收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 【开放测试】卡饭病毒样本包 20250206 第250期
12345下一页
返回列表 发新帖
楼主: zhuzhu009
 收起左侧

[病毒样本] 【开放测试】卡饭病毒样本包 20250206 第250期

  [复制链接]
biue
发表于 2025-2-7 00:53:11 | 显示全部楼层
腾讯电脑管家 53X

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

wajika
发表于 2025-2-7 08:47:00 | 显示全部楼层
Gridinsoft  24X
  1. Gridinsoft Trojan Killer Portable v.2.3.5
  2. Report file date: 2025-02-07 8:45:46
  3. Last update:      2025-01-16 11:48:22

  5. Scanning for 180957684 virus strains and unwanted programs.

  7. Licensed:         UNREGISTERED
  8. Windows version:  Windows 10 Pro x64 (version 6.3)
  9. Username:         Administrator
  10. Computer name:    WAJIKA

  12. Starting the file scan:

  14. Custom Scan started
  15. Scanning process...
  16. ----- C:\Users\Administrator\Desktop\20250206\31dd67c25cb99830d6df7e63abee058598eed026076acd4a659fed12fd8647ef.exe ---- General Threat
  17.         Ransom.Win32.Wacatac.sa
  18.         ProdVer: 7.0.0.0
  19.         FileVer: 7.0.0.0
  20.         Name: DockableWindows
  21.         Company: DockableWindows
  22.         Signature verification: False
  23.         .NET TLID: {8ADC4E0A-A1BA-4926-9932-96545BC53965}
  24.         .NET MVID: {A5A96C7E-5D65-4037-A17F-88FD89BA3270}
  25.         NAC: AD5503ACE7A9F555786F38700C570D07:30
  26.         MD5: 745D5F448C35205B63FE79F29E5F76F6:934400
  27.         RIC: EE043D075DB72A1455177CA858A62AA6:4264
  28.         SUBS: Win32 GUI
  29.         PE: x86
  30.         EP: FF2500204000000000000000000000000000000000000000000000000000000000000000000000000000040000000000030003000000280000800E000000400000
  31.         EPSEC: 0
  32.         EPRVA: 000E47DE
  33.         IBASE: 00400000
  34.         SEC:
  35.                 .text:60000020:49D5F14C981D8BF97D7E93EE5F1A5292:927744
  36.                 .rsrc:40000040:BE07B1E3E4EB2038B561F277046965CA:5632
  37.                 .reloc:42000040:271D5CA0326E5F15F72064170A37246D:512


  40. ----- C:\Users\Administrator\Desktop\20250206\3cc81a067f9cc55dfa9c727e0d75b775d6f920fe245cbdf134fe9a1933a83006.exe ---- General Threat
  41.         Ransom.Win32.Skeeyah.oa!s1
  42.         ProdVer: 1.0.0.0
  43.         FileVer: 1.0.0.0
  44.         Name: Tomato Timer
  45.         Company: robcthegeek
  46.         Signature verification: False
  47.         .NET TLID: {5F275C9D-3CEA-4A03-AFC4-5CC5CD983643}
  48.         .NET MVID: {3E2C98B4-37CE-4706-B2D6-5C1F467744ED}
  49.         NAC: 511CC15594C4D9B15F069EFF7952FD13:23
  50.         MD5: D9433FADDCACA526B26F713E27E2505F:601088
  51.         RIC: 5BFCDEB785265E172B1F756CFDCA3194:15032
  52.         SUBS: Win32 GUI
  53.         PE: x86
  54.         EP: FF250020400000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000040003000000300000800E0000
  55.         EPSEC: 0
  56.         EPRVA: 000903DA
  57.         IBASE: 00400000
  58.         SEC:
  59.                 .text:60000020:C09ABC788DE8E8DF5CEC37ACE7E1F8B0:582656
  60.                 .rsrc:40000040:1CAE3DC06D3AAD0BA2F54976461418AC:17408
  61.                 .reloc:42000040:5626970ACBA1B92B14C702CA5ED8B99C:512


  64. ----- C:\Users\Administrator\Desktop\20250206\c0248e47689da35393fae3dfefbf7256caeafe4f79a4e3bb6683cd5315cb9ea4.exe ---- General Threat
  65.         Trojan.Win32.Downloader.dd!n
  66.         ProdVer: 1.0.0.0                                          
  67.         FileVer: 1.0.0.0            
  68.         Name: Aimbot.exe                                                  
  69.         Company:                                                            
  70.         Signature verification: False
  71.         NAC: D8C41E2F6AFAEE2AA822A6F90248F072:120
  72.         MD5: 405C165052EEE5035AECF00211738C69:1895451
  73.         RIC: CF085411DFE0D57309BF8ED366AB8CF8:55173
  74.         SUBS: Win32 GUI
  75.         PE: x86
  76.         EP: 558BEC83C4A453565733C08945C48945C08945A48945D08945C88945CC8945D48945D88945ECB8BC2E4A00E85079F6FF33C05568C18A4A0064FF3064892033D255
  77.         EPSEC: 1
  78.         EPRVA: 000A83BC
  79.         IBASE: 00400000
  80.         SEC:
  81.                 .text:60000020:B889D302F6FC48A904DE33D8D947AE80:677888
  82.                 .itext:60000020:588DD0A8AB499300D3701CBD11B017D9:7168
  83.                 .data:C0000040:5C0C76E77AEF52EBC6702430837CCB6E:14848
  84.                 .bss:C0000000:D41D8CD98F00B204E9800998ECF8427E:0
  85.                 .idata:C0000040:627340DFF539EF99048969AA4824FB2D:4096
  86.                 .didata:C0000040:FD11C1109737963CC6CB7258063ABFD6:512
  87.                 .edata:40000040:7DE8CA0C7A61668A728FD3A88DC0942D:512
  88.                 .tls:C0000000:D41D8CD98F00B204E9800998ECF8427E:0
  89.                 .rdata:40000040:D84006640084DC9F74A07C2FF9C7D656:512
  90.                 .reloc:42000040:A85FDA2741BD9417695DAA5FC5A9D7A5:69632
  91.                 .rsrc:40000040:EBE8179E3CA297B70B75244DE3E54525:69632


  94. ----- C:\Users\Administrator\Desktop\20250206\f6093a0d468e3cd2df9b2563336ccbd3b5783e8c06c52e296770fc31fe5257f4.exe ---- General Threat
  95.         Trojan.Win32.Kryptik.sa
  96.         ProdVer: 0.1.0.0
  97.         FileVer: 0.1.0.0
  98.         Name: OxiteMigrator
  99.         Company: Hadi Eskandari
  100.         Signature verification: False
  101.         .NET TLID: {B0CA24EC-FD92-4A71-8683-2EC5CACD3E2D}
  102.         .NET MVID: {B2E232FD-A89D-410E-A253-8B6647C23CCB}
  103.         NAC: 5B40395B352733F16B263E11591E4F25:27
  104.         MD5: B0EAD7B727E72F20B83CB7D9AF6AE975:952320
  105.         RIC: 8CAA2B208984BFA1A0C0A0350C9F2F17:4264
  106.         SUBS: Win32 GUI
  107.         PE: x86
  108.         EP: FF2500204000ADDE0000EFBE0000FECA0000BEBA000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
  109.         EPSEC: 0
  110.         EPRVA: 000E8B12
  111.         IBASE: 00400000
  112.         SEC:
  113.                 .text:60000020:F396A7A378B58729630655682C508F4D:945152
  114.                 .rsrc:40000040:F0B42C1D3F8EE57EB0B3B0450F8D4DDF:6144
  115.                 .reloc:42000040:39F488E7FDBA7B0E30B31F0E7DD9FFC7:512


  118. ----- C:\Users\Administrator\Desktop\20250206\0da059f9da29bbfeb0f5fe232e2dac13d1e2a3174e327d2cbb540a50eca72aed.exe ---- General Suspicious
  119.         Malware.Heur.02014001.nn
  120.         Signature verification: False
  121.         MD5: CC70A7E6757A0241329C9E4BF7AC5323:1246208
  122.         RIC: ADE056D1418AF506887208F87622D456:23424
  123.         SUBS: Win32 GUI
  124.         PE: x86
  125.         EP: E8B8D00000E97FFEFFFFCCCCCCCCCCCCCCCCCCCCCCCC57568B7424108B4C24148B7C240C8BC18BD103C63BFE76083BF80F82680300000FBA25FC314C00017307F3
  126.         EPSEC: 0
  127.         EPRVA: 00027F4A
  128.         IBASE: 00400000
  129.         SEC:
  130.                 .text:60000020:C2C2260508750422D20CD5CBB116B146:581120
  131.                 .rdata:40000040:4513B58651E3D8D87C81A396E5B2F1D1:188928
  132.                 .data:C0000040:C2DE4A3D214EAE7E87C7BFC06BD79775:20992
  133.                 .rsrc:40000040:B5527728974F230A4150694684F44BB8:424960
  134.                 .reloc:42000040:1254908A9A03D2BCF12045D49CD572B9:29184


  137. ----- C:\Users\Administrator\Desktop\20250206\19478a15efa45981ccec619c3ebe95f31d3428e42f852d0165c801bad61ed239.exe ---- General Suspicious
  138.         Malware.Heur.02014001.nn
  139.         Signature verification: False
  140.         MD5: 6AED7AB2E1947C92588192D6C9ECFA51:1183232
  141.         RIC: ADE056D1418AF506887208F87622D456:23424
  142.         SUBS: Win32 GUI
  143.         PE: x86
  144.         EP: E8C8D00000E97FFEFFFFCCCCCCCCCCCCCCCCCCCCCCCC57568B7424108B4C24148B7C240C8BC18BD103C63BFE76083BF80F82680300000FBA25FC414C00017307F3
  145.         EPSEC: 0
  146.         EPRVA: 0002800A
  147.         IBASE: 00400000
  148.         SEC:
  149.                 .text:60000020:310E36668512D53489C005622BB1B4A9:581632
  150.                 .rdata:40000040:F006AB74D3C653B5C5A6CC0C77A171A2:196096
  151.                 .data:C0000040:AAE9601D920F07080BDFADF43DFEFF12:20992
  152.                 .rsrc:40000040:3939BCECE7282AFF04EEBF510B4ED266:354304
  153.                 .reloc:42000040:F04128AD0F87F42830E4A6CDBC38C719:29184


  156. ----- C:\Users\Administrator\Desktop\20250206\3ed6391d2416f3ef8e1be5ba9da91b6870ab32b865e49b0cfeb3444028530cab.exe ---- General Suspicious
  157.         Malware.Heur.02014001.nn
  158.         Signature verification: False
  159.         MD5: BB84D9BACEC3D6B20B62FA4EDAC124D9:1183744
  160.         RIC: ADE056D1418AF506887208F87622D456:23424
  161.         SUBS: Win32 GUI
  162.         PE: x86
  163.         EP: E8C8D00000E97FFEFFFFCCCCCCCCCCCCCCCCCCCCCCCC57568B7424108B4C24148B7C240C8BC18BD103C63BFE76083BF80F82680300000FBA25FC414C00017307F3
  164.         EPSEC: 0
  165.         EPRVA: 0002800A
  166.         IBASE: 00400000
  167.         SEC:
  168.                 .text:60000020:310E36668512D53489C005622BB1B4A9:581632
  169.                 .rdata:40000040:F006AB74D3C653B5C5A6CC0C77A171A2:196096
  170.                 .data:C0000040:AAE9601D920F07080BDFADF43DFEFF12:20992
  171.                 .rsrc:40000040:E786872FFE0116F2DA4CDE7B5CA55D03:354816
  172.                 .reloc:42000040:F04128AD0F87F42830E4A6CDBC38C719:29184


  175. ----- C:\Users\Administrator\Desktop\20250206\1e12346e4000bfaebac977089464afeb82b3729a90bb6ffd66dde49b2da297e2.exe ---- General Suspicious
  176.         Malware.Heur.000120D1.nn
  177.         ProdVer: 1.0.2.0
  178.         FileVer: 1.0.2.0
  179.         Name: File Explorer DDT
  180.         Company: Microsoft Corp
  181.         Signature verification: False
  182.         Certificates: Simon Tatham
  183.         .NET TLID: {82516F76-CAEE-4F6F-942C-28969AC8C5A8}
  184.         .NET MVID: {ED5F58C5-0389-4FD2-A042-80E2F4DC2AE6}
  185.         NAC: 359393F95E37590F068A66F4C4BC1EF8:31
  186.         MD5: BA235B937AE46D29E5A624DBA20D804F:670216
  187.         RIC: C20212201970A66B2D4E7934AB64F686:16505
  188.         SUBS: Win32 GUI
  189.         PE: x86
  190.         EP: FF25002040000100000002000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
  191.         EPSEC: 0
  192.         EPRVA: 0009D96A
  193.         IBASE: 00400000
  194.         SEC:
  195.                 .text:60000020:D7E80DA7AF6D1FA4FA342BB976C102C4:637440
  196.                 .rsrc:40000040:D7863C7DC80DD52F984C02B922D49687:17920
  197.                 .reloc:42000040:84038369C862211D1E1528800F30F690:512


  200. ----- C:\Users\Administrator\Desktop\20250206\76a9a68e8da599c81f44d2a43fb4fe5e5e4d2e6c5881ccf775ecd665c16939d8.exe ---- General Suspicious
  201.         Malware.Heur.000120D1.nn
  202.         ProdVer: 1.0.2.0
  203.         FileVer: 1.0.2.0
  204.         Name: File Explorer DDT
  205.         Company: Microsoft Corp
  206.         Signature verification: False
  207.         Certificates: Simon Tatham
  208.         .NET TLID: {82516F76-CAEE-4F6F-942C-28969AC8C5A8}
  209.         .NET MVID: {5C432E28-92B0-4E63-9CE1-F49D4CA6C1E1}
  210.         NAC: 359393F95E37590F068A66F4C4BC1EF8:31
  211.         MD5: 725D50E3D1D33E570EFEF92C4F72DD1C:1073672
  212.         RIC: 0FA390C0605659B5D24F63FAE8D99A2D:3496
  213.         SUBS: Win32 GUI
  214.         PE: x86
  215.         EP: FF25002040000100000002000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
  216.         EPSEC: 0
  217.         EPRVA: 0010337A
  218.         IBASE: 00400000
  219.         SEC:
  220.                 .text:60000020:F301E862805141B8A8284840C848EBC7:1053696
  221.                 .rsrc:40000040:663EF7BF6AF30D685BE16243BF2D3C00:5120
  222.                 .reloc:42000040:4E0C5FC8AF7A1A067D2E5E6295F946F4:512


  225. ----- C:\Users\Administrator\Desktop\20250206\8051ece7900ddc446f774db64b71f9f3e4306237cd7c78df3cf02e5a79e544b7.exe ---- General Suspicious
  226.         Malware.Heur.02014001.nn
  227.         Signature verification: False
  228.         MD5: 6760C089CB5C1C301EFED9C6591B03B4:1057792
  229.         RIC: ADE056D1418AF506887208F87622D456:23424
  230.         SUBS: Win32 GUI
  231.         PE: x86
  232.         EP: E8C8D00000E97FFEFFFFCCCCCCCCCCCCCCCCCCCCCCCC57568B7424108B4C24148B7C240C8BC18BD103C63BFE76083BF80F82680300000FBA25FC414C00017307F3
  233.         EPSEC: 0
  234.         EPRVA: 0002800A
  235.         IBASE: 00400000
  236.         SEC:
  237.                 .text:60000020:310E36668512D53489C005622BB1B4A9:581632
  238.                 .rdata:40000040:F006AB74D3C653B5C5A6CC0C77A171A2:196096
  239.                 .data:C0000040:AAE9601D920F07080BDFADF43DFEFF12:20992
  240.                 .rsrc:40000040:431A65B8743A78409500C7473663A26C:228864
  241.                 .reloc:42000040:F04128AD0F87F42830E4A6CDBC38C719:29184


  244. ----- C:\Users\Administrator\Desktop\20250206\8a5c551c7701b750cc81d5da65960cf978239fdad4ad170600bfeaf48a590a20.exe ---- General Suspicious
  245.         Malware.Heur.02014001.nn
  246.         Signature verification: False
  247.         MD5: 6059965A49B03746A3E6BFCD27BE2CB3:1132544
  248.         RIC: 0FA390C0605659B5D24F63FAE8D99A2D:3496
  249.         SUBS: Win32 GUI
  250.         PE: x86
  251.         EP: E86E050000E97AFEFFFF558BEC56FF75088BF1E858000000C706F0FD49008BC65E5DC20400836104008BC183610800C74104F8FD4900C701F0FD4900C3558BEC56
  252.         EPSEC: 0
  253.         EPRVA: 00020577
  254.         IBASE: 00400000
  255.         SEC:
  256.                 .text:60000020:0A1473F3064DCBC32EF93C5C8A90F3A6:633856
  257.                 .rdata:40000040:C9CF2468B60BF4F80F136ED54B3989FB:195584
  258.                 .data:C0000040:53B9025D545D65E23295E30AFDBD16D9:18432
  259.                 .rsrc:40000040:11E71CECA3EC981B97573AF9BC87034D:253440
  260.                 .reloc:42000040:C68EE8931A32D45EB82DC450EE40EFC3:30208


  263. ----- C:\Users\Administrator\Desktop\20250206\8b903abd92011f515abe01bde91dbf27d2f8037e7712be038bf7bdad420b5e6e.exe ---- General Suspicious
  264.         Malware.Heur.000120D1.nn
  265.         ProdVer: 1.0.2.0
  266.         FileVer: 1.0.2.0
  267.         Name: File Explorer DDT
  268.         Company: Microsoft Corp
  269.         Signature verification: False
  270.         Certificates: Simon Tatham
  271.         .NET TLID: {82516F76-CAEE-4F6F-942C-28969AC8C5A8}
  272.         .NET MVID: {B99139F0-106D-45AF-A0B4-E3EFB6C3326D}
  273.         NAC: 359393F95E37590F068A66F4C4BC1EF8:31
  274.         MD5: A4C00C585C6A037EDE3648DC58B1895A:671752
  275.         RIC: C20212201970A66B2D4E7934AB64F686:16505
  276.         SUBS: Win32 GUI
  277.         PE: x86
  278.         EP: FF25002040000100000002000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
  279.         EPSEC: 0
  280.         EPRVA: 0009DFC2
  281.         IBASE: 00400000
  282.         SEC:
  283.                 .text:60000020:7ECA777ACE4A853E777D2E9D14177045:638976
  284.                 .rsrc:40000040:B83F0CF7DBD3EF132A59471B3EE55FA6:17920
  285.                 .reloc:42000040:9F6CBD7FDC4A837263C5039420D8C08A:512


  288. ----- C:\Users\Administrator\Desktop\20250206\a7ff3bcb0fd377e15f3f6ba5b3f24ce67079718c9418a58ae7dd14d790be5653.exe ---- General Suspicious
  289.         Malware.Heur.02014001.nn
  290.         Signature verification: False
  291.         MD5: FD8741C86553D70F88C825DE78CCEFF1:1026048
  292.         RIC: ADE056D1418AF506887208F87622D456:23424
  293.         SUBS: Win32 GUI
  294.         PE: x86
  295.         EP: E8C8D00000E97FFEFFFFCCCCCCCCCCCCCCCCCCCCCCCC57568B7424108B4C24148B7C240C8BC18BD103C63BFE76083BF80F82680300000FBA25FC414C00017307F3
  296.         EPSEC: 0
  297.         EPRVA: 0002800A
  298.         IBASE: 00400000
  299.         SEC:
  300.                 .text:60000020:310E36668512D53489C005622BB1B4A9:581632
  301.                 .rdata:40000040:F006AB74D3C653B5C5A6CC0C77A171A2:196096
  302.                 .data:C0000040:AAE9601D920F07080BDFADF43DFEFF12:20992
  303.                 .rsrc:40000040:302091B1392A14C7DFD34575C20D34C3:197120
  304.                 .reloc:42000040:F04128AD0F87F42830E4A6CDBC38C719:29184


  307. ----- C:\Users\Administrator\Desktop\20250206\b9369e4dffd8b713862fdeff58b6c7e64b9b9c96dd90a70069751ab051f60cb3.exe ---- General Suspicious
  308.         Malware.Heur.02014001.nn
  309.         Signature verification: False
  310.         MD5: D2582630D769B07B3DE6C2FE8D2B4E29:1181184
  311.         RIC: ADE056D1418AF506887208F87622D456:23424
  312.         SUBS: Win32 GUI
  313.         PE: x86
  314.         EP: E8C8D00000E97FFEFFFFCCCCCCCCCCCCCCCCCCCCCCCC57568B7424108B4C24148B7C240C8BC18BD103C63BFE76083BF80F82680300000FBA25FC414C00017307F3
  315.         EPSEC: 0
  316.         EPRVA: 0002800A
  317.         IBASE: 00400000
  318.         SEC:
  319.                 .text:60000020:310E36668512D53489C005622BB1B4A9:581632
  320.                 .rdata:40000040:F006AB74D3C653B5C5A6CC0C77A171A2:196096
  321.                 .data:C0000040:AAE9601D920F07080BDFADF43DFEFF12:20992
  322.                 .rsrc:40000040:64CBC064ED9A6361570E59E9992BBEE2:352256
  323.                 .reloc:42000040:F04128AD0F87F42830E4A6CDBC38C719:29184


  326. ----- C:\Users\Administrator\Desktop\20250206\bad55ab8c4ce39ff171bdbc3c86987d0b3b118aacf2ffcc38af811c739c64716.exe ---- General Suspicious
  327.         Malware.Heur.000120D1.nn
  328.         ProdVer: 2.0.0.781
  329.         FileVer: 2.0.0.781
  330.         Name: Adobe Reader
  331.         Company: Adobe Reader
  332.         Signature verification: False
  333.         Certificates: Simon Tatham
  334.         .NET TLID: {882B35BE-D781-4559-8015-3903B1AA2949}
  335.         .NET MVID: {69541239-D475-49DF-A623-54105730503C}
  336.         NAC: A243210FD075BE1A4F4D0FE060831652:24
  337.         MD5: 1933E7311EC3E4EAA36ACCF9AC774AF7:875016
  338.         RIC: C20212201970A66B2D4E7934AB64F686:16505
  339.         SUBS: Win32 GUI
  340.         PE: x86
  341.         EP: FF25002040000100000002000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
  342.         EPSEC: 0
  343.         EPRVA: 000CF806
  344.         IBASE: 00400000
  345.         SEC:
  346.                 .text:60000020:2C62F1BE6BA3CD1566F2C5B5B18FB7EF:842240
  347.                 .rsrc:40000040:ADB146A001ABB52F1B5505C2CA7226BC:17920
  348.                 .reloc:42000040:FBF76AD480794D64D361D0E2F2B855B2:512


  351. ----- C:\Users\Administrator\Desktop\20250206\dd6f942761571832b1fb1175983c8dab4c8a15f90654baba635e9b739a8e8454.exe ---- General Suspicious
  352.         Malware.Heur.02014001.nn
  353.         Signature verification: False
  354.         MD5: F6B4B23BBD96CC3533E7E9763611A63D:1182208
  355.         RIC: ADE056D1418AF506887208F87622D456:23424
  356.         SUBS: Win32 GUI
  357.         PE: x86
  358.         EP: E8C8D00000E97FFEFFFFCCCCCCCCCCCCCCCCCCCCCCCC57568B7424108B4C24148B7C240C8BC18BD103C63BFE76083BF80F82680300000FBA25FC414C00017307F3
  359.         EPSEC: 0
  360.         EPRVA: 0002800A
  361.         IBASE: 00400000
  362.         SEC:
  363.                 .text:60000020:310E36668512D53489C005622BB1B4A9:581632
  364.                 .rdata:40000040:F006AB74D3C653B5C5A6CC0C77A171A2:196096
  365.                 .data:C0000040:AAE9601D920F07080BDFADF43DFEFF12:20992
  366.                 .rsrc:40000040:65E61CCD98FB8F2E98BFD4C2AB1A23FF:353280
  367.                 .reloc:42000040:F04128AD0F87F42830E4A6CDBC38C719:29184


  370. ----- C:\Users\Administrator\Desktop\20250206\f732f0392878698cc5d43a9d8129c3b16eaa6cc4b50a79b548a32dde7a0456bc.exe ---- General Suspicious
  371.         Malware.Heur.02013081.nn
  372.         ProdVer: 5.15.2.0
  373.         FileVer: 5.15.2.0
  374.         Name: libGLESv2
  375.         Signature verification: False
  376.         NAC: 646883993ADCCE75152B8615873AFC53:9
  377.         MD5: 7F9578CAC30087F4675BBCB003ED8B5E:2384384
  378.         SUBS: Win32 GUI
  379.         PE: x86
  380.         EP: FF25002040000000000000000000000000005000000005000000010000005700000005000000010100005300000005000000110000005B00000005000000011000
  381.         EPSEC: 0
  382.         EPRVA: 002447EE
  383.         IBASE: 00400000
  384.         SEC:
  385.                 .text:60000020:FBE5E2C8685ABFBE2DD51E74A921ED55:2369536
  386.                 .sdata:C0000040:5B9610A3EDC3990646F72CF517CB44C1:12288
  387.                 .rsrc:40000040:ABD4A0CBCDE2DE55BCC3D293FF1A7051:1024
  388.                 .reloc:42000040:8C4F67A6EE4016F73F401688E329506D:512


  391. ----- C:\Users\Administrator\Desktop\20250206\f9778ecd7eb6b09e443fd83ab3616f8cf26a61de6f6334a9b7bda73515a63e4a.exe ---- General Suspicious
  392.         Malware.Heur.02014001.nn
  393.         Signature verification: False
  394.         MD5: 28C3ABC3A2773070489537086456866A:1165824
  395.         RIC: ADE056D1418AF506887208F87622D456:23424
  396.         SUBS: Win32 GUI
  397.         PE: x86
  398.         EP: E8C8D00000E97FFEFFFFCCCCCCCCCCCCCCCCCCCCCCCC57568B7424108B4C24148B7C240C8BC18BD103C63BFE76083BF80F82680300000FBA25FC414C00017307F3
  399.         EPSEC: 0
  400.         EPRVA: 0002800A
  401.         IBASE: 00400000
  402.         SEC:
  403.                 .text:60000020:310E36668512D53489C005622BB1B4A9:581632
  404.                 .rdata:40000040:F006AB74D3C653B5C5A6CC0C77A171A2:196096
  405.                 .data:C0000040:AAE9601D920F07080BDFADF43DFEFF12:20992
  406.                 .rsrc:40000040:9660C8B6CCA47B400323CECEBD4B51F0:336896
  407.                 .reloc:42000040:F04128AD0F87F42830E4A6CDBC38C719:29184


  410. ----- C:\Users\Administrator\Desktop\20250206\91d3b2493d058477ec9b0900d053977863ba26843fbfab5ea22a3607c230c9d1.exe ---- General Threat
  411.         Trojan.Downloader.cld
  412.         Signature verification: False
  413.         MD5: 556186095B75FDC2E64231C6E7DF0409:659810
  414.         RIC: 0E8777440EABB26133967AEB202738CB:3496
  415.         SUBS: Win32 GUI
  416.         PE: x86
  417.         EP: E8DC040000E978FEFFFFE98A460000558BEC83EC0C8D4DF4E8F2F6FFFF68081B43008D45F450E8150E0000CC558BEC8325A89246000083EC24830D74464300016A
  418.         EPSEC: 0
  419.         EPRVA: 00015DA0
  420.         IBASE: 00400000
  421.         SEC:
  422.                 .text:60000020:5F95F2E8421C747A2616D4A1DA8F9E79:163328
  423.                 .rdata:40000040:60C8A96CC48B2CD823DDFF898304FA91:43008
  424.                 .data:C0000040:03F78426CAF70F80F9A55CE17D58AB3A:4096
  425.                 .didat:C0000040:0DCBBA0D07753C12ED1425C5C2C14FE9:512
  426.                 .rsrc:40000040:69DB707E63B98AAB48ED6C3B2A47D72A:22528
  427.                 .reloc:42000040:5F6CC7F7FDA2003F158DDC15B314664F:10752


  430. ----- C:\Users\Administrator\Desktop\20250206\91d3b2493d058477ec9b0900d053977863ba26843fbfab5ea22a3607c230c9d1.exe\TTCOPY.bat ---- General Threat
  431.         Trojan.Downloader.cld
  432.         MD5: 9CB2717504731BE028FB5FA9C52CD6C0:808225


  435. ----- C:\Users\Administrator\Desktop\20250206\64b9f04e500e377972f23c923e678d2d3ec4aecc42d0634de4e09570b1d58d35.exe ---- General Threat
  436.         Trojan.Agent.cld
  437.         ProdVer: 1.0.0.0
  438.         FileVer: 1.0.0.0
  439.         Name: TlsAnalyzer
  440.         Company: Moserware
  441.         Signature verification: False
  442.         .NET TLID: {EC6F55E1-1D54-45C5-BFDC-A49FA3CF7F7D}
  443.         .NET MVID: {36BD0EBA-9B7D-483B-99CC-A9319BD8747A}
  444.         NAC: B763EAF745D72AA49EE43DAAF58A51E8:20
  445.         MD5: 7E31F4F040CEC802A5608CDD9B356F5C:998912
  446.         RIC: EE1793EECA8218A2DA577471C4C396CD:209740
  447.         SUBS: Win32 GUI
  448.         PE: x86
  449.         EP: FF2500204000020000000300000005000000070000000B0000000D0000001100000013000000170000001D0000001F00000025000000290000002B0000002F0000
  450.         EPSEC: 0
  451.         EPRVA: 000C12B2
  452.         IBASE: 00400000
  453.         SEC:
  454.                 .text:60000020:C8C960A067A7749FA6005DD841AFEA70:786432
  455.                 .rsrc:40000040:01918DC443BEA851D4C357C87D5CACC4:211456
  456.                 .reloc:42000040:77ABC0B01C614B5F7EF0638805E4AD44:512


  459. ----- C:\Users\Administrator\Desktop\20250206\2434aa78b46a3afc98fa6e888c3eb56278ba52b0ff800e7e875af9c2e7f9011a.exe ---- General Threat
  460.         Trojan.Kryptik.cld
  461.         ProdVer: 1.0.0.0
  462.         FileVer: 1.0.0.0
  463.         Name: PriceAndGraph
  464.         Signature verification: False
  465.         NAC: CEC666140C50D3B6E384A4A0A9F28FC9:13
  466.         MD5: 39FC5CA42BA5BD27BC0918F5424D1456:1155584
  467.         RIC: EE1793EECA8218A2DA577471C4C396CD:209740
  468.         SUBS: Win32 GUI
  469.         PE: x86
  470.         EP: FF25002040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
  471.         EPSEC: 0
  472.         EPRVA: 000E829E
  473.         IBASE: 00400000
  474.         SEC:
  475.                 .text:60000020:B702A22B01DA2F4FFFB278A65B4492B4:943104
  476.                 .rsrc:40000040:DA0D22E9EDE1F104BD8A73DFC3C9E7DB:211456
  477.                 .reloc:42000040:D76BDB5DF9A7D72E936245BF1BAC6D32:512


  480. ----- C:\Users\Administrator\Desktop\20250206\525f2589884ae16090ab53462f1cced21dc75af8c137b26b5652c6e7085a5d7b.exe ---- General Threat
  481.         Trojan.Packed.cld
  482.         ProdVer: 1.0.0.0
  483.         FileVer: 1.0.0.0
  484.         Name: QuanLyBanHang
  485.         Signature verification: False
  486.         .NET TLID: {B7622406-364D-46B9-AA7D-0ACE9AAAC7C3}
  487.         .NET MVID: {51BA162B-24F9-4D35-A06A-508140194794}
  488.         NAC: EFD2C9CF3011663149F01C42B2A156F3:13
  489.         MD5: B72B6D5821783D45E87F767574EB64FA:869888
  490.         RIC: 9D35D996F040EBC39CD5E223DDE6B7FF:4264
  491.         SUBS: Win32 GUI
  492.         PE: x86
  493.         EP: FF25002040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
  494.         EPSEC: 0
  495.         EPRVA: 000CD1BE
  496.         IBASE: 00400000
  497.         SEC:
  498.                 .text:60000020:CF20CD4DC6D81E81FB6713D89E7CCFEC:832000
  499.                 .rsrc:40000040:42CF0BA402EDBF0011C106FD37E3E7E9:36864
  500.                 .reloc:42000040:942130E95BBDF3F814DD9D6A2589E7BF:512


  503. ----- C:\Users\Administrator\Desktop\20250206\bcacf603de67f5c362796fa4f186755945251462c51febb8b335a752044abfce.exe ---- General Threat
  504.         Trojan.Downloader.cld
  505.         ProdVer: 1.5.9.0
  506.         FileVer: 1.5.9.0
  507.         Name: 自鳥自黽
  508.         Company: 至風自

  510.         Signature verification: False
  511.         .NET MVID: {CA344AA6-CFD4-4695-AC5E-465815B2EDA7}
  512.         NAC: 612198C5CF48779B024F4B9250F7ACD2:9
  513.         MD5: E183DEA50A037CBFBD272788B5A7AB77:796672
  514.         RIC: EA8F07867301C2C062E7366CBE5E67CF:209740
  515.         SUBS: Win32 GUI
  516.         PE: x64
  517.         EP: 4D5A90000300000004000000FFFF0000B800000000000000400000000000000000000000000000000000000000000000000000000000000000000000800000000E
  518.         SEC:
  519.                 .text:60000020:1134339B2163961488264E6B64B72170:583680
  520.                 .rsrc:40000040:F6432EBA531B84267D94B4F2D8DF9C5A:212480


  523. Scan completed

  525. Scan result:         24 detected items
  526. Scan completed in:   Scan completed in 4 seconds.
  527. Files were scanned:  99
复制代码

回复

举报

sdcjchnws
发表于 2025-2-7 14:01:14 | 显示全部楼层
Fadouse 发表于 2025-2-6 16:41
DI + S1 Kill All

解压 DI 49x + SI 45x (有重复)

学习学习
回复

举报

yaokai815
发表于 2025-2-7 17:29:19 | 显示全部楼层
瑞星 实际49x

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

早上起来不刷牙
发表于 2025-2-7 18:01:49 | 显示全部楼层
aikafans 发表于 2025-2-6 17:36
这是那个版本,还有dg,fs不是被小红伞夺舍了么

感觉FS被Gen吞并不远了,除了俄系,感觉只有ESET可以笑到最后。没准咖啡也被Gen并吞。
回复

举报

aikafans
发表于 2025-2-7 18:03:47 | 显示全部楼层
早上起来不刷牙 发表于 2025-2-7 18:01
感觉FS被Gen吞并不远了,除了俄系,感觉只有ESET可以笑到最后。没准咖啡也被Gen并吞。

笑死,还有中系
回复

举报

momli
发表于 2025-2-7 20:44:56 | 显示全部楼层
jijianan2007 发表于 2025-2-6 18:18
华为  
之前没升级病毒库,重新测试,解压剩11,右键4X,剩7

华为标注的灰色软件都是只能扫描出来,不监控也不拦截的
回复

举报

龙渊明
发表于 2025-2-8 15:48:54 | 显示全部楼层
江民发现处理43个
回复

举报

ii88
发表于 2025-2-8 19:22:46 | 显示全部楼层
一共有53个样本

EIS: 清空

360企业安全云:清空

扫描时间:2025年2月8日19:22
回复

举报

xmt12
发表于 2025-2-9 17:29:52 | 显示全部楼层
严重迟到
自制 all
  1. XAS扫描日志
  2. 扫描开始时间:2025/2/9 17:28:49

  4. 主程序版本:3.2.2(Beta) 病毒库版本:1815(2025.2.4)
  5. 特征库个数:18602
  6. 黑md5个数:2338118
  7. 白md5个数:150545

  9. 危险文件:
  10. ---------

  12. D:/用户文件/2/桌面/20250206\0015982786a716d0947095950df915cb8c7c4ef7fa7e48fc3ad22fdca6afeed7.exe[XAS本地机学引擎][ML/Generic(1.0)]
  13. D:/用户文件/2/桌面/20250206\06f5012aaf05a5d9aefec7a060851cf3d7ddce0220cc09b30cd87d10d69ba554.exe[XAS本地机学引擎][ML/Generic(0.98)]
  14. D:/用户文件/2/桌面/20250206\0da059f9da29bbfeb0f5fe232e2dac13d1e2a3174e327d2cbb540a50eca72aed.exe[XAS本地机学引擎][ML/Generic(1.0)]
  15. D:/用户文件/2/桌面/20250206\142d4fe66ef8acb376f52ae33ec869d8782a4e63f9c92a6a20011dc9cd8f215f.exe[XAS本地机学引擎][ML/Generic(0.98)]
  16. D:/用户文件/2/桌面/20250206\19478a15efa45981ccec619c3ebe95f31d3428e42f852d0165c801bad61ed239.exe[XAS本地机学引擎][ML/Generic(1.0)]
  17. D:/用户文件/2/桌面/20250206\1e12346e4000bfaebac977089464afeb82b3729a90bb6ffd66dde49b2da297e2.exe[XAS特征引擎][Win32/TrojanDropper.Agent]
  18. D:/用户文件/2/桌面/20250206\2434aa78b46a3afc98fa6e888c3eb56278ba52b0ff800e7e875af9c2e7f9011a.exe[XAS本地机学引擎][ML/Generic(0.99)]
  19. D:/用户文件/2/桌面/20250206\2ad37bc26f5a184e15ff4296c556b9c506919403e2a8fb2ba44f467e3c63d9ba.exe[ANK云引擎][Win64/Trojan.Agent.B!ml]
  20. D:/用户文件/2/桌面/20250206\2ce2b5ae44364fe9c1f5b46600d3baeffb769dea1dc9b25fcd5a9ab747f417e6.exe[XAS本地机学引擎][ML/Generic(1.0)]
  21. D:/用户文件/2/桌面/20250206\31dd67c25cb99830d6df7e63abee058598eed026076acd4a659fed12fd8647ef.exe[XAS本地机学引擎][ML/Generic(0.98)]
  22. D:/用户文件/2/桌面/20250206\3cc81a067f9cc55dfa9c727e0d75b775d6f920fe245cbdf134fe9a1933a83006.exe[XAS本地机学引擎][ML/Generic(0.97)]
  23. D:/用户文件/2/桌面/20250206\3ed6391d2416f3ef8e1be5ba9da91b6870ab32b865e49b0cfeb3444028530cab.exe[XAS本地机学引擎][ML/Generic(1.0)]
  24. D:/用户文件/2/桌面/20250206\471069591438089c87fa9540e0d50b6a8fc0ca00bffd4ac4a2d7a9b4b96755f7.vbs[文档查杀引擎][virus.5]
  25. D:/用户文件/2/桌面/20250206\5021d9ce50b55cd91d7b54f65618aefb5e1c8163910f3e24a05ec3c3febb6d55.exe[XAS特征引擎][Win32/TrojanDropper.Agent]
  26. D:/用户文件/2/桌面/20250206\525f2589884ae16090ab53462f1cced21dc75af8c137b26b5652c6e7085a5d7b.exe[XAS特征引擎][Win32/TrojanDropper.Agent]
  27. D:/用户文件/2/桌面/20250206\5b40169c958b75d6080cc8e7fabcf81ac3d87ea0a3254d6ad2c95c158fa91aa2.exe[XAS本地机学引擎][ML/Generic(0.98)]
  28. D:/用户文件/2/桌面/20250206\5b72ed928f8a9e98082f9d22d1966a0bfea8222c51041311a6ab5b1339c8f95c.exe[XAS特征引擎][Win32/TrojanDropper.Agent]
  29. D:/用户文件/2/桌面/20250206\5e95fb52da2144a06a66a593a6f12877108ebcdeb69f8f60ad010831d4fce1eb.exe[XAS本地机学引擎][ML/Generic(0.98)]
  30. D:/用户文件/2/桌面/20250206\64b9f04e500e377972f23c923e678d2d3ec4aecc42d0634de4e09570b1d58d35.exe[XAS本地机学引擎][ML/Generic(0.99)]
  31. D:/用户文件/2/桌面/20250206\659f55fe8c0a69b0f6c6440a777b409af34a8206613f7ed31b2b26cd821da339.exe[XAS本地机学引擎][ML/Generic(1.0)]
  32. D:/用户文件/2/桌面/20250206\76a9a68e8da599c81f44d2a43fb4fe5e5e4d2e6c5881ccf775ecd665c16939d8.exe[XAS本地机学引擎][ML/Generic(0.97)]
  33. D:/用户文件/2/桌面/20250206\78320f7a37d22d4c8c4c6be7c24e8cc3ae65775fdf5e4727fd2d72f5235c11bd.exe[XAS本地机学引擎][ML/Generic(0.98)]
  34. D:/用户文件/2/桌面/20250206\7b22146eee5a371ce9239829ddb6d6d5f6166e93640a15eeebaf1e54ac1ce5d3.exe[XAS特征引擎][Win32/TrojanDropper.Agent]
  35. D:/用户文件/2/桌面/20250206\8051ece7900ddc446f774db64b71f9f3e4306237cd7c78df3cf02e5a79e544b7.exe[XAS本地机学引擎][ML/Generic(1.0)]
  36. D:/用户文件/2/桌面/20250206\858361d80e3506a51c3d5e071358a675a6b4baa5d17b7818f38012fd79054d9d.js[文档查杀引擎][virus.4]
  37. D:/用户文件/2/桌面/20250206\8a5c551c7701b750cc81d5da65960cf978239fdad4ad170600bfeaf48a590a20.exe[XAS本地机学引擎][ML/Generic(1.0)]
  38. D:/用户文件/2/桌面/20250206\8b903abd92011f515abe01bde91dbf27d2f8037e7712be038bf7bdad420b5e6e.exe[XAS本地机学引擎][ML/Generic(0.96)]
  39. D:/用户文件/2/桌面/20250206\91d3b2493d058477ec9b0900d053977863ba26843fbfab5ea22a3607c230c9d1.exe[XAS特征引擎][Win32/Trojan.Generic.4F05627c]
  40. D:/用户文件/2/桌面/20250206\92f6167d4a5a568418c7439917b262922745f536b091f9b6d059ca7b4475d6cd.exe[XAS本地机学引擎][ML/Generic(0.98)]
  41. D:/用户文件/2/桌面/20250206\96a5c614e3d6ca0b4e9d97eac352937a626aad34b59ffa2d0fd6dfc524851a58.xls[压缩包引擎][script.virus.1]
  42. D:/用户文件/2/桌面/20250206\994854c28e40e16874b726f21d183fa9209796321eff16fce8f638a7715d4c01.exe[XAS本地机学引擎][ML/Generic(0.99)]
  43. D:/用户文件/2/桌面/20250206\a4d39660a978aa8048a69976961c55bb0149263bae3b6b844ebc2bb7f5eef772.xls[压缩包引擎][script.virus.1]
  44. D:/用户文件/2/桌面/20250206\a7ff3bcb0fd377e15f3f6ba5b3f24ce67079718c9418a58ae7dd14d790be5653.exe[XAS本地机学引擎][ML/Generic(0.99)]
  45. D:/用户文件/2/桌面/20250206\abe93daba48054bb205b1d93b2c63886ce3696453f2c43e89f3508e3e9cb515e.exe[XAS本地机学引擎][ML/SliverFox(1.0)]
  46. D:/用户文件/2/桌面/20250206\b1d51bc9c016f36486682366f537633a12b95e16e68d7fc184f7a9bf9a48a811.exe[XAS本地机学引擎][ML/Generic(0.98)]
  47. D:/用户文件/2/桌面/20250206\b9369e4dffd8b713862fdeff58b6c7e64b9b9c96dd90a70069751ab051f60cb3.exe[XAS本地机学引擎][ML/Generic(1.0)]
  48. D:/用户文件/2/桌面/20250206\bad55ab8c4ce39ff171bdbc3c86987d0b3b118aacf2ffcc38af811c739c64716.exe[XAS本地机学引擎][ML/Generic(0.97)]
  49. D:/用户文件/2/桌面/20250206\bb5414b3b9d636e081ef58e16f74b041a3eb30ec5eb4a4235fe46972eba0c519.exe[XAS本地机学引擎][ML/Generic(0.98)]
  50. D:/用户文件/2/桌面/20250206\bcacf603de67f5c362796fa4f186755945251462c51febb8b335a752044abfce.exe[ANK云引擎][Win64/Trojan.Agent.B!ml]
  51. D:/用户文件/2/桌面/20250206\c0248e47689da35393fae3dfefbf7256caeafe4f79a4e3bb6683cd5315cb9ea4.exe[XAS本地机学引擎][ML/SliverFox(1.0)]
  52. D:/用户文件/2/桌面/20250206\c76072f42ba97861b01655026250c0920a3856a191144601e061318346e75e1b.exe[XAS本地机学引擎][ML/Generic(0.98)]
  53. D:/用户文件/2/桌面/20250206\cb628a93ce3d454a17ac6653105550a7bd4af78195293640d270977ddd6a855d.exe[XAS本地机学引擎][ML/Generic(0.98)]
  54. D:/用户文件/2/桌面/20250206\d1492c1b794e9e2825ab8c8dc030b73b18abe9b0c56a563edda6c9cb82921dfd.exe[XAS本地机学引擎][ML/Generic(0.99)]
  55. D:/用户文件/2/桌面/20250206\db1ac4c87efc64076e9cf93ec1581f73feea43ce6fdb7113101cf287a5968e80.exe[XAS本地机学引擎][ML/Generic(0.98)]
  56. D:/用户文件/2/桌面/20250206\dc2a6daa79ab9f53ed4e4f300ca60197d7a2e52cddb6a721ddac5a6c89eb2781.exe[XAS本地机学引擎][ML/Generic(0.98)]
  57. D:/用户文件/2/桌面/20250206\dd6f942761571832b1fb1175983c8dab4c8a15f90654baba635e9b739a8e8454.exe[XAS本地机学引擎][ML/Generic(1.0)]
  58. D:/用户文件/2/桌面/20250206\e211c49ddf8d6e76094e69624ac9339a07b3c210af780c125ff924833d227969.exe[XAS本地机学引擎][ML/Generic(0.96)]
  59. D:/用户文件/2/桌面/20250206\e9a1f5e4de3dfdf6cbd66863a6fa6a638cce8fa9555991756820b5af48682c79.exe[XAS本地机学引擎][ML/Generic(0.98)]
  60. D:/用户文件/2/桌面/20250206\ece85809d230590363da74db6749fccdcc80dbd3f47359e478db0c4e0d6e3010.exe[XAS本地机学引擎][ML/Generic(1.0)]
  61. D:/用户文件/2/桌面/20250206\f6093a0d468e3cd2df9b2563336ccbd3b5783e8c06c52e296770fc31fe5257f4.exe[XAS本地机学引擎][ML/Generic(0.98)]
  62. D:/用户文件/2/桌面/20250206\f732f0392878698cc5d43a9d8129c3b16eaa6cc4b50a79b548a32dde7a0456bc.exe[XAS本地机学引擎][ML/Generic(1.0)]
  63. D:/用户文件/2/桌面/20250206\f7b61d74ed091d52a93af97e15333b59cec299e026647c58830ccf0baf3d9c91.exe[XAS本地机学引擎][ML/Generic(1.0)]
  64. D:/用户文件/2/桌面/20250206\f9778ecd7eb6b09e443fd83ab3616f8cf26a61de6f6334a9b7bda73515a63e4a.exe[XAS本地机学引擎][ML/Generic(1.0)]

  66. 总文件数:53
  67. 病毒文件个数:53
  68. 查杀率:100.0%
  69. 扫描结束时间:2025/2/9 17:29:02
复制代码
回复

举报

下一页 »
12345下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-5-9 10:24 , Processed in 0.108958 second(s), 15 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表