收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 【开放测试】卡饭病毒样本包 20241219 第210期
123下一页
返回列表 发新帖
楼主: zhuzhu009
 收起左侧

[病毒样本] 【开放测试】卡饭病毒样本包 20241219 第210期

[复制链接]
裂空我爱杰
发表于 3 天前 | 显示全部楼层
本帖最后由 裂空我爱杰 于 2024-12-19 18:36 编辑

BD免费版47X
avast清空剩下。
感觉BD扫描不如以前了呀
回复

举报

yy688go
发表于 3 天前 | 显示全部楼层
本帖最后由 yy688go 于 2024-12-19 19:20 编辑

金山毒霸企业版

检测出:42个;
查杀率:79.2%


剩余文件:


本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

yaokai815
发表于 3 天前 | 显示全部楼层
测试
回复

举报

wajika
发表于 3 天前 | 显示全部楼层
本帖最后由 wajika 于 2024-12-19 19:58 编辑


Gridinsoft Trojan Killer Portable v.2.2.120
Report file date: 2024-12-19 19:58:17
Last update:      2024-12-19 19:58:17

Scanning for 175212551 virus strains and unwanted programs.

Licensed:         UNREGISTERED
Windows version:  Windows 10 Pro x64 (version 6.3)
Username:         Administrator
Computer name:    WAJIKA

Starting the file scan:

Custom Scan started
Scanning process...
----- C:\Users\Administrator\Desktop\1219\04bd9f0802c45b8affa1969006e78af4e12e991cc7e683df10bd370b5979e134.exe ---- General Threat
        Trojan.Heur!.038120A1
        Signature verification: False
        MD5: EAC15673F4E20EC549ADB1E79166124A:4492800
        SUBS: Win32 GUI
        PE: x86
        EP: EB080F6C440000000000E900200000000000000000000000000000000000000000000000000000000000000000000000EA00000000000000000000000000000000
        EPSEC: 6
        EPRVA: 00C47000
        IBASE: 00400000
        SEC:
                   :E0000040:A453CE558CC9E01C77488CB1BE21744C:2637824
                .rsrc:C0000040:D07D543270EF980B832880DBB97137FB:512
                .idata  :C0000040:62AD60851443FCE0E7B0BEA322E0070A:512
                        :E0000040:64584564F8AF63F9ABB65BE7B8B27104:512
                rdgnroby:E0000040:673BB764D5C3A69E89E707F5AF95B148:1839616
                cvtjfadp:E0000040:5D937EEB8C537DD3CC3A30C37A53278C:1024
                .taggant:E0000040:D95A5872CEBD61984EA440D8D63B3FFC:8704


----- C:\Users\Administrator\Desktop\1219\055c34101c332838618fdedb730655f61b97553c5e56df94efd373667a3db895.exe ---- General Threat
        Trojan.Heur!.030120A1
        Signature verification: False
        MD5: 8CBE0CED0C0F7BFBDF19128BA80ADB99:2936832
        SUBS: Win32 GUI
        PE: x86
        EP: EB080FAE2C0000000000E90020000000050A000000000000300000000000000000020000000000000000000000000000050A000000000000000000000000000000
        EPSEC: 5
        EPRVA: 00308000
        IBASE: 00400000
        SEC:
                   :E0000040:4415A5BBE9B4231B4360ABB7BA1EBEF4:187904
                .rsrc:C0000040:1E55DB351164DF1643AE87D7EFA3EE0F:1536
                .idata  :C0000040:CC76E3822EFDC911F469A3E3CC9CE9FE:512
                xdyibhef:E0000040:6817941757EACE1C871BF1D8E3D975F6:2732544
                nfincoke:E0000040:7BD1947866D0E0AB131E7E512C4B9C21:1536
                .taggant:E0000040:9B0C8F9D9E09676AAACFB87B8880617F:8704


----- C:\Users\Administrator\Desktop\1219\15bb7ea4eaf34d92908626f1f1898e3bdc5a19fd086df4808a590c00c7285d74.exe ---- General Threat
        Trojan.Win32.Downloader.sa
        Signature verification: False
        MD5: EC3BA2F9B2D0B8236AC14326F17C2512:1254400
        RIC: ADE056D1418AF506887208F87622D456:23424
        SUBS: Win32 GUI
        PE: x86
        EP: E86E050000E97AFEFFFF558BEC56FF75088BF1E858000000C706F0FD49008BC65E5DC20400836104008BC183610800C74104F8FD4900C701F0FD4900C3558BEC56
        EPSEC: 0
        EPRVA: 00020577
        IBASE: 00400000
        SEC:
                .text:60000020:0A1473F3064DCBC32EF93C5C8A90F3A6:633856
                .rdata:40000040:C9CF2468B60BF4F80F136ED54B3989FB:195584
                .data:C0000040:53B9025D545D65E23295E30AFDBD16D9:18432
                .rsrc:40000040:97987A321615054496F8D9523E853B4E:375296
                .reloc:42000040:C68EE8931A32D45EB82DC450EE40EFC3:30208


----- C:\Users\Administrator\Desktop\1219\27d7ce1e09a9fd9540e512911df89895ec1dd9cd04c9ccea6228c6b01b2af69a.exe ---- General Threat
        Trojan.Heur!.038120A1
        Signature verification: False
        MD5: 62B0972DEBC28C978B60CDC3D8654E36:1861120
        SUBS: Win32 GUI
        PE: x86
        EP: EB080F441C0000000000E90020000000020A000000000000300000000000000000000000000000000000000000000000020A000000000000000000000000000000
        EPSEC: 6
        EPRVA: 0049A000
        IBASE: 00400000
        SEC:
                   :E0000040:455A058AA16AFA59C79DADB4037CC273:149504
                .rsrc:C0000040:B1E85B1CD09CAEFC2D43268BE72EF161:1024
                .idata  :C0000040:19A29171433EEEF17E42FD663F137134:512
                        :E0000040:D4155868F21B2706834708B0C8E71D27:512
                pheetsai:E0000040:AB84F5CD12745F6C888085BFE95A2C5A:1695744
                yxxtlodd:E0000040:47BF4C6AA9BCE2E6F771E11F1F99D2A2:1024
                .taggant:E0000040:03F2AC64476748E6D0FCC806D3B6869E:8704


----- C:\Users\Administrator\Desktop\1219\22d61f9877ded908bb98941c84a0c88295b08ea1541f97f722c2ceb008dc1399.exe ---- General Threat
        Ransom.Win32.Blocker.vl!ni
        ProdVer: 1.0.5.38
        FileVer: 1.0.5.38
        Name: NBYS AH.NET
        Company: Uludağ Bilişim Yazılım Departmanı
        Signature verification: False
        .NET TLID: {AC045E25-5D9E-42B8-A1CE-4C3A95960EAE}
        .NET MVID: {09194327-F093-429A-92FD-CD5A5628B8B8}
        NAC: 9032C33596CB319B0C8072E21684486E:44
        MD5: F748D14F449DA06B028B4617CA2142CD:3422208
        RIC: F96065505DE3ED5D36FF6A213361E655:29728
        SUBS: Win32 GUI
        PE: x86
        EP: FF25002040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
        EPSEC: 0
        EPRVA: 0033CD9E
        IBASE: 00400000
        SEC:
                .text:60000020:D8BE71AE909B18863D9B8BC3AE71E5F5:3386880
                .rsrc:40000040:05CC0437360526C1C854E97778C68CAE:34304
                .reloc:42000040:2B34E8386E6834ED459CC086CB41AE27:512


----- C:\Users\Administrator\Desktop\1219\309bb2b85b8789299d9cc64934970b6010956a208de3ed9b853578ae8a15810b.exe ---- General Threat
        Ransom.Win32.Wacatac.sa
        Company: Merstro
        Signature verification: False
        NAC: 53EF9B72C05AB3DD3808311EAB2CCB98:7
        MD5: A4F21B597FB56B09132987C396B7ACC2:435712
        RIC: DE8A594BD23277DCC4504F0B7D2A8A01:26560
        SUBS: Win32 GUI
        PE: x86
        EP: E8F6370000E978FEFFFF8BFF558BEC81EC28030000A3386C4500890D346C45008915306C4500891D2C6C45008935286C4500893D246C4500668C15506C4500668C
        EPSEC: 0
        EPRVA: 00001877
        IBASE: 00400000
        SEC:
                .text:60000020:3DF9361B938F46512C0E937A996CAE0F:327680
                .rdata:40000040:960F4107A2C4BB2CEAD1631588F32DA1:9216
                .data:C0000040:E20CAD3D0B8C718A48E44AD11E1F7B9F:28672
                .rsrc:40000040:09870799E5FC231D39E3E8240F6E44F2:69120


----- C:\Users\Administrator\Desktop\1219\330c33fbe18dc80716291a8507887f2b3f56161559cf8620ec9b4e3d697e2bf4.exe ---- General Threat
        Trojan.Heur!.038120A1
        Signature verification: False
        MD5: 4512E58312B81263EF4B105873E5998E:1885184
        SUBS: Win32 GUI
        PE: x86
        EP: EB080FA21C0000000000E90020000000070A0000000000003000000000000000010000000000000000000000000000000880000000000000100000000000000007
        EPSEC: 6
        EPRVA: 004A6000
        IBASE: 00400000
        SEC:
                   :E0000040:600227102E01E5DCE27472BA92D4C3DE:149504
                .rsrc:C0000040:B1E85B1CD09CAEFC2D43268BE72EF161:1024
                .idata  :C0000040:19A29171433EEEF17E42FD663F137134:512
                        :E0000040:FF93776D7F9D4880E5672495C7595DD2:512
                vxuiwjsp:E0000040:DFB6A4CBE78E85E4FF8C31BABD21D4B3:1719808
                bskstigb:E0000040:51E62379611C5AB2A1810F2D03FC0D8F:1024
                .taggant:E0000040:A801405130C244F406AD65818AE2591D:8704


----- C:\Users\Administrator\Desktop\1219\3a7fac7bd67e9b5e65ba91e95a49df1ca38d64be20f24342efb7cd29e22b4aec.exe ---- General Threat
        Trojan.Heur!.038120A1
        Signature verification: False
        MD5: CEDD75F3A781795BAB964212A7E781E1:1876992
        SUBS: Win32 GUI
        PE: x86
        EP: EB080F821C0000000000E90020000000070A0000000000001000000000000000060A0000000000000000000000000000070A0000060A0000000000000000000000
        EPSEC: 6
        EPRVA: 0049E000
        IBASE: 00400000
        SEC:
                   :E0000040:B7BCD4E4519B98A2E1907FA97CD84FD5:149504
                .rsrc:C0000040:B1E85B1CD09CAEFC2D43268BE72EF161:1024
                .idata  :C0000040:19A29171433EEEF17E42FD663F137134:512
                        :E0000040:EF51835661127C4CD8C4EBA3E4475253:512
                xtdewivh:E0000040:6EE3EDF47BFACA334C12709EEB1A962F:1711616
                thnuemdn:E0000040:A0E5F329AFF23EAC338D1A7A0337CE76:1024
                .taggant:E0000040:E1F2601F405D1BA58D33DB83D6805DB3:8704


----- C:\Users\Administrator\Desktop\1219\2b843617d9fef8997fa434d68a2338dfb3da3550ceefb638f5e683a4e666693a.exe ---- General Threat
        Trojan.Heur!.00012031
        Signature verification: False
        Certificates: Privacy Technologies OU
        MD5: 1AF7854A5AD5A97C01E2217CDF0F7656:723584
        SUBS: Win32 Console
        PE: x86
        EP: E855020000E974FEFFFF558BECFF7508E80A000000F7D8591BC0F7D8485DC3558BEC833DA0D24100FFFF75087507E8583E0000EB0B68A0D24100E8DB3D00005959
        EPSEC: 0
        EPRVA: 00001E6E
        IBASE: 00400000
        SEC:
                .text:60000020:6D89A97965264AA303718E1047CEED5A:78848
                .rdata:40000040:7975814B27F5305AFAA4AE2451474F40:27136
                .data:C0000040:21CA70D79DA8E11896608CF64484F9D4:4096
                .ext:60000020:1397A12727DDAD9D37E4EE639B13E495:512
                .rsrc:40000040:E4B2B3496C80CD736AA5918F624610B3:512
                .reloc:42000040:73926E461BE0CDAA888155118C22B90F:4608
                .bss:C0000040:183B1708CDCBA3739315EEAB36F60A86:296960
                .bss:C0000040:183B1708CDCBA3739315EEAB36F60A86:296960


----- C:\Users\Administrator\Desktop\1219\406044ba7e007830321b3669505774b9e282502ac958f0cd723e5106c33c4180.exe ---- General Threat
        Ransom.Win32.Wacatac.sa
        Signature verification: False
        MD5: 72AB2A99902EC6F67B0D4DF67820328E:1362944
        RIC: 9CE117126A115EB12613FE6E761CCEC4:23499
        SUBS: Win32 GUI
        PE: x86
        EP: 558BEC83C4F0B89CF34600E8B460F9FFA1242C47008B00E83CF8FEFF8B0DF8294700A1242C47008B008B15DCCD4600E83CF8FEFFA1242C47008B00E8B0F8FEFFE8
        EPSEC: 1
        EPRVA: 0007082C
        IBASE: 00400000
        SEC:
                .text:60000020:7F88A60478DA2B59059AC9020A731125:452608
                .itext:60000020:1D2F13587195BD07D0EACAF37F6BCE18:2560
                .data:C0000040:64398B74C9B81658DC6C1C0840194ED3:7680
                .bss:C0000000:D41D8CD98F00B204E9800998ECF8427E:0
                .idata:C0000040:E6A0C30232A0C925DB3F0B1F9F0C28E7:11264
                .tls:C0000000:D41D8CD98F00B204E9800998ECF8427E:0
                .rdata:40000040:C82CFD34222B3044514069E79AD6BA11:512
                .reloc:42000040:2D8E689E68215D8C5822F613430C661E:32256
                .rsrc:40000040:B1AD8E7EEDBF18149D318D2606D312D2:855040


----- C:\Users\Administrator\Desktop\1219\4d63883ce64474b643f30b2e3e3876710a92a861c52a1a452c4d86955d1b5f1e.exe ---- General Threat
        Trojan.Win32.Downloader.sa
        Signature verification: False
        MD5: 9AD73BE33F667E2400DAB66BA0C20058:1249792
        RIC: ADE056D1418AF506887208F87622D456:23424
        SUBS: Win32 GUI
        PE: x86
        EP: E86E050000E97AFEFFFF558BEC56FF75088BF1E858000000C706F0FD49008BC65E5DC20400836104008BC183610800C74104F8FD4900C701F0FD4900C3558BEC56
        EPSEC: 0
        EPRVA: 00020577
        IBASE: 00400000
        SEC:
                .text:60000020:0A1473F3064DCBC32EF93C5C8A90F3A6:633856
                .rdata:40000040:C9CF2468B60BF4F80F136ED54B3989FB:195584
                .data:C0000040:53B9025D545D65E23295E30AFDBD16D9:18432
                .rsrc:40000040:23AEEB00FC20066FB454248D628E679F:370688
                .reloc:42000040:C68EE8931A32D45EB82DC450EE40EFC3:30208


----- C:\Users\Administrator\Desktop\1219\59a902b215031fd5764c623afc91f17f2b1c9b98b4654d78b03851ad75f417b6.exe ---- General Threat
        Trojan.Heur!.038120A1
        Signature verification: False
        MD5: 5FF31144EE74D5A4F3907AF9CAC299F3:1851392
        SUBS: Win32 GUI
        PE: x86
        EP: EB080F1E1C0000000000E9002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
        EPSEC: 6
        EPRVA: 00497000
        IBASE: 00400000
        SEC:
                   :E0000040:F0E165A5B61962C94DA4C760A8344A30:149504
                .rsrc:C0000040:B1E85B1CD09CAEFC2D43268BE72EF161:1024
                .idata  :C0000040:19A29171433EEEF17E42FD663F137134:512
                        :E0000040:CF825B948F50EE3F1E70907B1729E74D:512
                kyudyrks:E0000040:91FC7F2FDE29715A70A48195B46215FE:1686016
                fowspmcj:E0000040:2CDEA8132523714162399937A59B1E88:1024
                .taggant:E0000040:F24994C8FC8B898309589E4E253FBC78:8704


----- C:\Users\Administrator\Desktop\1219\490fc3ac1830a381350813ad614c258eb761886aad612879a592461edffd719b.exe ---- General Threat
        Trojan.Heur!.038120A1
        Signature verification: False
        MD5: 8841698B335573B0ABE7875B85B653D6:4441600
        SUBS: Win32 GUI
        PE: x86
        EP: EB080FA4430000000000E90020000000050A000000000000300000000000000000000080000000000000000000000000050A000000000000000000000000000000
        EPSEC: 6
        EPRVA: 00B50000
        IBASE: 00400000
        SEC:
                   :E0000040:346A1C88793E04D520A7C845D07E2FF4:2637312
                .rsrc:C0000040:091C8D30263BAAA2055BD4AE0C0BBEC5:512
                .idata  :C0000040:E8FBF92E0939D0CD4935F0FE539E974D:512
                        :E0000040:98AD85172D474FB93863F7646165E4E5:512
                zsoqbvfv:E0000040:1E02D785947E52D293F745F95D1FCD1F:1788928
                mzkcudvk:E0000040:D7471261E551DB8AC2A24E4B9FB3823C:1024
                .taggant:E0000040:72D3188F641AF7889AAB6F4B57CD18B5:8704


----- C:\Users\Administrator\Desktop\1219\5a1e55df322d7f0f410e19bda46827def8374605479fe22d16c921c36751ec96.exe ---- General Threat
        Trojan.Heur!.038120A1
        Signature verification: False
        MD5: 60CB08AFF943753C526CF73FD6007489:4449792
        SUBS: Win32 GUI
        PE: x86
        EP: EB080FC4430000000000E9002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
        EPSEC: 6
        EPRVA: 00B56000
        IBASE: 00400000
        SEC:
                   :E0000040:B52FEE2667F4D5F882D6CF436118ADD1:2637312
                .rsrc:C0000040:E9E5A35E1A38E8F1D3F491C2848057AD:512
                .idata  :C0000040:E8FBF92E0939D0CD4935F0FE539E974D:512
                        :E0000040:3157CFD61285F13F74D8842EF58B686A:512
                liphicak:E0000040:294DC3E54DF33D7CF55F320C8524EA86:1796608
                gjmnxrkj:E0000040:10747959390737AF73DDDE7A2245CEF2:1536
                .taggant:E0000040:D58987A0E153A418B94147FABDB3AD6B:8704


----- C:\Users\Administrator\Desktop\1219\5eb00b4d1604a197ddd4f16476ddcb649686de0160158c2a04136e7a62d0246b.exe ---- General Threat
        Trojan.Heur!.030120A1
        Signature verification: False
        MD5: F04E6F4A98B27FCCB18CDDE586A3E946:3061248
        SUBS: Win32 GUI
        PE: x86
        EP: EB080F942E0000000000E90020000000050A00000000000010000000000000000B0A0000000000000000000000000000018000000000000010000000000000000B
        EPSEC: 5
        EPRVA: 00326000
        IBASE: 00400000
        SEC:
                   :E0000040:058E6007E0C22BBD6E7085888F34BF88:187904
                .rsrc:C0000040:1E55DB351164DF1643AE87D7EFA3EE0F:1536
                .idata  :C0000040:CC76E3822EFDC911F469A3E3CC9CE9FE:512
                htmesedz:E0000040:C64CD6F4ACCE64A22DF68F0DEEA62386:2856960
                umtkotfn:E0000040:179F820DDB0628C4B0E1099D4E5A88BE:1536
                .taggant:E0000040:D94572201E1268D2DB307ECFDE6F9457:8704


----- C:\Users\Administrator\Desktop\1219\63c77a3f6cfa94cbc6a4c0c1475f02520592e58d6a03e8553e77a85a3f03c32f.exe ---- General Threat
        Trojan.Win32.Downloader.sa
        Signature verification: False
        MD5: CCDCD04A0FFDE31366754018598EB02F:1362944
        RIC: 9CE117126A115EB12613FE6E761CCEC4:23499
        SUBS: Win32 GUI
        PE: x86
        EP: 558BEC83C4F0B89CF34600E8B460F9FFA1242C47008B00E83CF8FEFF8B0DF8294700A1242C47008B008B15DCCD4600E83CF8FEFFA1242C47008B00E8B0F8FEFFE8
        EPSEC: 1
        EPRVA: 0007082C
        IBASE: 00400000
        SEC:
                .text:60000020:7F88A60478DA2B59059AC9020A731125:452608
                .itext:60000020:1D2F13587195BD07D0EACAF37F6BCE18:2560
                .data:C0000040:64398B74C9B81658DC6C1C0840194ED3:7680
                .bss:C0000000:D41D8CD98F00B204E9800998ECF8427E:0
                .idata:C0000040:E6A0C30232A0C925DB3F0B1F9F0C28E7:11264
                .tls:C0000000:D41D8CD98F00B204E9800998ECF8427E:0
                .rdata:40000040:C82CFD34222B3044514069E79AD6BA11:512
                .reloc:42000040:2D8E689E68215D8C5822F613430C661E:32256
                .rsrc:40000040:51D994C39D421963D0EF160AF1C8CAB1:855040


----- C:\Users\Administrator\Desktop\1219\67b9d9255af3bad550cfa7c8b1a382c2d31c039a2b012e2460f85d9556716477.exe ---- General Threat
        Trojan.Heur!.038120A1
        Signature verification: False
        MD5: 42E46AC1D7643CD42CA0968BFBB9431A:4414464
        SUBS: Win32 GUI
        PE: x86
        EP: EB080F3A430000000000E900200000000B0A0000000000000000000000000000400A0000000000000000000000000000068000000000000010000000000000000B
        EPSEC: 6
        EPRVA: 00B45000
        IBASE: 00400000
        SEC:
                   :E0000040:DBE5A16883D64106FDEA1A1F80DAF7EE:2637312
                .rsrc:C0000040:E2ED7C3004006078DC2C3E5821FA673E:512
                .idata  :C0000040:E8FBF92E0939D0CD4935F0FE539E974D:512
                        :E0000040:EAE4B07989D2363EFF864E9C4E0556BE:512
                mzjhuhma:E0000040:E13BA05FBC9F1F6936DC170C643BC617:1761280
                pufevsnx:E0000040:F11EA25F02CDAC1E382CFC278304C328:1536
                .taggant:E0000040:E1D8B476F7F983177AEC2198802876DB:8704


----- C:\Users\Administrator\Desktop\1219\6db4256ed69b6154cfbb1456b8b69154e50e6446a04874c0d4824ecaa36c76a3.exe ---- General Threat
        Trojan.Heur!.038120A1
        Signature verification: False
        MD5: 083AB041D543588B128C08732EB1A935:4473344
        SUBS: Win32 GUI
        PE: x86
        EP: EB080F20440000000000E90020000000050A0000000000003000000000000000000000000000000022000000000000000000000000000000000000000000000000
        EPSEC: 6
        EPRVA: 00BE6000
        IBASE: 00400000
        SEC:
                   :E0000040:6700ED3E2A7876EF09283446581BB9C3:2639872
                .rsrc:C0000040:7310DEE5DFF9A4BFDA0E30D90360CBC8:512
                .idata  :C0000040:8DA1D90F4E8AD8E1606B904E7BC64D29:512
                        :E0000040:02AD158A9F1E3458B48E61422D189B15:512
                zkwwgmot:E0000040:3DA38003C14FBCFE44F59202C1C6BAA8:1817600
                zqzotsmy:E0000040:692B3D7A5FA96FAA1B77CE0358C322FF:1536
                .taggant:E0000040:2B4A7E831BCBD2EE436B499B5E6EEF2F:8704


----- C:\Users\Administrator\Desktop\1219\6f560023a26b94480f30cb3e66e94fa6fa8c48a430c069c5b312b6a748a46446.exe ---- General Threat
        Trojan.Heur!.038120A1
        Signature verification: False
        MD5: F61CAE36BEA1D639C2C80AF5B95383D2:4449280
        SUBS: Win32 GUI
        PE: x86
        EP: EB080FC2430000000000E90020000000070A000000000000300000000000000024000000000000002100000000000000070A000000000000000000000000000000
        EPSEC: 6
        EPRVA: 00C2C000
        IBASE: 00400000
        SEC:
                   :E0000040:E8E38A2F0772FC71E4A5BBE61438A3E8:2637824
                .rsrc:C0000040:C4CAFFBFFAFFD20184976C58C6B339FA:512
                .idata  :C0000040:62AD60851443FCE0E7B0BEA322E0070A:512
                        :E0000040:467CEBFCED44C1F0305284F64B2A48B4:512
                wytgqbxk:E0000040:B79183AA29879C3E9BC3CB30AF900D54:1796096
                aknbwbwf:E0000040:81CD81538F3BF7116BAE1D073C8DB04A:1024
                .taggant:E0000040:F759CEAC56446AA1EC5318E81559E067:8704


----- C:\Users\Administrator\Desktop\1219\7619900af0011cd2b40be259c52acf7e7415532d002a09267bcfb823ea1f38c4.exe ---- General Threat
        Trojan.Heur!.038120A1
        Signature verification: False
        MD5: 3287CE2D6BE3F77C5D1E7CC351F4AD5F:4466688
        SUBS: Win32 GUI
        PE: x86
        EP: EB080F06440000000000E900200000000B0A0000000000001000000000000000010A0000000000000000000000000000018000000000000010000000000000000B
        EPSEC: 6
        EPRVA: 00B63000
        IBASE: 00400000
        SEC:
                   :E0000040:9B843782146CE41EA363451AFBEE6C39:2637312
                .rsrc:C0000040:796245FE2210F794D235A6030FCAAE58:512
                .idata  :C0000040:E8FBF92E0939D0CD4935F0FE539E974D:512
                        :E0000040:A384DA16EFD55B43B75667771481C36B:512
                ahvfevpi:E0000040:C67D06C180F27995898E63BF7D50E2CE:1814016
                qgsnhtie:E0000040:D2F82ADA3A9708E02DAD372F5E9A088B:1024
                .taggant:E0000040:F3CE5A716B7DC6281638A8AFB7512D52:8704


----- C:\Users\Administrator\Desktop\1219\7c700b74cfa885fd18abe0c42a71e28a3f82bb7e20bb0bb883a49f3e4e3e48f3.exe ---- General Threat
        Trojan.Heur!.038120A1
        Signature verification: False
        MD5: 36E8BEF9E64AAB447E4DEED78ACB16A4:1865216
        SUBS: Win32 GUI
        PE: x86
        EP: EB080F541C0000000000E90020000000020A0000000000003000000000000000000000000000000000000000000000000780000000000000100000000000000004
        EPSEC: 6
        EPRVA: 0049D000
        IBASE: 00400000
        SEC:
                   :E0000040:159A7AA0BF1566EE058EA199C0A3D8A9:149504
                .rsrc:C0000040:B1E85B1CD09CAEFC2D43268BE72EF161:1024
                .idata  :C0000040:19A29171433EEEF17E42FD663F137134:512
                        :E0000040:8F5CCBA70D1D18C13BE9D55553E9C4BE:512
                qcbrxgko:E0000040:06DC67C24E94B4EF5C2F0BB887BD40A3:1699840
                wmphrsag:E0000040:166FDDE90BFB81EF4A3AF2EA96AA006D:1024
                .taggant:E0000040:3F5EF3A14A0594A4536DCFD25A1F96C6:8704


----- C:\Users\Administrator\Desktop\1219\7c13f8b27fb0421f589aaada3eee149dfcbf4916240717ec4d18f07b545750a3.exe ---- General Threat
        Trojan.Heur!.038120A1
        Signature verification: False
        MD5: D001AE31BA54295C5FFEAC731279A162:4434944
        SUBS: Win32 GUI
        PE: x86
        EP: EB080F8A430000000000E900200000000B0A0000000000006000000000000000000000000000000000000000000000000B0A000000000000000000000000000000
        EPSEC: 6
        EPRVA: 00B4E000
        IBASE: 00400000
        SEC:
                   :E0000040:0D3FEB18829584316A57C4D6171DEF8D:2637312
                .rsrc:C0000040:A88177DD9EC16B1BF416EC4780C3A6C9:512
                .idata  :C0000040:E8FBF92E0939D0CD4935F0FE539E974D:512
                        :E0000040:97120642BAEA8C5E44DC372B07BAE11C:512
                oldbffal:E0000040:F6F92EF5A0861A8FBAD675D9D5802D2A:1781760
                xzawrklp:E0000040:EDF13791EC38021A2179D87B156B0231:1536
                .taggant:E0000040:72DAC44CE682D82255248DDD9E9CDAED:8704


----- C:\Users\Administrator\Desktop\1219\9465a7b43d43fbd350d67bb6d7720306525fc409d9189e7ac5a2ada996b08bf5.exe ---- General Threat
        Ransom.Win32.STOP.sa
        Company: Merstro
        Signature verification: False
        NAC: 53EF9B72C05AB3DD3808311EAB2CCB98:7
        MD5: FD5FE344FEF63284ED51951698535FCA:368640
        RIC: 20F15E3273B29444A028FDC726710A30:26560
        SUBS: Win32 GUI
        PE: x86
        EP: E8F6370000E978FEFFFF8BFF558BEC81EC28030000A3386C4400890D346C44008915306C4400891D2C6C44008935286C4400893D246C4400668C15506C4400668C
        EPSEC: 0
        EPRVA: 00001877
        IBASE: 00400000
        SEC:
                .text:60000020:9976381CF58D0F66C1346F9C84E59D35:259072
                .rdata:40000040:4FB72BA1CC81A7852A7AA3706C847F3B:9216
                .data:C0000040:F4844B84BDE1CA15AE8869AC69C9AC02:28672
                .rsrc:40000040:7CB2356F2EFA7527C98AA7827D0C9D5A:70656


----- C:\Users\Administrator\Desktop\1219\85ea7702d92c135a551a65666811e85fbc3c2f062ab10be42ca80c98a4d896c6.exe ---- General Threat
        Trojan.Heur!.038120A1
        Signature verification: False
        MD5: ED6ABEF07583D27BEA1C8F10FF31F6F3:4470272
        SUBS: Win32 GUI
        PE: x86
        EP: EB080F14440000000000E9002000000004000000000000000000000000000000000000000000000024000000000000000000000000000000000000000000000000
        EPSEC: 6
        EPRVA: 00B67000
        IBASE: 00400000
        SEC:
                   :E0000040:F669178BD36CA52F7B83DCAF8B541CF0:2637312
                .rsrc:C0000040:7F3A9F885EFA0BFD56C4B90E6B7108BB:512
                .idata  :C0000040:E8FBF92E0939D0CD4935F0FE539E974D:512
                        :E0000040:54338B715166078A0F0597CF6D3F7EC7:512
                aesmfdid:E0000040:F3C122F2216846396C0A578C00D9B68F:1817088
                xlwvokwh:E0000040:30E12687CEBB65D4D64A4C2D5130468F:1536
                .taggant:E0000040:5FE241DBBDB2F87DC8C19A056C71D560:8704


----- C:\Users\Administrator\Desktop\1219\94d5ea9bee242cdd610d7b6b715c48ebbad7f984a32631079da53aee312e99e7.exe ---- General Threat
        Trojan.Heur!.038120A1
        Signature verification: False
        MD5: 2AE7E727DD6C17712C8F531A43ACEFF7:1876992
        SUBS: Win32 GUI
        PE: x86
        EP: EB080F821C0000000000E90020000000060A0000000000003000000000000000040000000000000022000000000000000000000000000000000000000000000000
        EPSEC: 6
        EPRVA: 004A4000
        IBASE: 00400000
        SEC:
                   :E0000040:CB5A9F39E50C6CA9E147E7EAFDC50284:149504
                .rsrc:C0000040:B1E85B1CD09CAEFC2D43268BE72EF161:1024
                .idata  :C0000040:19A29171433EEEF17E42FD663F137134:512
                        :E0000040:568DECE64410264B1E5D07A5EC7221AA:512
                yfuguylu:E0000040:CC1C82C05C2C1A9E5A4FF2A703483D72:1711616
                bqfvtrvw:E0000040:54D8B8FFF2E8C8738399CF5949F30F33:1024
                .taggant:E0000040:F55B468BEFCA9CC607A5BFB428923DA1:8704


----- C:\Users\Administrator\Desktop\1219\980ca560bfecf5e6e629612390fb3210a9767c64574ef1afd18fc5f310634d29.exe ---- General Threat
        Trojan.Win32.Downloader.sa
        Signature verification: False
        MD5: 885B30BAE5152A5857AFED3EE0A20486:1362944
        RIC: 9CE117126A115EB12613FE6E761CCEC4:23499
        SUBS: Win32 GUI
        PE: x86
        EP: 558BEC83C4F0B89CF34600E8B460F9FFA1242C47008B00E83CF8FEFF8B0DF8294700A1242C47008B008B15DCCD4600E83CF8FEFFA1242C47008B00E8B0F8FEFFE8
        EPSEC: 1
        EPRVA: 0007082C
        IBASE: 00400000
        SEC:
                .text:60000020:7F88A60478DA2B59059AC9020A731125:452608
                .itext:60000020:1D2F13587195BD07D0EACAF37F6BCE18:2560
                .data:C0000040:64398B74C9B81658DC6C1C0840194ED3:7680
                .bss:C0000000:D41D8CD98F00B204E9800998ECF8427E:0
                .idata:C0000040:E6A0C30232A0C925DB3F0B1F9F0C28E7:11264
                .tls:C0000000:D41D8CD98F00B204E9800998ECF8427E:0
                .rdata:40000040:C82CFD34222B3044514069E79AD6BA11:512
                .reloc:42000040:2D8E689E68215D8C5822F613430C661E:32256
                .rsrc:40000040:5FAB716831728759044557D5DC230695:855040


----- C:\Users\Administrator\Desktop\1219\a16f254d7b7ede78b181d541cf02de244472f59f18ea3c8e6ef63d869736cb93.exe ---- General Threat
        Trojan.Heur!.038120A1
        Signature verification: False
        MD5: 604FC7AC851C76B3ADE50108357D8134:1871360
        SUBS: Win32 GUI
        PE: x86
        EP: EB080F6C1C0000000000E900200000000B0A0000000000001000000000000000040A0000000000000000000000000000098000000000000010000000000000000B
        EPSEC: 6
        EPRVA: 0049F000
        IBASE: 00400000
        SEC:
                   :E0000040:4924F3FEADFEDBEB2DC01CCECC383D3A:149504
                .rsrc:C0000040:B1E85B1CD09CAEFC2D43268BE72EF161:1024
                .idata  :C0000040:19A29171433EEEF17E42FD663F137134:512
                        :E0000040:D1EAAABAF13849BA2D492F46D3DD09AD:512
                iottbtod:E0000040:8E695E9E3B9EDA276F58B4E868D018E8:1705984
                ugfsaeak:E0000040:CB73C94C8C51EC6B39A40719D8546401:1024
                .taggant:E0000040:8557A0E6C2D451755E8E53B2C94EDDC6:8704


----- C:\Users\Administrator\Desktop\1219\a20bdb925e1f673b30da71c943e9dd460ee68e23b44fe00c8a1b09609804f105.exe ---- General Threat
        Ransom.Win32.STOP.sa
        Signature verification: False
        Certificates: Microsoft Windows
        MD5: 2B986178DA0C3D081F99AC8FB4A5952C:902856
        RIC: BAAC51AEC36C8FD5EAEFC1BF9A6D2ABD:46077
        SUBS: Win32 GUI
        PE: x86
        EP: E8300B0000E974FEFFFFCCCCCCCCCCCCCCCCCCCC80F940731580F92073060FADD0D3EAC38BC233D280E11FD3E8C333C033D2C3CC80F940731580F92073060FA5C2
        EPSEC: 0
        EPRVA: 0005DC3C
        IBASE: 00400000
        SEC:
                .text:60000020:1900EE3A21CEF1F875B7EA25B37D7DA7:563200
                .rdata:40000040:CF629C48DCAB0B89D64138B08D2071B5:174592
                .data:C0000040:86A613EC869AC4506F44500285CBC808:24064
                .rsrc:40000040:012BF598DA40FA0AACE5DDC3A224A980:94720
                .reloc:42000040:7FFF43AF9EB72DDF7F800F9C55CE58A8:34816


----- C:\Users\Administrator\Desktop\1219\b2f8caea1c0425e7cf69d729262dfeede6df2a415803a7b497359f0124db3ad4.exe ---- General Threat
        Trojan.Heur!.030120A1
        Signature verification: False
        MD5: 8487B3F80D4A1D6DB6D0268B17B66B8B:2978816
        SUBS: Win32 GUI
        PE: x86
        EP: EB080F522D0000000000E90020000000060A0000000000003000000000000000800000000000000000000000000000000780000000000000100000000000000006
        EPSEC: 5
        EPRVA: 00312000
        IBASE: 00400000
        SEC:
                   :E0000040:4E6C33DFA2B5DACC6B1E5FFA7381DAAC:187904
                .rsrc:C0000040:1E55DB351164DF1643AE87D7EFA3EE0F:1536
                .idata  :C0000040:CC76E3822EFDC911F469A3E3CC9CE9FE:512
                ofbpgepi:E0000040:24212BA6DBCE1C294A58135707E65F84:2775040
                zuyyuxmy:E0000040:E07B5B53A9846C0833889D5559F37993:1024
                .taggant:E0000040:6AE05574E00BB488B50544780CFCA26B:8704


----- C:\Users\Administrator\Desktop\1219\bc1b77f9680b9028efd499e3e741d46db003f5470a8b61d21e445eaeb7141045.exe ---- General Threat
        Trojan.Win64.Agent.sa
        Signature verification: False
        MD5: 2B344D8644F0D502C4C8370EF8674A51:3469824
        SUBS: Win32 Console
        PE: x64
        EP: 53565755488D35CA1DCBFF488DBEDB8F90FF57B8E84BA400504889E14889FA4889F7BE1DE23400554889E5448B094989D04889F2488D7702568A07FFCA88C12407
        EPSEC: 1
        EPRVA: 00A46250
        IBASE: 0000000000400000
        SEC:
                UPX0:E0000080:D41D8CD98F00B204E9800998ECF8427E:0
                UPX1:E0000040:E4C9A87EAABC5D668F2BCA6C44D17477:3468800
                UPX2:C0000040:0D026308CF9C08BEBB8F207723307C16:512


----- C:\Users\Administrator\Desktop\1219\c26861430d8dabfd4ad23d387928b14a269071468a33ff37f9a32638341972e3.exe ---- General Threat
        Trojan.Heur!.038120A1
        Signature verification: False
        MD5: C640A058CDFE8C320E2386C8D67382D1:4441088
        SUBS: Win32 GUI
        PE: x86
        EP: EB080FA2430000000000E90020000000060A0000000000001000000000000000060A0000000000000000000000000000060A000000000000000000000000000000
        EPSEC: 6
        EPRVA: 00C6A000
        IBASE: 00400000
        SEC:
                   :E0000040:20F5BD699C71171C291F28BCBDC2C095:2632192
                .rsrc:C0000040:8C1DC7B275EA354A1E89DABAEB408806:512
                .idata  :C0000040:0A146CFF20E31339015BBFCF77CC82C1:512
                        :E0000040:3FA096C47867B635CD7F142F5BD9B9ED:512
                iccabzlv:E0000040:3994DC3104894DE52A9DEC2D252974D7:1793536
                nsguypzr:E0000040:E6FBFE38D6B03B22CFF9142D8CD31C91:1024
                .taggant:E0000040:0BF5A10FFF96CFE9F1A74A67D95CB4B7:8704


----- C:\Users\Administrator\Desktop\1219\d9ff5271da8e7ad2da78a2da803f4c2faed7c13da15700ce27547dc7c6529644.exe ---- General Threat
        Ransom.Win32.Wacatac.sa
        ProdVer:                                                   
        FileVer:                     
        Name: MediaCodecPack                                             
        Company:                                                            
        Signature verification: False
        NAC: 7ED3327055BE693C93EE1A3CD4A209C5:120
        MD5: 015BCE2662BF644E819A99D3D2B0548B:3445716
        RIC: 36301B06D96794B65CE62604C3C03E98:4640
        SUBS: Win32 GUI
        PE: x86
        EP: 558BEC83C4C453565733C08945F08945DCE8CE8AFFFFE8D59CFFFFE8649FFFFFE807A0FFFFE8A6BFFFFFE811E9FFFFE878EAFFFF33C05568C9AC400064FF306489
        EPSEC: 0
        EPRVA: 0000A5F8
        IBASE: 00400000
        SEC:
                CODE:60000020:C3BD95C4B1A8E5199981E0D9B45FD18C:40448
                DATA:C0000040:1EE71D84F1C77AF85F1F5C278F880572:1024
                BSS:C0000000:D41D8CD98F00B204E9800998ECF8427E:0
                .idata:C0000040:BB5485BF968B970E5EA81292AF2ACDBA:2560
                .tls:C0000000:D41D8CD98F00B204E9800998ECF8427E:0
                .rdata:50000040:9BA824905BF9C7922B6FC87A38B74366:512
                .reloc:50000040:D41D8CD98F00B204E9800998ECF8427E:0
                .rsrc:50000040:8C81AFD5CBDC70425E7EA3C4E3D7B3CB:11264


----- C:\Users\Administrator\Desktop\1219\d851fac530f4b5d3f7f215f4257a8fd0248039b7beb7246b06fb2f47e5297d17.exe ---- General Threat
        Trojan.Heur!.00210201
        Signature verification: True
        Certificates: Lenovo Korea
        MD5: F12ECB7E8DD8BFB2D68DF43267AEBA89:6415328
        RIC: 9DB20FFA8027B38FA8E69B021C1AEFF4:139664
        SUBS: Win32 GUI
        PE: x86
        EP: E88E2C0100E886EB0700898C54505B329E03E80B9454505B329E668B0426668B54260266FFC10F8F6ECB0C008D6424080F852DA6FDFF68AFD8300A8B442400508B
        EPSEC: 5
        EPRVA: 00651302
        IBASE: 00400000
        SEC:
                .text:60000020:D41D8CD98F00B204E9800998ECF8427E:0
                .rdata:40000040:D41D8CD98F00B204E9800998ECF8427E:0
                .data:C0000040:D41D8CD98F00B204E9800998ECF8427E:0
                .vmp饪粹:60000020:D41D8CD98F00B204E9800998ECF8427E:0
                .vmp饪粹:C0000040:BF617615369273F203812D1E85658577:1024
                .vmp饪粹:60000020:326DA24FE37E9D8CDEE80D1D29B4A1A6:6065664
                .reloc:40000040:56243C7303452E5D631CE6DAC93C4292:2048
                .rsrc:40000040:6C332359612E11A1776FD4587FC3DED3:337920


----- C:\Users\Administrator\Desktop\1219\e9d6b68a7005d52a9caa77bd238493442a002b09eeb6c52542a587631a92de88.exe ---- General Threat
        Trojan.Heur!.038120A1
        Signature verification: False
        MD5: D0BB2FA7815AE25E59827DD3E8A710BA:1862144
        SUBS: Win32 GUI
        PE: x86
        EP: EB080F481C0000000000E90020000000030A0000000000001000000000000000030A00000000000000000000000000000180000000000000100000000000000003
        EPSEC: 6
        EPRVA: 0049D000
        IBASE: 00400000
        SEC:
                   :E0000040:E00B5AAEA5A1F0C4EC7B8D3DACA1F223:149504
                .rsrc:C0000040:B1E85B1CD09CAEFC2D43268BE72EF161:1024
                .idata  :C0000040:19A29171433EEEF17E42FD663F137134:512
                        :E0000040:7A96693395E771CE102B5A9B2B8AC69A:512
                fkrxxztc:E0000040:A3C337306DDD26A9AD32770A24C77E05:1696768
                rrjayidd:E0000040:C553FCCB608288DA45F653875CCC06BF:1024
                .taggant:E0000040:938F7707BC3038D5861C399C8567D460:8704


----- C:\Users\Administrator\Desktop\1219\db554c37c8a4b97901452b495ea43e0c4bced715f393adec6993451eb244109d.exe ---- General Threat
        Trojan.Heur!.038120A1
        Signature verification: False
        MD5: 70434D35E134BE744784CC4ACF6E8179:4448256
        SUBS: Win32 GUI
        PE: x86
        EP: EB080FBE430000000000E9002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
        EPSEC: 6
        EPRVA: 00B5B000
        IBASE: 00400000
        SEC:
                   :E0000040:EF804AA9FE97127A2C5C1AC5EFC2CB09:2637312
                .rsrc:C0000040:DA9ADB58B7C79A208D7C946908245F18:512
                .idata  :C0000040:E8FBF92E0939D0CD4935F0FE539E974D:512
                        :E0000040:7D4E2BF524D411CF180ABAEF23DBA6B7:512
                ciyzvnng:E0000040:192818C8FF73432402ECFBFB05ADF983:1795584
                chyyoqaf:E0000040:B99CB223CFDD9B27049D9B8750EFB740:1024
                .taggant:E0000040:7F564EA5349C3953FCCF40815E747415:8704


----- C:\Users\Administrator\Desktop\1219\ede8801434d59328105f4af419b459a3c5d6c60195cbe8c718bbc529607ddc61.exe ---- General Threat
        Ransom.Win32.Wacatac.sa
        Company: Merstro
        Signature verification: False
        NAC: 53EF9B72C05AB3DD3808311EAB2CCB98:7
        MD5: FC0FF134AA4C7A6C02F3D502EB17A1D4:437248
        RIC: F474D1052EB80D2A00EE6EE314B47E8C:26560
        SUBS: Win32 GUI
        PE: x86
        EP: E8F6370000E978FEFFFF8BFF558BEC81EC28030000A3386C4500890D346C45008915306C4500891D2C6C45008935286C4500893D246C4500668C15506C4500668C
        EPSEC: 0
        EPRVA: 00001877
        IBASE: 00400000
        SEC:
                .text:60000020:8551E924F9B8A4A2C69914D8EB8820B9:327680
                .rdata:40000040:1E73E104059FECE98FEAB08A81957BB7:9216
                .data:C0000040:65ED3E9A53A6BFB811C4FBA65D95F4FD:28672
                .rsrc:40000040:8228FFABB01BE6B6A2293CA26B58BC68:70656


----- C:\Users\Administrator\Desktop\1219\eda574b714702a176c03a18f1cc966361d9245851dc44d97f498527ffa0268ba.exe ---- General Threat
        Trojan.Heur!.038120A1
        Signature verification: False
        MD5: F0D90C47FC980CB5B9678D4E5CB6378C:4429312
        SUBS: Win32 GUI
        PE: x86
        EP: EB080F74430000000000E9002000000000000000000000000000000000000000000000000000000000000000000000000203000000000000000000000000000000
        EPSEC: 6
        EPRVA: 00C61000
        IBASE: 00400000
        SEC:
                   :E0000040:77FD81A81A596BF2B5802BF8BF4484CA:2632192
                .rsrc:C0000040:9A7E7D067ED3180A886591C713070C77:512
                .idata  :C0000040:0A146CFF20E31339015BBFCF77CC82C1:512
                        :E0000040:B402FDA058D610BD8F44FDD35FF9EDF1:512
                xkwxdtqf:E0000040:907AE810417C1BA4C757757D66076035:1781760
                ltwlumka:E0000040:8D37E96A6A1000DBA36F42DAFDE56E21:1024
                .taggant:E0000040:ECFC082BD921DE84BC727BBCA24A78B3:8704


----- C:\Users\Administrator\Desktop\1219\f3e3c4115bd289a528c02aae90a563e6b5dd6009e125d1fb142bcc7218cf068d.exe ---- General Threat
        Trojan.Heur!.030120A1
        Signature verification: False
        MD5: 0AFE3BC3B68DDB4EBB3878A01A8BCD9A:2966528
        SUBS: Win32 GUI
        PE: x86
        EP: EB080F222D0000000000E90020000000040A000000000000300000000000000000020000000000000000000000000000040A000000000000000000000000000000
        EPSEC: 5
        EPRVA: 0030F000
        IBASE: 00400000
        SEC:
                   :E0000040:528FF70864EFCD0A5FE53FA6002F8900:187904
                .rsrc:C0000040:1E55DB351164DF1643AE87D7EFA3EE0F:1536
                .idata  :C0000040:CC76E3822EFDC911F469A3E3CC9CE9FE:512
                jxgkweio:E0000040:797714350687C698E2CE9B07A3E6CA28:2762752
                wbrwgikq:E0000040:71074A3540A802A2CFEF6F16DD24EB76:1024
                .taggant:E0000040:88E49BABF40B5AB0B6295E1380967D76:8704


----- C:\Users\Administrator\Desktop\1219\f5743915756451135c9902ae18aa3b6f3727cb2ac4444acef3f6b3daeab2982c.exe ---- General Threat
        Trojan.Heur!.038120A1
        Signature verification: False
        MD5: 43E41AEC9E2C027A0316B7500F14B9D4:4444160
        SUBS: Win32 GUI
        PE: x86
        EP: EB080FAE430000000000E90020000000050A0000000000003000000000000000800000000000000022000000000000000000000000000000000000000000000000
        EPSEC: 6
        EPRVA: 00C6F000
        IBASE: 00400000
        SEC:
                   :E0000040:53C90AA2D62088EE65996BE5353AB3A5:2632192
                .rsrc:C0000040:DD65B05F837F12538841338AEF8C8DE9:512
                .idata  :C0000040:0A146CFF20E31339015BBFCF77CC82C1:512
                        :E0000040:732E68347EA1360CC3F93BB9F86C2B47:512
                ddzecpfm:E0000040:2AD16E7E7B5C0E35383D0AE2A7432242:1796608
                uavqjtyc:E0000040:3316B319ED5033CCC246C83E70295868:1024
                .taggant:E0000040:50C1F3DEF881333EFAD78066C98C720D:8704


----- C:\Users\Administrator\Desktop\1219\f7879073e27c916f86ed3da35dd0c38918abd3962c9c2b8738564e282a138ec6.exe ---- General Threat
        Trojan.Heur!.038120A1
        Signature verification: False
        MD5: 62F3849CEF2EF1F8210727A558F9017B:4455424
        SUBS: Win32 GUI
        PE: x86
        EP: EB080FDA430000000000E90020000000050A000000000000600000000000000000000000000000000000000000000000050A000000000000000000000000000000
        EPSEC: 6
        EPRVA: 00C2B000
        IBASE: 00400000
        SEC:
                   :E0000040:D780D4D4F0A948A79DE6B86A2816902C:2637824
                .rsrc:C0000040:9BBB921E89EDD93F63538DA4F87D2B09:512
                .idata  :C0000040:62AD60851443FCE0E7B0BEA322E0070A:512
                        :E0000040:F2A35A4EFD5384453CDF42760D9892FA:512
                zwjapgmi:E0000040:2DFDB7CAD8C62FE4038AA4E9D04FB1D7:1802240
                zyxsakks:E0000040:AA894F0EE2F2BE60BB135F96F2637449:1024
                .taggant:E0000040:27D2280F1F84F558FF4B8B000A97DA1A:8704


----- C:\Users\Administrator\Desktop\1219\023b8573a4295c5f78f6e89b13062e5c185d74e57d2b1c8ec066393bba87313a.exe ---- General Suspicious
        Malware.Heur.00A12015.nn
        Signature verification: False
        Certificates: Notepad++
        MD5: 1F4548AAC2C166BACD286C6F5243908F:884502
        RIC: 21F9B0AFD8263C453B9A1845AADF793B:32731
        SUBS: Win32 GUI
        PE: x86
        EP: 81ECD4020000535556576A2033ED5E896C2418C744241068A24000896C2414FF15309040006801800000FF15B490400055FF15C09240006A08A398EB4700E8362A
        EPSEC: 0
        EPRVA: 000038AF
        IBASE: 00400000
        SEC:
                .text:60000020:419D4E1BE1AC35A5DB9C47F553B27CEA:29696
                .rdata:40000040:CCA1CA3FBF99570F6DE9B43CE767F368:11264
                .data:C0000040:77F0839F8EBEA31040E462523E1C770E:512
                .ndata:C0000080:D41D8CD98F00B204E9800998ECF8427E:0
                .rsrc:40000040:30713246F57AD95C2B3AE794E18370AF:34816
                .reloc:42000040:D39B821510FF1826F121D37E861E6F04:4096


----- C:\Users\Administrator\Desktop\1219\f5ad3ca6464635488824c3e5b6284ca263e7c6417ec854692d839a1c008d5e23.exe ---- General Suspicious
        Malware.Heur.00A12015.nn
        Signature verification: False
        Certificates: Hamrick Software
        MD5: C5F715F9EEFA5E42FD10FC3B6E90953B:899095
        RIC: FD9FEAD5F676F17A4C7C12403AB78C09:41515
        SUBS: Win32 GUI
        PE: x86
        EP: 81ECD4020000535556576A2033ED5E896C2418C744241068A24000896C2414FF15309040006801800000FF15B490400055FF15C09240006A08A398EB4700E8362A
        EPSEC: 0
        EPRVA: 000038AF
        IBASE: 00400000
        SEC:
                .text:60000020:419D4E1BE1AC35A5DB9C47F553B27CEA:29696
                .rdata:40000040:CCA1CA3FBF99570F6DE9B43CE767F368:11264
                .data:C0000040:77F0839F8EBEA31040E462523E1C770E:512
                .ndata:C0000080:D41D8CD98F00B204E9800998ECF8427E:0
                .rsrc:40000040:C926895C2FEBFF432824055C5777F47F:43520
                .reloc:42000040:7C4854A2B1B8A5C7C537EE59A4A60E92:4096


Scan completed

Scan result:         42 detected items
Scan completed in:   Scan completed in 4 seconds.
Files were scanned:  62

回复

举报

心醉咖啡
发表于 3 天前 | 显示全部楼层
本帖最后由 心醉咖啡 于 2024-12-19 20:01 编辑

火绒adv
  1. 病毒库时间:2024-12-18 18:14
  2. 开始时间:2024-12-19 19:58
  3. 总计用时:00:00:01
  4. 扫描对象:232
  5. 扫描文件:53
  6. 发现风险:44
  7. 已处理风险:44
  8. 病毒详情:
  9. 风险路径:E:\浏览器下载\1219\0c64dd1718afa8b2cceb2727a322ddb14f595b29426c0c018a2231e61a73f6e5.lnk, 病毒名:Trojan/LNK.Agent.ba, 病毒ID:a064295bad3b7513, 处理结果:已处理,删除文件
  10. 风险路径:E:\浏览器下载\1219\06fe27eb26975a1cb680fff55f815be29e440a0f2312dbc93171f6aa822fb441.vbs, 病毒名:ADV:TrojanDownloader/VBS.Generic!meteor, 病毒ID:2f571164d00ed13b, 处理结果:已处理,删除文件
  11. 风险路径:E:\浏览器下载\1219\6c6329c8ab3fa52c199cbbf9b270f8faaa05dc74d7f78cbd5ac8bbea61ef49bc.vbs, 病毒名:HEUR:Trojan/VBS.GuLoader.f, 病毒ID:aaddf7b86fc7408f, 处理结果:已处理,删除文件
  12. 风险路径:E:\浏览器下载\1219\4769a76a890f8697545f2d13c5b19bdee851cad6ae0dd2a07701d379ae08a61f.lnk, 病毒名:Trojan/LNK.Agent.ba, 病毒ID:a064295bad3b7513, 处理结果:已处理,删除文件
  13. 风险路径:E:\浏览器下载\1219\6f1bdd6bc9a18a5ac6d7c28323e18f8aae4c5db0a5b54cc72df547518e7386c8.js, 病毒名:ADV:TrojanDownloader/VBS.Generic!meteor, 病毒ID:2f571164d00ed13b, 处理结果:已处理,删除文件
  14. 风险路径:E:\浏览器下载\1219\8c5195f5d2c6f618d5f98a9f32809b5da490cb1c48512d410c1896695fb4d394.lnk, 病毒名:TrojanDownloader/LNK.NetLoader.t, 病毒ID:f68b92eb115e3026, 处理结果:已处理,删除文件
  15. 风险路径:E:\浏览器下载\1219\8dfebd7977251503d34f06b75d8b76a518c6f07ef52e3724aed9c3d9158a662e.vbs, 病毒名:HEUR:TrojanDownloader/PS.NetLoader.ae, 病毒ID:668253966b116ec7, 处理结果:已处理,删除文件
  16. 风险路径:E:\浏览器下载\1219\245641a41fbc20b6ff8e1b199ac9af9a103d6e9215e352f3f9e3aedec889b9e4.lnk, 病毒名:TrojanDownloader/LNK.NetLoader.t, 病毒ID:f68b92eb115e3026, 处理结果:已处理,删除文件
  17. 风险路径:E:\浏览器下载\1219\63c77a3f6cfa94cbc6a4c0c1475f02520592e58d6a03e8553e77a85a3f03c32f.exe, 病毒名:TrojanDownloader/Delf.bb, 病毒ID:f1a13cf502895c0e, 处理结果:已处理,删除文件
  18. 风险路径:E:\浏览器下载\1219\406044ba7e007830321b3669505774b9e282502ac958f0cd723e5106c33c4180.exe, 病毒名:TrojanDownloader/Delf.bb, 病毒ID:f1a13cf502895c0e, 处理结果:已处理,删除文件
  19. 风险路径:E:\浏览器下载\1219\27d7ce1e09a9fd9540e512911df89895ec1dd9cd04c9ccea6228c6b01b2af69a.exe, 病毒名:HEUR:TrojanSpy/Stealer.ay, 病毒ID:d77baa95d30eb3e9, 处理结果:已处理,删除文件
  20. 风险路径:E:\浏览器下载\1219\7c700b74cfa885fd18abe0c42a71e28a3f82bb7e20bb0bb883a49f3e4e3e48f3.exe, 病毒名:HEUR:TrojanSpy/Stealer.ay, 病毒ID:d77baa95d30eb3e9, 处理结果:已处理,删除文件
  21. 风险路径:E:\浏览器下载\1219\980ca560bfecf5e6e629612390fb3210a9767c64574ef1afd18fc5f310634d29.exe, 病毒名:TrojanDownloader/Delf.bb, 病毒ID:f1a13cf502895c0e, 处理结果:已处理,删除文件
  22. 风险路径:E:\浏览器下载\1219\a16f254d7b7ede78b181d541cf02de244472f59f18ea3c8e6ef63d869736cb93.exe, 病毒名:HEUR:TrojanSpy/Stealer.ay, 病毒ID:d77baa95d30eb3e9, 处理结果:已处理,删除文件
  23. 风险路径:E:\浏览器下载\1219\a20bdb925e1f673b30da71c943e9dd460ee68e23b44fe00c8a1b09609804f105.exe, 病毒名:Ransom/LockFile.nb, 病毒ID:35489e2b0c8ed8c3, 处理结果:已处理,删除文件
  24. 风险路径:E:\浏览器下载\1219\ea0a7467efc74d7a947774d83d440426510243bd4b443391f753902bf275c86c.vbs, 病毒名:ADV:TrojanDownloader/VBS.Generic!meteor, 病毒ID:2f571164d00ed13b, 处理结果:已处理,删除文件
  25. 风险路径:E:\浏览器下载\1219\22d61f9877ded908bb98941c84a0c88295b08ea1541f97f722c2ceb008dc1399.exe, 病毒名:HEUR:TrojanSpy/MSIL.AgentTesla.k, 病毒ID:a296d27d2a1f20b2, 处理结果:已处理,删除文件
  26. 风险路径:E:\浏览器下载\1219\5a1e55df322d7f0f410e19bda46827def8374605479fe22d16c921c36751ec96.exe, 病毒名:HEUR:TrojanSpy/Stealer.ay, 病毒ID:13b97673019d2d01, 处理结果:已处理,删除文件
  27. 风险路径:E:\浏览器下载\1219\85ea7702d92c135a551a65666811e85fbc3c2f062ab10be42ca80c98a4d896c6.exe, 病毒名:HEUR:TrojanSpy/Stealer.ay, 病毒ID:13b97673019d2d01, 处理结果:已处理,删除文件
  28. 风险路径:E:\浏览器下载\1219\6db4256ed69b6154cfbb1456b8b69154e50e6446a04874c0d4824ecaa36c76a3.exe, 病毒名:HEUR:TrojanSpy/Stealer.ay, 病毒ID:274401cd1ed19f00, 处理结果:已处理,删除文件
  29. 风险路径:E:\浏览器下载\1219\e9d6b68a7005d52a9caa77bd238493442a002b09eeb6c52542a587631a92de88.exe, 病毒名:HEUR:TrojanSpy/Stealer.ay, 病毒ID:d77baa95d30eb3e9, 处理结果:已处理,删除文件
  30. 风险路径:E:\浏览器下载\1219\7619900af0011cd2b40be259c52acf7e7415532d002a09267bcfb823ea1f38c4.exe, 病毒名:HEUR:TrojanSpy/Stealer.ay, 病毒ID:ff65f09dca577049, 处理结果:已处理,删除文件
  31. 风险路径:E:\浏览器下载\1219\f87591ca3e590371796ced4bd9df58da5dc7822faae2520886470d1307b69db9.lnk, 病毒名:TrojanDownloader/LNK.NetLoader.t, 病毒ID:f68b92eb115e3026, 处理结果:已处理,删除文件
  32. 风险路径:E:\浏览器下载\1219\d9ff5271da8e7ad2da78a2da803f4c2faed7c13da15700ce27547dc7c6529644.exe, 病毒名:HEUR:TrojanDropper/Agent.t, 病毒ID:274ad40c454fbe33, 处理结果:已处理,删除文件
  33. 风险路径:E:\浏览器下载\1219\490fc3ac1830a381350813ad614c258eb761886aad612879a592461edffd719b.exe, 病毒名:HEUR:TrojanSpy/Stealer.ay, 病毒ID:13b97673019d2d01, 处理结果:已处理,删除文件
  34. 风险路径:E:\浏览器下载\1219\67b9d9255af3bad550cfa7c8b1a382c2d31c039a2b012e2460f85d9556716477.exe, 病毒名:HEUR:TrojanSpy/Stealer.ay, 病毒ID:13b97673019d2d01, 处理结果:已处理,删除文件
  35. 风险路径:E:\浏览器下载\1219\6f560023a26b94480f30cb3e66e94fa6fa8c48a430c069c5b312b6a748a46446.exe, 病毒名:HEUR:TrojanSpy/Stealer.ay, 病毒ID:13b97673019d2d01, 处理结果:已处理,删除文件
  36. 风险路径:E:\浏览器下载\1219\7c13f8b27fb0421f589aaada3eee149dfcbf4916240717ec4d18f07b545750a3.exe, 病毒名:HEUR:TrojanSpy/Stealer.ay, 病毒ID:a52526ce59f85dad, 处理结果:已处理,删除文件
  37. 风险路径:E:\浏览器下载\1219\04bd9f0802c45b8affa1969006e78af4e12e991cc7e683df10bd370b5979e134.exe, 病毒名:HEUR:TrojanSpy/Stealer.ay, 病毒ID:13b97673019d2d01, 处理结果:已处理,删除文件
  38. 风险路径:E:\浏览器下载\1219\bc1b77f9680b9028efd499e3e741d46db003f5470a8b61d21e445eaeb7141045.exe, 病毒名:ADV:Trojan/W64.CoinMiner!meteor, 病毒ID:ad7dcc3049f81930, 处理结果:已处理,删除文件
  39. 风险路径:E:\浏览器下载\1219\f5ad3ca6464635488824c3e5b6284ca263e7c6417ec854692d839a1c008d5e23.exe >> ProductStocks\Cotton, 病毒名:Trojan/BAT.Agent.cv, 病毒ID:68a36476722a18b9, 处理结果:已处理,删除文件
  40. 风险路径:E:\浏览器下载\1219\c26861430d8dabfd4ad23d387928b14a269071468a33ff37f9a32638341972e3.exe, 病毒名:HEUR:TrojanSpy/Stealer.ay, 病毒ID:e827272e95799a80, 处理结果:已处理,删除文件
  41. 风险路径:E:\浏览器下载\1219\59a902b215031fd5764c623afc91f17f2b1c9b98b4654d78b03851ad75f417b6.exe, 病毒名:ADV:VirTool/Obfuscator!meteor, 病毒ID:b6b4d4a297409986, 处理结果:已处理,删除文件
  42. 风险路径:E:\浏览器下载\1219\db554c37c8a4b97901452b495ea43e0c4bced715f393adec6993451eb244109d.exe, 病毒名:HEUR:TrojanSpy/Stealer.ay, 病毒ID:13b97673019d2d01, 处理结果:已处理,删除文件
  43. 风险路径:E:\浏览器下载\1219\eda574b714702a176c03a18f1cc966361d9245851dc44d97f498527ffa0268ba.exe, 病毒名:HEUR:TrojanSpy/Stealer.ay, 病毒ID:274401cd1ed19f00, 处理结果:已处理,删除文件
  44. 风险路径:E:\浏览器下载\1219\f5743915756451135c9902ae18aa3b6f3727cb2ac4444acef3f6b3daeab2982c.exe, 病毒名:HEUR:TrojanSpy/Stealer.ay, 病毒ID:274401cd1ed19f00, 处理结果:已处理,删除文件
  45. 风险路径:E:\浏览器下载\1219\f7879073e27c916f86ed3da35dd0c38918abd3962c9c2b8738564e282a138ec6.exe, 病毒名:HEUR:TrojanSpy/Stealer.ay, 病毒ID:13b97673019d2d01, 处理结果:已处理,删除文件
  46. 风险路径:E:\浏览器下载\1219\9465a7b43d43fbd350d67bb6d7720306525fc409d9189e7ac5a2ada996b08bf5.exe, 病毒名:ADV:VirTool/Obfuscator!meteor, 病毒ID:b6b4d4a297409986, 处理结果:已处理,删除文件
  47. 风险路径:E:\浏览器下载\1219\f3e3c4115bd289a528c02aae90a563e6b5dd6009e125d1fb142bcc7218cf068d.exe, 病毒名:TrojanDownloader/Amadey.p, 病毒ID:fc81df1de0652b26, 处理结果:已处理,删除文件
  48. 风险路径:E:\浏览器下载\1219\309bb2b85b8789299d9cc64934970b6010956a208de3ed9b853578ae8a15810b.exe, 病毒名:ADV:VirTool/Obfuscator!meteor, 病毒ID:b6b4d4a297409986, 处理结果:已处理,删除文件
  49. 风险路径:E:\浏览器下载\1219\055c34101c332838618fdedb730655f61b97553c5e56df94efd373667a3db895.exe, 病毒名:TrojanDownloader/Amadey.p, 病毒ID:fc81df1de0652b26, 处理结果:已处理,删除文件
  50. 风险路径:E:\浏览器下载\1219\4d63883ce64474b643f30b2e3e3876710a92a861c52a1a452c4d86955d1b5f1e.exe, 病毒名:HVM:VirTool/Obfuscator.gen!A, 病毒ID:b27d4294cde6a1ec, 处理结果:已处理,删除文件
  51. 风险路径:E:\浏览器下载\1219\15bb7ea4eaf34d92908626f1f1898e3bdc5a19fd086df4808a590c00c7285d74.exe, 病毒名:HVM:VirTool/Obfuscator.gen!A, 病毒ID:b27d4294cde6a1ec, 处理结果:已处理,删除文件
  52. 风险路径:E:\浏览器下载\1219\5eb00b4d1604a197ddd4f16476ddcb649686de0160158c2a04136e7a62d0246b.exe, 病毒名:TrojanDownloader/Amadey.p, 病毒ID:fc81df1de0652b26, 处理结果:已处理,删除文件
复制代码

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

mmmaoo
发表于 3 天前 | 显示全部楼层
本帖最后由 mmmaoo 于 2024-12-19 21:03 编辑

江民样本数量总数为:53
总检出数量为:42
检出率为:79.25%



本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

a2120258
发表于 3 天前 | 显示全部楼层
看看如何
回复

举报

1094947421
发表于 3 天前 | 显示全部楼层
剩一个。

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

biue
发表于 3 天前 | 显示全部楼层
腾讯电脑管家 52X

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

yaokai815
发表于 前天 10:11 | 显示全部楼层
360 52x

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

下一页 »
123下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-12-22 00:15 , Processed in 0.092002 second(s), 15 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表