7DAF6DC51235930532E39F2031F009;2024/12/4 19:29:07
2024/12/4 19:29:27;文件系统实时防护;文件;G:\infected20241204\613609b2fb9f236b8a9cf96c4880fdb08c4cb539ebeb77fbfdade95025fe8ab4.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;75E8389C2322182C8E9F5BF31CE4456B30D05893;2024/12/4 19:29:10
2024/12/4 19:29:27;文件系统实时防护;文件;G:\infected20241204\6c26ef7905d6c2a10d9fc53ceeca36ef6abc16ba7c3ecc122d17b2d58383f8a4.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;0E4E6E9D81797AC39D4CEF358003092E99C970CF;2024/12/4 19:29:12
2024/12/4 19:29:28;文件系统实时防护;文件;G:\infected20241204\7750d8649a36e588b56b1ad405d9ea00dd97d963bb62dd83fb0e5ab04c543b42.xlsx;可能是 Win32/Exploit.CVE-2017-0199.C 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;5594F51ABE856EF505D0BA4DBD1392DEBD804E75;
2024/12/4 19:29:31;文件系统实时防护;文件;G:\infected20241204\7c2732f5c5b631c310f46163ed8ad469e72e97598851348004b34a5d2268cabb.xlsx;可能是 Win32/Exploit.CVE-2017-0199.C 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;E55A62DC052533705E0F680A64B7FE37DFCB1F9F;
2024/12/4 19:29:31;文件系统实时防护;文件;G:\infected20241204\7201161135a510258fd94e0f4c94849f1c4e24892fee578dcf5a167f7e3bc656.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;990B9E30F604DF81428B3F631E68CC6E716B654C;2024/12/4 19:29:14
2024/12/4 19:29:36;文件系统实时防护;文件;G:\infected20241204\83225ba8ef6af138d141059cbdcd50ebfdc120a83650d26cbbddd8607097498e.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;520314B58B704AE645D666A79624BDA5501FEA97;2024/12/4 19:29:20
2024/12/4 19:29:37;文件系统实时防护;文件;G:\infected20241204\78573d6499a1657813fea56d743e918b61a70731865f3bfb13f57f0d2199bdcd.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;696199D4618234F764725617866182AC599A72F5;2024/12/4 19:29:15
2024/12/4 19:29:39;文件系统实时防护;文件;G:\infected20241204\87c75f422f9a84fd3324694254292bcb6f57c6293ef1c11548bd8c199b0c7f2b.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;A0BF3319BB5D5699BE36621CCC5DEBA56DAD49FC;2024/12/4 19:29:22
2024/12/4 19:29:42;文件系统实时防护;文件;G:\infected20241204\8ceef7d0eadf1f0ee32343bc88a1f368d5e3bf744d67ec8a402808bc17411dba.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;B19BF4225B459F5FE44B779D130E54F40DE1C4DA;2024/12/4 19:29:24
2024/12/4 19:29:43;文件系统实时防护;文件;G:\infected20241204\8fc1e876d9a0bca4c1124bdd06cdfed283d8e5aef2c80498ca3a4d6c07dc8853.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;D0BA1811DC9B21C7A401D88D7FE77F49E46D02DE;2024/12/4 19:29:26
2024/12/4 19:29:47;文件系统实时防护;文件;G:\infected20241204\967387e0352f28e603c204a217d8ce3c858ee62bf41e1476bb911c03b1e2baed.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;111B4A79B0CBCBA65E237C5819D45784632DD4FF;2024/12/4 19:29:30
2024/12/4 19:29:50;文件系统实时防护;文件;G:\infected20241204\9c6c5727324e4e7ff17b6106df1a9eadaecf6453510d11f92c0cb2baef5833a2.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;B866BDD0F4164C48FE32FB8A6125A1439E30C103;2024/12/4 19:29:34
2024/12/4 19:29:50;文件系统实时防护;文件;G:\infected20241204\b425c5865043bff99036c847ca6d5c0bff6a25945b365641f2481786331db874.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;96C9C2FDEBD8FD1E7408C06343612D6F3A944219;2024/12/4 19:29:38
2024/12/4 19:29:52;文件系统实时防护;文件;G:\infected20241204\b6904d59e10e8349493b64fad899e70b694c60af552fcc8f70a7f090d7b3559b.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;F4BEAC8138432483F4C82CF396E2468EA219C936;2024/12/4 19:29:40
2024/12/4 19:29:56;文件系统实时防护;文件;G:\infected20241204\bf433e68ed5c635b23fe449ef4ee47cfe774140d6f669f1a3f6e7e3b95f4b5a4.rtf;Win32/Exploit.CVE-2017-0199.EX 特洛伊木马;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;5304C07CAD5F697C794C01BEE1F26F5EB6D77AE2;2024/12/4 19:29:46
2024/12/4 19:29:58;文件系统实时防护;文件;G:\infected20241204\b9e7f1ef6bcc692934036d830bb8b74447c949086bb64cb29d26382ed48c9e64.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;7E676955EEEC09F67CACDBA62C3DB6F1582643E4;2024/12/4 19:29:42
2024/12/4 19:29:58;文件系统实时防护;文件;G:\infected20241204\c006fc45ccd90fd47319f6aa0ee4694d8b17e4fd35b237ada54db1cc649b0367.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;22D638C41EC4E8EDFBB24D6EF6CCDE318B581B84;2024/12/4 19:29:46
2024/12/4 19:30:01;文件系统实时防护;文件;G:\infected20241204\c1795280e96fda95735afb7212fe69d6ca9ddd57c3c856c3a91f4379a78e82ce.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;DC72606135D941166C0A33D884A7FB20085C6FC5;2024/12/4 19:29:49
2024/12/4 19:30:04;文件系统实时防护;文件;G:\infected20241204\cb1142bbbc794fdb6d25ad25711ef58f2e945b7ad49ff170cf1bd4b317e94e18.exe;MSIL/Spy.RedLine.A 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;D8D73DFB2DF56F6800AAF08604561C69C580C597;2024/12/4 19:29:52
2024/12/4 19:30:06;文件系统实时防护;文件;G:\infected20241204\d34d80f0c45c81e78228eade52bf7a79fd32c8e2d6ec00a11d540f480bd28609.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;BC2F2EDC26B566C1B715C2D16D155332993874CB;2024/12/4 19:29:52
2024/12/4 19:30:09;文件系统实时防护;文件;G:\infected20241204\d564abdfcca4591daefa88ed6a8cf8baa70d2d7f8ad99f1705e1d87becc910ff.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;868A3F4C9176E2CD7271BB0DBDEDD538E4EE509A;2024/12/4 19:29:54
2024/12/4 19:30:11;文件系统实时防护;文件;G:\infected20241204\d658d227a69ed9749e31501e56ba8c9229f29f0b5dd62fa2914bd34956330ab4.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;B146AB5D15E44C62FEA1AA60D290D1B13CCC7086;2024/12/4 19:29:57
2024/12/4 19:30:15;文件系统实时防护;文件;G:\infected20241204\d9d26b62fef8fd2e8ce7bd875971824d5e6690d36853c13ab0bf53338ba33ed2.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;D334379659B4207488F2E4E6BF4D821627159DFD;2024/12/4 19:30:00
2024/12/4 19:30:15;文件系统实时防护;文件;G:\infected20241204\e87e422dd8d8e489ed603d437f5fda20423f935e595d7a0f209d0a98a8432f37.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;0FE17C3C13C5FA018D015A46EA08F875665BBBB8;2024/12/4 19:30:04
2024/12/4 19:30:16;文件系统实时防护;文件;G:\infected20241204\e94e42c9e74889aeb0fdded867e018fd55cfc7e649d5a63a1f2f4275e770561f.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;732ACA4A94AFF99F62117B50831C1EC95A2FD00D;2024/12/4 19:30:06
2024/12/4 19:30:19;文件系统实时防护;文件;G:\infected20241204\ec0b95a64a7b05290e1695ef6a0184b7ae47fb64af3d53cffa49c4989fb28b27.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;87ADA66FB9F3384EEDDA427489B982288CB15BE4;2024/12/4 19:30:10
2024/12/4 19:30:24;文件系统实时防护;文件;G:\infected20241204\f4c63d2b95619df83a56415e917a90e8d593f8d32409e7f4e6bc5f3f30a0a7bc.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;28EE344C6691810C07D46E59C26BE0F4D07E9C44;2024/12/4 19:30:14
2024/12/4 19:30:26;文件系统实时防护;文件;G:\infected20241204\ff5c562c5582f7497860fa901b35160dd39585b1af978ab7fad14d88aa62016d.rtf;Win32/Exploit.CVE-2017-11882.BOR 特洛伊木马;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;A649747ACD27F2FCEB3D61BFDE64B12FDF8B7F9C;2024/12/4 19:30:21
2024/12/4 19:30:26;文件系统实时防护;文件;G:\infected20241204\fae41c9cd3c7b33f4a46f5a5bcc54f0cb464c7a41bd11e59a9f47a806da2ba64.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;162746E63BEA82F47A1680638148EACEF0723DA3;2024/12/4 19:30:16
2024/12/4 19:30:28;文件系统实时防护;文件;G:\infected20241204\fc7e11d623020d9f410810be7ce3f367cdddf7d0ef1ea0d1f281ae67c53c92cc.exe;Win32/Packed.Themida.HZB 特洛伊木马 的变量;正在删除 时出错;DESKTOP-QA0U4GE\nich0;在通过应用程序创建的新文件上发生了事件: D:\Program Files (x86)\WinRAR\WinRAR.exe (19849293F1494978104BAA2B680C1B85C640ED2E).;1C41268770A05C90C77E82164360BB3EA1817CD6;2024/12/4 19:30:19
回复

举报

freewind2098
发表于 2024-12-4 19:53:01 | 显示全部楼层
下载试试
回复

举报

ninjagaocc
发表于 2024-12-4 20:28:16 | 显示全部楼层
本帖最后由 ninjagaocc 于 2024-12-4 20:35 编辑

EIS 右键扫描 52x


Scan Log
Version of detection engine: 30320 (20241203)
Date: 12/4/2024  Time: 8:20:05 PM
Scanned disks, folders and files: C:\Users\WDAGUtilityAccount\Desktop\infected20241204\3b86be9d0d99dd117f543e6abe8b02c317e7b8036196e54c1f98a3241258c0b4.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\5b7938dc4feb9b3ff8ecc707d77c9fcd5318fc63c092302a7773e4de344b7e08.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\5e123da0222a43a219c9906fbb27748d1c3f8273855a9bc27c20720f58ed563a.rtf;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\6c26ef7905d6c2a10d9fc53ceeca36ef6abc16ba7c3ecc122d17b2d58383f8a4.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\7aa6f31c0b2c15cdfcc87d8c2a10a9f091b67cf10469f7d2a9d6e51093d0bdb6.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\7c2732f5c5b631c310f46163ed8ad469e72e97598851348004b34a5d2268cabb.xlsx;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\7d98dcc2596d38a7394b812c1304a1877d611d7ec82cfc53fd29bc45df779d92.doc;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\8ceef7d0eadf1f0ee32343bc88a1f368d5e3bf744d67ec8a402808bc17411dba.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\8fc1e876d9a0bca4c1124bdd06cdfed283d8e5aef2c80498ca3a4d6c07dc8853.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\9c6c5727324e4e7ff17b6106df1a9eadaecf6453510d11f92c0cb2baef5833a2.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\20d9945ebdc4b284e25427b22d57e86c06a828fb72b2ff2df68e9628ba173157.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\021a0474841259659a8d2836abd29d18c2bf41e462e1a882655e87a649b04429.doc;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\24a043af69762d8f53cd4b8ab5e4e58f81462c3d0e6a60d0ad0e68ad8f451a4b.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\25e382873975a7534c46d8149660988c1dd34ad16b9a1e25ec001de010ebbc1a.xls;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\31f965407764f0da15f8e28f611fdcca9dc454ec5afe1a047fe24c946867394f.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\38f2eb88fe012287edab3bd9ecb5ae6be0284555422783f5f9f518afec20fc49.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\44df9121bb679cd42af8636e69cc566e77d84413eeb0f0a951f4f25d24dd8115.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\086cd8c3be6b4344b2ffa4b4996457a10411f2ff5cffd0b35b04c4bd91e8e44d.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\87c75f422f9a84fd3324694254292bcb6f57c6293ef1c11548bd8c199b0c7f2b.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\99ffd59f67c36c7c9df243734375967bb80758bd5965ebe7803cbdd36227409f.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\145d98e48d061103fe23cc3be16b2cc47dcb8889a9a728d75f968fd83a3b1903.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\712c1c076e2b47e802583598848dfdb28ba7a70bc6a714f3f6a44a2801188df4.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\0728cc536e45cadc41fd6e18265ebcfd2f0a5a8fa915de35f7e66f641089d165.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\1132bcc4ecf911d0bdac09c0facf4b64aed883bb1f6535508b3193939b7bf88a.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\2282f321cef3045b8946d86122b2f4b3c2a7ba0b09420abd37cec922b39e556e.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\2459f7ba7d658b43e28bd50aab8818733c45512362244166c052a5e0d1db3c96.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\2840ded7408a604248f60f9566a19c5f8dca193d7f6605c68ea1c04b8a7adc16.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\3672f19834cbb64ac048209b8cc17611e579c99835f9f2813f89f6891c29c52d.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\5147e58c7d2d5d0296c74619c246f81569dab8c9271513b19b3d1bd4c406c702.hta;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\7750d8649a36e588b56b1ad405d9ea00dd97d963bb62dd83fb0e5ab04c543b42.xlsx;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\9394bd6614fce6d3e79fa285412872b501b12cb7c55e38fd38f335fbaf98e00b.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\9701cdcc203ab89878ce8128d188bc23980c5b571ad18c87b4011cac0e95697f.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\78573d6499a1657813fea56d743e918b61a70731865f3bfb13f57f0d2199bdcd.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\81408b3737787d9cc5fc3fd4641fb8035ccdff77431911d60d350b5a0d747b85.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\83225ba8ef6af138d141059cbdcd50ebfdc120a83650d26cbbddd8607097498e.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\117748bbea88985c6ce0aa4af1086fa41f467ddf76f7fdad05125925644d3b84.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\269382d2679c2408e265597f15d3b6c120bdbc0be76d616bc4c72d7dd758fc87.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\293001cf084b8f338989a1f80c8e6315fa99a275525d4897b9be31a1e669021b.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\376557b12d58276ed8ea595d865315d7ada62558fc776d15cc8e2cae6529071e.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\501146ee033ac337cda7f3f085983022d1c76450a8521d70b036a50bf43c6a1e.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\613609b2fb9f236b8a9cf96c4880fdb08c4cb539ebeb77fbfdade95025fe8ab4.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\967387e0352f28e603c204a217d8ce3c858ee62bf41e1476bb911c03b1e2baed.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\1982954e871875a402e156d0d2dd22ff2b3b100290129a10d6fd4e4c7da9b920.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\7201161135a510258fd94e0f4c94849f1c4e24892fee578dcf5a167f7e3bc656.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\b9e7f1ef6bcc692934036d830bb8b74447c949086bb64cb29d26382ed48c9e64.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\b27fca15ab11961e5baa588e04a60f256fb8a73d17f57474394cca329d51b83c.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\b425c5865043bff99036c847ca6d5c0bff6a25945b365641f2481786331db874.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\b6904d59e10e8349493b64fad899e70b694c60af552fcc8f70a7f090d7b3559b.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\bbd809a13d706d33a25f90c3588393f681a1bd3c119ec0c094aa87f834638fd7.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\bf433e68ed5c635b23fe449ef4ee47cfe774140d6f669f1a3f6e7e3b95f4b5a4.rtf;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\c006fc45ccd90fd47319f6aa0ee4694d8b17e4fd35b237ada54db1cc649b0367.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\c1795280e96fda95735afb7212fe69d6ca9ddd57c3c856c3a91f4379a78e82ce.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\cb1142bbbc794fdb6d25ad25711ef58f2e945b7ad49ff170cf1bd4b317e94e18.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\d9d26b62fef8fd2e8ce7bd875971824d5e6690d36853c13ab0bf53338ba33ed2.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\d34d80f0c45c81e78228eade52bf7a79fd32c8e2d6ec00a11d540f480bd28609.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\d564abdfcca4591daefa88ed6a8cf8baa70d2d7f8ad99f1705e1d87becc910ff.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\d658d227a69ed9749e31501e56ba8c9229f29f0b5dd62fa2914bd34956330ab4.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\da82529895963aecf4527c8d725a0de9009028948642d3a57649fe2dd5c664e6.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\e87e422dd8d8e489ed603d437f5fda20423f935e595d7a0f209d0a98a8432f37.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\e94e42c9e74889aeb0fdded867e018fd55cfc7e649d5a63a1f2f4275e770561f.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\ea791e55bbc9df63ac4a4db182293f3ca90c538b7496126664225d6bb725fb9e.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\eb1cabaf797ce33ebcf54847940c5247a0f0b4db52dc49de8cfa794d9194656a.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\ec0b95a64a7b05290e1695ef6a0184b7ae47fb64af3d53cffa49c4989fb28b27.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\f4c63d2b95619df83a56415e917a90e8d593f8d32409e7f4e6bc5f3f30a0a7bc.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\f279f7169abe7188aa508f6b424ee36f307bc345280651dd9ecec1d511f0e156.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\fae41c9cd3c7b33f4a46f5a5bcc54f0cb464c7a41bd11e59a9f47a806da2ba64.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\fc7e11d623020d9f410810be7ce3f367cdddf7d0ef1ea0d1f281ae67c53c92cc.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\fdeb0fb498eb3395106e358d1cf73f770e4fc31818bc7ed11261f068f918ced3.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\ff5c562c5582f7497860fa901b35160dd39585b1af978ab7fad14d88aa62016d.rtf;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\1a0bdc949fba81cad9505e074d506b5c9c60d46afc52a785962529eb12984650.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\1f8a1b9288323f99062aedd96914cdaf80a4fc2516a59e6897197e01e9a86afb.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\1f70a12bdf3efe77255ffeb9a2b1f6b13912d6293a6f981360cb34ec0382f93f.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\1f2247f9d34d7916c4c22285fb53f6182fec18e18c04ef5b09eb5332cabcf4e6.exe;C:\Users\WDAGUtilityAccount\Desktop\infected20241204\2abd15952cfde9f15b9a8b77bd4eee62f546d21b2ab451298fd81cc7e8d2aa52.exe
User: B60116FB-1190-4\WDAGUtilityAccount
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\086cd8c3be6b4344b2ffa4b4996457a10411f2ff5cffd0b35b04c4bd91e8e44d.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\0728cc536e45cadc41fd6e18265ebcfd2f0a5a8fa915de35f7e66f641089d165.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\1132bcc4ecf911d0bdac09c0facf4b64aed883bb1f6535508b3193939b7bf88a.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\117748bbea88985c6ce0aa4af1086fa41f467ddf76f7fdad05125925644d3b84.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\1982954e871875a402e156d0d2dd22ff2b3b100290129a10d6fd4e4c7da9b920.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\145d98e48d061103fe23cc3be16b2cc47dcb8889a9a728d75f968fd83a3b1903.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\1a0bdc949fba81cad9505e074d506b5c9c60d46afc52a785962529eb12984650.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\1f2247f9d34d7916c4c22285fb53f6182fec18e18c04ef5b09eb5332cabcf4e6.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\2282f321cef3045b8946d86122b2f4b3c2a7ba0b09420abd37cec922b39e556e.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\20d9945ebdc4b284e25427b22d57e86c06a828fb72b2ff2df68e9628ba173157.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\2459f7ba7d658b43e28bd50aab8818733c45512362244166c052a5e0d1db3c96.exe - a variant of Win32/Packed.Themida.HWD trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\24a043af69762d8f53cd4b8ab5e4e58f81462c3d0e6a60d0ad0e68ad8f451a4b.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\25e382873975a7534c46d8149660988c1dd34ad16b9a1e25ec001de010ebbc1a.xls - Win32/Exploit.CVE-2017-0199.ADY trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\269382d2679c2408e265597f15d3b6c120bdbc0be76d616bc4c72d7dd758fc87.exe - a variant of Win32/Packed.Themida.HWD trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\2abd15952cfde9f15b9a8b77bd4eee62f546d21b2ab451298fd81cc7e8d2aa52.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\293001cf084b8f338989a1f80c8e6315fa99a275525d4897b9be31a1e669021b.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\2840ded7408a604248f60f9566a19c5f8dca193d7f6605c68ea1c04b8a7adc16.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\3b86be9d0d99dd117f543e6abe8b02c317e7b8036196e54c1f98a3241258c0b4.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\31f965407764f0da15f8e28f611fdcca9dc454ec5afe1a047fe24c946867394f.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\5e123da0222a43a219c9906fbb27748d1c3f8273855a9bc27c20720f58ed563a.rtf - Win32/Exploit.CVE-2017-11882.BLZ trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\44df9121bb679cd42af8636e69cc566e77d84413eeb0f0a951f4f25d24dd8115.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\6c26ef7905d6c2a10d9fc53ceeca36ef6abc16ba7c3ecc122d17b2d58383f8a4.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\5b7938dc4feb9b3ff8ecc707d77c9fcd5318fc63c092302a7773e4de344b7e08.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\613609b2fb9f236b8a9cf96c4880fdb08c4cb539ebeb77fbfdade95025fe8ab4.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\7750d8649a36e588b56b1ad405d9ea00dd97d963bb62dd83fb0e5ab04c543b42.xlsx » OFFICECRYPTOGRAPHY » 7750d8649a36e588b56b1ad405d9ea00dd97d963bb62dd83fb0e5ab04c543b42.xlsx - probably a variant of Win32/Exploit.CVE-2017-0199.C trojan - deleted
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\7201161135a510258fd94e0f4c94849f1c4e24892fee578dcf5a167f7e3bc656.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\7c2732f5c5b631c310f46163ed8ad469e72e97598851348004b34a5d2268cabb.xlsx » OFFICECRYPTOGRAPHY » 7c2732f5c5b631c310f46163ed8ad469e72e97598851348004b34a5d2268cabb.xlsx - probably a variant of Win32/Exploit.CVE-2017-0199.C trojan - deleted
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\78573d6499a1657813fea56d743e918b61a70731865f3bfb13f57f0d2199bdcd.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\83225ba8ef6af138d141059cbdcd50ebfdc120a83650d26cbbddd8607097498e.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\87c75f422f9a84fd3324694254292bcb6f57c6293ef1c11548bd8c199b0c7f2b.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\8ceef7d0eadf1f0ee32343bc88a1f368d5e3bf744d67ec8a402808bc17411dba.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\8fc1e876d9a0bca4c1124bdd06cdfed283d8e5aef2c80498ca3a4d6c07dc8853.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\967387e0352f28e603c204a217d8ce3c858ee62bf41e1476bb911c03b1e2baed.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\b425c5865043bff99036c847ca6d5c0bff6a25945b365641f2481786331db874.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\9c6c5727324e4e7ff17b6106df1a9eadaecf6453510d11f92c0cb2baef5833a2.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\bf433e68ed5c635b23fe449ef4ee47cfe774140d6f669f1a3f6e7e3b95f4b5a4.rtf - Win32/Exploit.CVE-2017-0199.EX trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\b6904d59e10e8349493b64fad899e70b694c60af552fcc8f70a7f090d7b3559b.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\b9e7f1ef6bcc692934036d830bb8b74447c949086bb64cb29d26382ed48c9e64.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\c006fc45ccd90fd47319f6aa0ee4694d8b17e4fd35b237ada54db1cc649b0367.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\cb1142bbbc794fdb6d25ad25711ef58f2e945b7ad49ff170cf1bd4b317e94e18.exe - a variant of MSIL/Spy.RedLine.A trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\c1795280e96fda95735afb7212fe69d6ca9ddd57c3c856c3a91f4379a78e82ce.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\d34d80f0c45c81e78228eade52bf7a79fd32c8e2d6ec00a11d540f480bd28609.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\d564abdfcca4591daefa88ed6a8cf8baa70d2d7f8ad99f1705e1d87becc910ff.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\d9d26b62fef8fd2e8ce7bd875971824d5e6690d36853c13ab0bf53338ba33ed2.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\d658d227a69ed9749e31501e56ba8c9229f29f0b5dd62fa2914bd34956330ab4.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\e94e42c9e74889aeb0fdded867e018fd55cfc7e649d5a63a1f2f4275e770561f.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\e87e422dd8d8e489ed603d437f5fda20423f935e595d7a0f209d0a98a8432f37.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\ec0b95a64a7b05290e1695ef6a0184b7ae47fb64af3d53cffa49c4989fb28b27.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\f4c63d2b95619df83a56415e917a90e8d593f8d32409e7f4e6bc5f3f30a0a7bc.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\ff5c562c5582f7497860fa901b35160dd39585b1af978ab7fad14d88aa62016d.rtf - Win32/Exploit.CVE-2017-11882.BOR trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\fc7e11d623020d9f410810be7ce3f367cdddf7d0ef1ea0d1f281ae67c53c92cc.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
C:\Users\WDAGUtilityAccount\Desktop\infected20241204\fae41c9cd3c7b33f4a46f5a5bcc54f0cb464c7a41bd11e59a9f47a806da2ba64.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
Number of scanned objects: 486
Number of detections: 52
Number of cleaned objects: 52
Time of completion: 8:26:30 PM  Total scanning time: 385 sec (00:06:25)

Notes:
[1] Object has been deleted as it only contained the virus body.

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

superLYT
发表于 2024-12-4 20:36:38 | 显示全部楼层
本帖最后由 superLYT 于 2024-12-4 20:42 编辑

SEP暴起,杀的只剩下一个doc文件,感觉SEP对doc文件基本上不会杀

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

netweb
发表于 2024-12-4 21:28:22 | 显示全部楼层
本帖最后由 netweb 于 2024-12-4 21:48 编辑

eset
监控+ELG

miss 10x

ELG kill 5147e58c7d2d5d0296c74619c246f81569dab8c9271513b19b3d1bd4c406c702.hta


剩余双击
2个word打开后防火墙交互模式弹窗禁止联网,eset无反应
其他的exe都提示应用程序无法正常启动0xc0000005



回复

举报

scottxzt
发表于 2024-12-4 22:09:21 | 显示全部楼层
本帖最后由 scottxzt 于 2024-12-4 22:44 编辑

MD剩余1个 运行后报错

花的时间太长20分钟,删除太慢

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

下一页 »
12345下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-1-7 09:28 , Processed in 0.105256 second(s), 15 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表