收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 【开放测试】卡饭病毒样本包 20250405 第273期
123下一页
返回列表 发新帖
查看: 2273|回复: 26
收起左侧

[病毒样本] 【开放测试】卡饭病毒样本包 20250405 第273期

  [复制链接]
zhuzhu009
发表于 2025-4-5 17:17:19 | 显示全部楼层 |阅读模式
本帖最后由 zhuzhu009 于 2025-4-5 22:48 编辑

警告:
  本主题帖中包含的文件和附件可能对计算机造成潜在危害。虽然没有任何安全软件能够做到100%防护,但这些样本仅供测试、交流与学习使用,严禁用于非法用途。
  请注意,所有样本均为真实威胁,具有严重的危害性。在没有适当安全防护的情况下,请勿随意保存、打开或执行这些样本。建议在虚拟机环境中进行测试,以确保计算机安全。对于任何下载、打开样本或点击附件链接导致的个人数据泄露、系统破坏或其他损失,发布者及卡饭论坛不承担任何责任。

当前测试阶段:开放测试

文件信息:
  • 文件名称:20250405.7z (蓝奏云20250405.zip 20250405(2).zip 20250405(3).zip,本期压缩包文件较大,从蓝奏云下载的坛友们麻烦下载三个压缩包解压完共147个文件进行测试)
  • 样本数量:147
  • 压缩包密码:infected
下载链接:
文件信息:
  • SHA256(20250405.7z): 5712DA92560CD0DDB01CDC5830C4FA895CC9F621FBCA416082058EB2C25640E5
  • SHA256(20250405.zip): 92D938C3A9D0700D2EE0898B7081DAC75BE6DDED191567A6020041F785F0E894
  • SHA256(20250405(2).zip):  894FA4B6793B1F47AB9FA651A2CF78CDF11332F994DE3F339746A6E9C49719AE
  • SHA256(20250405(3).zip):  530C1313DC6D08F688274194C0858A941BE60FAF0DCDDCB320EEAE2444FE5CA5
注意:扫描/双击日志请以附件形式(压缩包)或图片上传,也可以 以1号字体在回复中。         
          对于日志过长以至于影响会员刷帖/回帖体验的回复,管理人员有权进行屏蔽处理。

若样本中包含 .ps1(Powershell脚本)文件,请手动打开 cmd.exe,输入以下命令以允许运行脚本:
powershell
Powershell.exe Set-ExecutionPolicy Bypass
回复

举报

zhuzhu009
 楼主| 发表于 2025-4-5 17:18:55 | 显示全部楼层
本帖最后由 zhuzhu009 于 2025-4-5 17:20 编辑

2345 74/147

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

wywt123
发表于 2025-4-5 17:20:28 | 显示全部楼层
本帖最后由 wywt123 于 2025-4-5 17:32 编辑

ESSP扫描
144/147

  1. C:\Users\admin\Downloads\20250405\f516f567dbc6fcd2d2cfa614503022f0dee6ecf7014796b7ba8945eecf02314e.exe - a variant of MSIL/Kryptik.ANLR trojan - cleaned by deleting [1]
  2. C:\Users\admin\Downloads\20250405\49bfd2be701160cafa6dffbe83c213f412f7395015321ee8e6e617fd2b5cbe17.exe - a variant of MSIL/Kryptik.ANLR trojan - cleaned by deleting [1]
  3. C:\Users\admin\Downloads\20250405\f5d4ecb46754581dda72a594c4edbd534fab3080ebb0d6289d5ac59274d98757.xlsx » ZIP » xl/embeddings/ZGiQ26.sJf - probably a variant of Win32/Exploit.CVE-2017-11882.C trojan - cleaned by deleting [1]
  4. C:\Users\admin\Downloads\20250405\651b121dd1f5a8f6d54cf5debe36e8da4a4a3724ddf6295c4bf82fbf482e933c.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  5. C:\Users\admin\Downloads\20250405\d5557ba02ea037c307ee86750152ec257504eb8d42e110f6a7ab8918c3807404.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  6. C:\Users\admin\Downloads\20250405\d802bdaad6713549b5098d3545e07794900869c01a68024a1282fea74d40c4a3.lnk - a variant of Generik.GKCAXIO trojan - cleaned by deleting [1]
  7. C:\Users\admin\Downloads\20250405\03dd7158ef044b8d9c4016911e5fcb8684f89de687ce9731b70a10f2cb44dce0.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  8. C:\Users\admin\Downloads\20250405\873c186d0819be9542ecba64b0889862549a4bf7e455430169fc9cc92e78774b.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  9. C:\Users\admin\Downloads\20250405\d81c269cfa39fea3cf59e415ef82cf85d80a65724ad8da2ec1044db1a66448fa.exe - a variant of MSIL/Kryptik.ANLQ trojan - cleaned by deleting [1]
  10. C:\Users\admin\Downloads\20250405\6736fc5910c521c3b94093d44f0b8774b32c579a354fd2d850bd686766b0b696.exe - a variant of Win64/Kryptik.EZW trojan - cleaned by deleting [1]
  11. C:\Users\admin\Downloads\20250405\f61c8efcebfa32b872c6eaedc9f0a81361b4fa153813397b6bb02933df743173.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  12. C:\Users\admin\Downloads\20250405\f8ceccd87798a4b31601e8823445b9e752fd89e338067b163c600ec18cc9e299.exe - a variant of MSIL/Kryptik.ANLR trojan - cleaned by deleting [1]
  13. C:\Users\admin\Downloads\20250405\4afb18f881628067e66c23f07122e8f0c69783489e8a87ad71be8de8e4568323.exe - a variant of Win64/Kryptik.EZW trojan - cleaned by deleting [1]
  14. C:\Users\admin\Downloads\20250405\4cc83912f14735eec48d616f7a95fdd0958a2d550af2174b60d3a65683e92881.exe - a variant of MSIL/TrojanDownloader.Agent.OXE trojan - cleaned by deleting [1]
  15. C:\Users\admin\Downloads\20250405\05853ab866911012e8ad1d35c505b8fc4ba23a115e2e62d8d0599cd0a916b6cd.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  16. C:\Users\admin\Downloads\20250405\4cea2d681b946622831d5aabe52bea6be9a92dd70a1725f4f21c7af87bc30b8d.exe - a variant of Generik.JEVLYXP trojan - cleaned by deleting [1]
  17. C:\Users\admin\Downloads\20250405\875d95e3ed95ae2467a2a223194637a9306785783bcce0cc7a2679867f806b34.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  18. C:\Users\admin\Downloads\20250405\db7ccfc9653942ec840e7dea1b50833bc589a03639c44eda845a36c0649f7211.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  19. C:\Users\admin\Downloads\20250405\675c01958ebfb4ce5df0135eb92ea5024e626ef6723f85a1502746692f7a6da6.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  20. C:\Users\admin\Downloads\20250405\dc05281f41c484d4e15e5d816412c094600f59cab2d87b5b0b0a4991c9ec58db.exe - a variant of MSIL/Kryptik.ANLF trojan - cleaned by deleting [1]
  21. C:\Users\admin\Downloads\20250405\b18d7d3209638e028b0c9cbf70c22572114af54d0735337303493974a6eceded.exe - a variant of Win64/Packed.Themida.GP trojan - cleaned by deleting [1]
  22. C:\Users\admin\Downloads\20250405\b4c4b2b0a514d17c26f77c119ddb4c4aeaa47cc059e588c387f710fdfd04da13.msi - a variant of Generik.FISKCVM trojan - cleaned by deleting [1]
  23. C:\Users\admin\Downloads\20250405\215958698c0cbab3e11db9367da8b17b5a04180f049421951b316723bccf92b7.exe - a variant of Win64/Packed.Themida.GP trojan - cleaned by deleting [1]
  24. C:\Users\admin\Downloads\20250405\21c21074764dd9a042a0a078df07f21dd1837f955d14e491caa523064be99866.lnk - LNK/TrojanDownloader.Agent.BKJ trojan - cleaned by deleting [1]
  25. C:\Users\admin\Downloads\20250405\4d80730f413e534d7a5fb13d35e818f94cfbd4b24f4f58d379a8bf6465433b00.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  26. C:\Users\admin\Downloads\20250405\502efda7464100a47d48e9fff2812bfee072050135146182390ce1a47ba808c8.exe » WINRARSFX » ssisd.sys - a variant of Win32/GenCBL.FRW trojan - cleaned by deleting [1]
  27. C:\Users\admin\Downloads\20250405\8877571b78eb99aef64fc456327e673b83372f3c1c66ecdd62f192c1a7395a05.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  28. C:\Users\admin\Downloads\20250405\f9abce5749d483945c618cec81e1ca53224d25e62fb93be59de4f12e25a8861b.exe » AUTOIT » script.bin - a variant of Win32/Injector.Autoit.GYP trojan - cleaned by deleting [1]
  29. C:\Users\admin\Downloads\20250405\8ebf352075198c36db7e6fbdf94a4eaf5050bb88436832ffb27cf254111365ec.exe - MSIL/PureCrypter.A trojan - cleaned by deleting [1]
  30. C:\Users\admin\Downloads\20250405\fb68ecc763b52eb309d5133015ce88b89f151b7cd72ef05a876f0775cc66c9f1.exe - a variant of MSIL/Kryptik.ANLF trojan - cleaned by deleting [1]
  31. C:\Users\admin\Downloads\20250405\6befd8c38bf5c92ad55e75d891b2be497d9df2b517e17a350e0cb9f08b8b65f2.ps1 - PowerShell/Kryptik.JK trojan - cleaned by deleting [1]
  32. C:\Users\admin\Downloads\20250405\ddad9307f926eb50a91c42779e54a27b21647c8b0dcc339c8878f78782d39dab.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  33. C:\Users\admin\Downloads\20250405\fdeb577d33564e951a3202b64fd9fccc9f5a90ae07af41aeb12ec4208e754eff.exe - a variant of MSIL/Kryptik.ANLK trojan - cleaned by deleting [1]
  34. C:\Users\admin\Downloads\20250405\224ba7eb3a3d9c3d61e2abf17014f1e1bd997ac16fa41ff6443d4f0ff0c7ca79.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  35. C:\Users\admin\Downloads\20250405\ffe6f62b8e76fb8be1498e403941406a0f6a4dea8816878c27c031c78ca44045.ps1 - PowerShell/TrojanDownloader.Agent.LTG trojan - cleaned by deleting [1]
  36. C:\Users\admin\Downloads\20250405\b5d322b0252466b6e56b1a7de3d5a7abe9e65f0d1500cce7b9e861e76425edc5.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  37. C:\Users\admin\Downloads\20250405\de40aecca78b4b28cf34a5c81af66dd6ffa0d567dc5765f79e105535b9ce13fa.exe - a variant of MSIL/Spy.Agent.CCY trojan - cleaned by deleting [1]
  38. C:\Users\admin\Downloads\20250405\239a3496b335a2afc5fa594b93b3891a01c216f356bc747fc4cc2b6923dbe873.exe - Win32/Formbook.AA trojan - cleaned by deleting [1]
  39. C:\Users\admin\Downloads\20250405\dfb0db27f0d9578bf93112b2ca393fa585a0d9ac42fa9077fb9bb9a1e4312254.exe - Suspicious Object - cleaned by deleting [1]
  40. C:\Users\admin\Downloads\20250405\50c84a9e1a2e299f659470e9f56258e462226158e949d8c834faafa250f6e2e7.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  41. C:\Users\admin\Downloads\20250405\0b860a73446e43e7d0a40ba3834a3e67eb38d5d0a606c2ad506a523902b302a8.msi » MSI » cab1.cab » CAB » AudioGenie3 - a variant of Win32/TrojanDownloader.Rugmi.AQI.gen trojan - action selection postponed until scan completion
  42. C:\Users\admin\Downloads\20250405\0ba336f1f203476bbbe192e4bc9d6cb5fe2c0fc7f8bc044f2e6507588e9e5f21.exe - a variant of MSIL/Spy.Agent.CCY trojan - cleaned by deleting [1]
  43. C:\Users\admin\Downloads\20250405\6fa1674305273612ebe2f8cd4b20a3fba8dc330c49071382bd3468e102c25898.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  44. C:\Users\admin\Downloads\20250405\b8a3e996398fb26ef8050911baefffc55e9787668fa1bb97b2a9c7567e57cb6c.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  45. C:\Users\admin\Downloads\20250405\24622a7d27cc4bd9869c72f3ab844c200e61428d7d1c9109505e04a12a3f0321.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  46. C:\Users\admin\Downloads\20250405\bdb832e0c187f04d6c849b4a2c7626774f45b52e5cc19ece4029b4258c1dc425.exe - a variant of MSIL/PSW.CoinStealer.CC trojan - cleaned by deleting [1]
  47. C:\Users\admin\Downloads\20250405\beae223bc530233953dbee63b415de5d06a80658a8f3ca3402790588369c5521.exe - a variant of MSIL/TrojanDownloader.Agent.OXE trojan - cleaned by deleting [1]
  48. C:\Users\admin\Downloads\20250405\73bc439d5f5553e377bf6189bd07eb9e519e99ba78058c2f58b226e13bb1fa3f.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  49. C:\Users\admin\Downloads\20250405\29285737ad299b4249728076472ec13e92ed42dcfb0684bf453b55724ddaca89.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  50. C:\Users\admin\Downloads\20250405\2a153c696c72835438a77ab444064108297de7d8a3b8ad5f7f4ffec2a8dbec64.vbs - PowerShell/TrojanDownloader.Agent.LOQ trojan - cleaned by deleting [1]
  51. C:\Users\admin\Downloads\20250405\0c6b85162fdbb62e82e6b02a09a519ef21d29fe88884d37464a692db04b4b2c3.exe - a variant of Win64/Kryptik.EZW trojan - cleaned by deleting [1]
  52. C:\Users\admin\Downloads\20250405\beb67696e65836be8d748208e80e9760bb278927dc0b9e283dbe8f894062b769.exe » NUITKA » Test1.exe - a variant of Python/Packed.Nuitka.Y suspicious application - cleaned by deleting [1]
  53. C:\Users\admin\Downloads\20250405\7744c24650c3210f4510b05128c3b6dfdcd6b6f9de9e6c3ce72df0f0f10550b5.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  54. C:\Users\admin\Downloads\20250405\2b24d2f8714df24eed32c06c340e699b391452149b23bed5c3de8e03f5604b0e.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  55. C:\Users\admin\Downloads\20250405\e682c8222f3a68109482061e9591a307512e2cf9c1149ce771eb2f89898b3a6c.exe » CAB » L6I13.exe » CAB » 1U31H7.exe - a variant of Win32/Packed.Themida.HZB trojan - deleted
  56. C:\Users\admin\Downloads\20250405\e682c8222f3a68109482061e9591a307512e2cf9c1149ce771eb2f89898b3a6c.exe » CAB » L6I13.exe » CAB » 2p7021.exe - a variant of Win32/Packed.Themida.HZB trojan - deleted
  57. C:\Users\admin\Downloads\20250405\e682c8222f3a68109482061e9591a307512e2cf9c1149ce771eb2f89898b3a6c.exe » CAB » 3n03B.exe - a variant of Win32/Packed.Themida.HZB trojan - deleted
  58. C:\Users\admin\Downloads\20250405\e6d9317a45af9f3787af9f7adb551ead57ee20128b62c1773f1cf67b82e6a0ee.hta - JS/Obfuscated.BD trojan - cleaned by deleting [1]
  59. C:\Users\admin\Downloads\20250405\0ce4c49051780f81577bc212eb9d91649cde134e1e0e1a357bb908095bf1d88d.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  60. C:\Users\admin\Downloads\20250405\bf8552047caf21ebb7ac56b721ef51c094d734caae091ac7620140f382a9098f.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  61. C:\Users\admin\Downloads\20250405\0d41f9eafa2285d119ac475838ebfb5bed9d2044f70b05eaddc12032c92b442c.exe - a variant of MSIL/PSW.Agent.SZC trojan - cleaned by deleting [1]
  62. C:\Users\admin\Downloads\20250405\0d62d747e100c43768e04fab1d004d3600ff4b0374cd4d587c2c272d90018af6.msi - a variant of Generik.MRBPESH trojan - cleaned by deleting [1]
  63. C:\Users\admin\Downloads\20250405\0ddb41d167fe62c5a1ccf2a783d27a54c38f68d0466c41d6b84ba2b78746b538.js - JS/TrojanDownloader.Agent.ACHM trojan - cleaned by deleting [1]
  64. C:\Users\admin\Downloads\20250405\14ba8ae66ed1432adbcc5960be437b826af7ffb9eacde05f97cce176a3dd1b1b.js - a variant of Generik.CSJKMLZ trojan - cleaned by deleting [1]
  65. C:\Users\admin\Downloads\20250405\7793237d4e52930b39b79c02b5c944ea09527671ab56c8a54ebfb26d0f025aac.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  66. C:\Users\admin\Downloads\20250405\902f1e81110fb34df7d07507c3d018280d036416b3c7899fc5bf9b2c1098c8ce.exe » CAB » B5u84.exe » CAB » 1h69x1.exe - a variant of Win32/Packed.Themida.HZB trojan - deleted
  67. C:\Users\admin\Downloads\20250405\902f1e81110fb34df7d07507c3d018280d036416b3c7899fc5bf9b2c1098c8ce.exe » CAB » B5u84.exe » CAB » 2J3708.exe - a variant of Win32/Packed.Themida.HZB trojan - deleted
  68. C:\Users\admin\Downloads\20250405\902f1e81110fb34df7d07507c3d018280d036416b3c7899fc5bf9b2c1098c8ce.exe » CAB » 3S26l.exe - a variant of Win64/Packed.Themida.GP trojan - deleted
  69. C:\Users\admin\Downloads\20250405\2d7b495cf18ed022df7275c70850e376f17faa38011f075ea0860f37749cfbf2.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  70. C:\Users\admin\Downloads\20250405\95d59972e5a71cfbddafcea7618c80ded4462116ea468b943b9ff722a3176216.exe - MSIL/Spy.Agent.AES trojan - cleaned by deleting [1]
  71. C:\Users\admin\Downloads\20250405\96b39fd519526d491e588854607ddf4a5c6fa4535c1bc43befa60b6f87490f37.vbs - PowerShell/TrojanDownloader.Agent.GEI trojan - cleaned by deleting [1]
  72. C:\Users\admin\Downloads\20250405\ea186d0a7922a9cd82e3c87f054814c319574aa9aa745f4569121ff04244558a.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  73. C:\Users\admin\Downloads\20250405\c14af7d2ec582bc42e00996d6646c59af2d507ff3c0dad1c04c266490f12805d.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  74. C:\Users\admin\Downloads\20250405\eaa1ceca2b48b55aeb52f5b77afc3dc76e0af474b24704a29953ebed2380fc89.exe - a variant of Win32/Formbook.AA trojan - cleaned by deleting [1]
  75. C:\Users\admin\Downloads\20250405\78ea62b28c6e068dcfcab6fe8c5bd980fb13621498b5a21314d5dbf48d5cbf08.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  76. C:\Users\admin\Downloads\20250405\15631eaa45eca40490ed6fcf3001287824b35299568e1c902710f5e45bfc83d2.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  77. C:\Users\admin\Downloads\20250405\53e8c48f5b39749b79c4f720e79d0693dacfd947254c3cf2c2f073ba03df4f98.exe » CAB » X0n69.exe » CAB » 1G16k9.exe - a variant of Win32/Packed.Themida.HZB trojan - deleted
  78. C:\Users\admin\Downloads\20250405\53e8c48f5b39749b79c4f720e79d0693dacfd947254c3cf2c2f073ba03df4f98.exe » CAB » X0n69.exe » CAB » 2y3847.exe - a variant of Win32/Packed.Themida.HZB trojan - deleted
  79. C:\Users\admin\Downloads\20250405\53e8c48f5b39749b79c4f720e79d0693dacfd947254c3cf2c2f073ba03df4f98.exe » CAB » 3S32r.exe - a variant of Win64/Packed.Themida.GP trojan - deleted
  80. C:\Users\admin\Downloads\20250405\ee2f02c4c1c30cc43fec8bce9863e6e06005f922e028c8d2599da78fe26f0edc.exe - a variant of MSIL/Kryptik.ANLH trojan - cleaned by deleting [1]
  81. C:\Users\admin\Downloads\20250405\efe6dfbecb2fc9076c8d5df6326f58ac256853cb184b2bf12e595d7763567d76.exe - a variant of Win64/Kryptik.EZW trojan - cleaned by deleting [1]
  82. C:\Users\admin\Downloads\20250405\c2ac1be59d384d723dcfdaf1f776ab104fe7b4bdedfe34b0dd43ae78372bd56b.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  83. C:\Users\admin\Downloads\20250405\f0479ea8dcfa35614713f9ce84e402127a00a219cf2ac67dc3a83589dc2ed98a.exe - a variant of MSIL/Kryptik.ANLH trojan - cleaned by deleting [1]
  84. C:\Users\admin\Downloads\20250405\7a7928fb9b2c8599f90c3126c272f9bf750875f420a3abdc68ec1d05b0d7e346.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  85. C:\Users\admin\Downloads\20250405\15b8fc633431dd5f613e54c2333239387710f0233f10f4e2d8bcef3100221ddd.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  86. C:\Users\admin\Downloads\20250405\7b4c1733affd0ccf9ef1cf6a6a7d352b3b61fbd021cd8a6f84f4ec514dfa3e90.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  87. C:\Users\admin\Downloads\20250405\f18578f6f08ed309a5e3c430e0a35348ee2c7dd7330a6551a3faec6497f080bb.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  88. C:\Users\admin\Downloads\20250405\97c03306e2164ba0129eb50690039dbe42a3d1641d51ce8cd2f4fd29c87424ed.exe - a variant of Win64/Packed.Themida.GP trojan - cleaned by deleting [1]
  89. C:\Users\admin\Downloads\20250405\f1b2ede62a61fa5b2152814c5419359b286e09c64d0f85de6896ca0245b07b42.exe - a variant of MSIL/Spy.Agent.CCY trojan - cleaned by deleting [1]
  90. C:\Users\admin\Downloads\20250405\30b834e3b80569a54e07bf5ae73b012f40a1131198f40f4883fcd9619fa38422.exe » CAB » h5p59.exe » CAB » 1B04X6.exe - a variant of Win32/Packed.Themida.HZB trojan - deleted
  91. C:\Users\admin\Downloads\20250405\30b834e3b80569a54e07bf5ae73b012f40a1131198f40f4883fcd9619fa38422.exe » CAB » h5p59.exe » CAB » 2g3067.exe - a variant of Win32/Packed.Themida.HZB trojan - deleted
  92. C:\Users\admin\Downloads\20250405\30b834e3b80569a54e07bf5ae73b012f40a1131198f40f4883fcd9619fa38422.exe » CAB » 3Q63A.exe - a variant of Win32/Packed.Themida.HZB trojan - deleted
  93. C:\Users\admin\Downloads\20250405\99ccb8fe9b3bad488260a5b08cfa7bad354152ec7e1c05a072a134f06a927a87.exe - a variant of MSIL/Kryptik.ANLH trojan - cleaned by deleting [1]
  94. C:\Users\admin\Downloads\20250405\c49ba6b80e660afdff9d80926e49a7895a2b566199f3ccb8aecac94abfc79435.exe » AUTOIT » script.bin - a variant of Win32/Injector.Autoit.GYP trojan - cleaned by deleting [1]
  95. C:\Users\admin\Downloads\20250405\f27c5ad43bbd9592d3c035bf4bc297b2bd0a44914c20a6780f0c474a1f06bce7.exe - a variant of MSIL/Kryptik.ANLT trojan - cleaned by deleting [1]
  96. C:\Users\admin\Downloads\20250405\c6113d38b157b316943297f3981f9cb3291e0c4b62fbbded5143d115586fd1dc.exe - a variant of MSIL/Kryptik.ANLK trojan - cleaned by deleting [1]
  97. C:\Users\admin\Downloads\20250405\f280bb4d1036eb4e6e7410ed52db364722e9d0efab5f4030834488f0136bc52b.exe - a variant of MSIL/Kryptik.ANLP trojan - cleaned by deleting [1]
  98. C:\Users\admin\Downloads\20250405\7c5ba03d7450f122594230e249adc41631f8fb15d1c5b7257a425176f8f31025.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  99. C:\Users\admin\Downloads\20250405\c735b191a72ddd8c234d3ee61c95fbdf9e8a7dd21b6ec31131991a9072ea8da9.exe » AUTOIT » script.bin - a variant of Win32/HackTool.Silentall.N potentially unsafe application - action selection postponed until scan completion
  100. C:\Users\admin\Downloads\20250405\328158117f79d4cab71c6db28adfcf24d0a18b790f52fdc197f3900acb5af9e9.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  101. C:\Users\admin\Downloads\20250405\9a04ea7b557bafd72472be198c5bdc470109683332efed7ebd2a899be1906a91.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  102. C:\Users\admin\Downloads\20250405\7ca4578e9e3d167a141c6ac3a788efbdae7a295bcc6618ca6cc042a6e7174bf4.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  103. C:\Users\admin\Downloads\20250405\c98d3c3a151b29e7fa83cc98f8fec2ae3fc2f2976212e855e6c16fdaa5fa634c.exe - a variant of Win32/Packed.Themida.HWA trojan - cleaned by deleting [1]
  104. C:\Users\admin\Downloads\20250405\ca1cf8c31abcbf6fa6d324098c97bea8452da24cfcf579a52a3d262c93a85557.exe » WINRARSFX » ssisd.sys - a variant of Win32/GenCBL.FRW trojan - cleaned by deleting [1]
  105. C:\Users\admin\Downloads\20250405\36afe69a2bd123ba8c856a010f205da2e7530fa84eae5402a4550c595cbb6977.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  106. C:\Users\admin\Downloads\20250405\376669ab4488e48597c403725631c6173c6fe18f8579584026fb5cea8eb2923b.exe - a variant of Generik.HDGPTZM trojan - cleaned by deleting [1]
  107. C:\Users\admin\Downloads\20250405\3d81f2b70ab7f9d3e3ce9092c9de4d3c8df30b7852d4f2604aae4d181ebd08db.exe - a variant of MSIL/TrojanDownloader.Agent.OXE trojan - cleaned by deleting [1]
  108. C:\Users\admin\Downloads\20250405\5425d13dc4d180558e58648cdc20802f8f6b28d2b2ab97f0863f0cc9b5ea9b1a.exe » CAB » x9b14.exe » CAB » 1o70A3.exe - a variant of Win32/Packed.Themida.HZB trojan - deleted
  109. C:\Users\admin\Downloads\20250405\5425d13dc4d180558e58648cdc20802f8f6b28d2b2ab97f0863f0cc9b5ea9b1a.exe » CAB » x9b14.exe » CAB » 2T8895.exe - a variant of Win32/Packed.Themida.HZB trojan - deleted
  110. C:\Users\admin\Downloads\20250405\5425d13dc4d180558e58648cdc20802f8f6b28d2b2ab97f0863f0cc9b5ea9b1a.exe » CAB » 3u96r.exe - a variant of Win64/Packed.Themida.GP trojan - deleted
  111. C:\Users\admin\Downloads\20250405\ccb5ceb2182b9772f1621a488b740a7bed188f0872adb872ae3011d972a29f2c.exe - a variant of Win64/Packed.Obsidium.A suspicious application - cleaned by deleting [1]
  112. C:\Users\admin\Downloads\20250405\ce0e796e188830d0c583bb9cf3a82a6a8c0fbe5ee7418e3937bd372a38f424bd.doc - Win32/Exploit.CVE-2017-11882.BOR trojan - cleaned by deleting [1]
  113. C:\Users\admin\Downloads\20250405\56c9a4ba368cc9d29fe167df3d55c92bace32de69847e9e8b77660cf9a83324c.exe - a variant of MSIL/PSW.Agent.SZC trojan - cleaned by deleting [1]
  114. C:\Users\admin\Downloads\20250405\574c5ba90e69460799a53ea6fc88d8c6ba4b2b749f739f61779e1975e53e15d9.exe - a variant of Win32/GenKryptik.HHVR trojan - cleaned by deleting [1]
  115. C:\Users\admin\Downloads\20250405\f2f8db97d3862cb14f39c77af9ab3daf184afb4023e2133f9e7bf76397e930c2.exe » CAB » U8n65.exe » CAB » 1m78r9.exe - a variant of Win32/Packed.Themida.HZB trojan - deleted
  116. C:\Users\admin\Downloads\20250405\f2f8db97d3862cb14f39c77af9ab3daf184afb4023e2133f9e7bf76397e930c2.exe » CAB » U8n65.exe » CAB » 2w2837.exe - a variant of Win32/Packed.Themida.HZB trojan - deleted
  117. C:\Users\admin\Downloads\20250405\f2f8db97d3862cb14f39c77af9ab3daf184afb4023e2133f9e7bf76397e930c2.exe » CAB » 3M84t.exe - a variant of Win32/Packed.Themida.HZB trojan - deleted
  118. C:\Users\admin\Downloads\20250405\192c8d839f8bb794a6c4d07f98ebd71517d79e12974371130829de1ec61c3c5a.exe » CAB » w6M31.exe » CAB » 1P22P4.exe - a variant of Win32/Packed.Themida.HZB trojan - deleted
  119. C:\Users\admin\Downloads\20250405\192c8d839f8bb794a6c4d07f98ebd71517d79e12974371130829de1ec61c3c5a.exe » CAB » w6M31.exe » CAB » 2X1892.exe - a variant of Win32/Packed.Themida.HZB trojan - deleted
  120. C:\Users\admin\Downloads\20250405\192c8d839f8bb794a6c4d07f98ebd71517d79e12974371130829de1ec61c3c5a.exe » CAB » 3J14t.exe - a variant of Win64/Packed.Themida.GP trojan - deleted
  121. C:\Users\admin\Downloads\20250405\cfbf75c729655bd23b26df184d5091bcd0a5227b165f86a335150477e6af7237.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  122. C:\Users\admin\Downloads\20250405\3e9143378229c06b11348245243aa18500d67af6c0429f0d4338bb372867ef36.exe » AUTOIT » script.bin - a variant of Win32/Injector.Autoit.GYP trojan - cleaned by deleting [1]
  123. C:\Users\admin\Downloads\20250405\57ff0ba0ce464f932839ec7b9b07523fa3c8d68be94a735087bd03274f8eb166.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  124. C:\Users\admin\Downloads\20250405\5b8bb3f066cac540f3846ae6a97cefa64b2dfa74e6696d15b64eef1f44bed938.exe - a variant of MSIL/Kryptik.ANLH trojan - cleaned by deleting [1]
  125. C:\Users\admin\Downloads\20250405\5c9f911425493134acd77379a98edaa7e161c6780fdba68791e9098fb9885400.vbs - VBS/TrojanDropper.Agent.PCM trojan - cleaned by deleting [1]
  126. C:\Users\admin\Downloads\20250405\199b55fec7e308c69f1465301ab74aed087127126ba8ab4593a99e132458012b.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  127. C:\Users\admin\Downloads\20250405\60667b8d0b8ed46c3b023dfec70fad2f24cb4bdd15060db90e6176e67ca09c76.js - JS/Kryptik.CTH trojan - cleaned by deleting [1]
  128. C:\Users\admin\Downloads\20250405\3fc7cb100fdcdae87e5f1f526ebf3f48547756939bc88e6cd73fd2324af210ba.exe » AUTOIT » script.bin - a variant of Win32/Injector.Autoit.GYQ trojan - cleaned by deleting [1]
  129. C:\Users\admin\Downloads\20250405\4019c10248e184a987eae86ee66d123e47ef5668ead0debecbefd6606c33980c.exe - a variant of MSIL/Bladabindi.BB trojan - cleaned by deleting [1]
  130. C:\Users\admin\Downloads\20250405\6074b73dfe48d120f650a4b19f196e2a8e91b483a9ee23f3f493a44cdcb514eb.exe - a variant of Generik.IBIHNNG trojan - cleaned by deleting [1]
  131. C:\Users\admin\Downloads\20250405\19d23959efbf81c7fd9e3e1fc5761b20c5eac5317610fcc3440ed161affdce17.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  132. C:\Users\admin\Downloads\20250405\60de37f8965472ff0581e060db7950e8d198495538822fa5866c0e7ab8f787e5.exe - MSIL/NanoCore.E trojan - cleaned by deleting [1]
  133. C:\Users\admin\Downloads\20250405\4347740628dde81f0d24411f390e00f168155026dae9bc80e2e6837e381860a0.exe - a variant of MSIL/Kryptik.ANLR trojan - cleaned by deleting [1]
  134. C:\Users\admin\Downloads\20250405\9ea5d4fc9d5bd1b7245cd49fcf68b64a751f8a94c457681199be8b88f8c0f7bc.exe » CAB » G3b41.exe » CAB » 1a58r2.exe - a variant of Win32/Packed.Themida.HZB trojan - deleted
  135. C:\Users\admin\Downloads\20250405\9ea5d4fc9d5bd1b7245cd49fcf68b64a751f8a94c457681199be8b88f8c0f7bc.exe » CAB » G3b41.exe » CAB » 2K9715.exe - a variant of Win32/Packed.Themida.HZB trojan - deleted
  136. C:\Users\admin\Downloads\20250405\9ea5d4fc9d5bd1b7245cd49fcf68b64a751f8a94c457681199be8b88f8c0f7bc.exe » CAB » 3x27n.exe - a variant of Win64/Packed.Themida.GP trojan - deleted
  137. C:\Users\admin\Downloads\20250405\4659b6e3740aa41d7642e0365c0d0852104975c49f827ad4dd5c04eb7aff6315.exe - a variant of MSIL/Kryptik.ANLR trojan - cleaned by deleting [1]
  138. C:\Users\admin\Downloads\20250405\7d4c21123ce5ade0b0dfc1a12e2a70b0801ab76b91f185ab39002e568178f903.exe » CAB » q9g12.exe » CAB » 1k79v8.exe - a variant of Win32/Packed.Themida.HZB trojan - deleted
  139. C:\Users\admin\Downloads\20250405\7d4c21123ce5ade0b0dfc1a12e2a70b0801ab76b91f185ab39002e568178f903.exe » CAB » q9g12.exe » CAB » 2s5586.exe - a variant of Win32/Packed.Themida.HZB trojan - deleted
  140. C:\Users\admin\Downloads\20250405\7d4c21123ce5ade0b0dfc1a12e2a70b0801ab76b91f185ab39002e568178f903.exe » CAB » 3e15c.exe - a variant of Win64/Packed.Themida.GP trojan - deleted
  141. C:\Users\admin\Downloads\20250405\a0c5b49837dcd2857e7fb60832b8c93dd82d74cb4b05080dfcf0f9b262d02cd0.exe - a variant of MSIL/Kryptik.ANLF trojan - cleaned by deleting [1]
  142. C:\Users\admin\Downloads\20250405\621c9f20cb2b2eb5fb74075bde315acbcf7a205729f51404a322689d814520f3.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  143. C:\Users\admin\Downloads\20250405\1c85c298f9a4521cd1d585b17c339a251991320addb3ff19c1bee9c5f2d9fb2a.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  144. C:\Users\admin\Downloads\20250405\d447b04f9c9dbffdb5354b291419832ece0bdce3aa4e4901f19cc64b29584db5.exe » CAB » K3w02.exe » CAB » 1S36k2.exe - a variant of Win32/Packed.Themida.HZB trojan - deleted
  145. C:\Users\admin\Downloads\20250405\d447b04f9c9dbffdb5354b291419832ece0bdce3aa4e4901f19cc64b29584db5.exe » CAB » K3w02.exe » CAB » 2O5129.exe - a variant of Win32/Packed.Themida.HZB trojan - deleted
  146. C:\Users\admin\Downloads\20250405\d447b04f9c9dbffdb5354b291419832ece0bdce3aa4e4901f19cc64b29584db5.exe » CAB » 3e53J.exe - a variant of Win32/Packed.Themida.HZB trojan - deleted
  147. C:\Users\admin\Downloads\20250405\632ce36246d2e45420a46a3892ed74478df56b356d8ec37908fbb7359282ffb5.exe - MSIL/Bladabindi.BH trojan - cleaned by deleting [1]
  148. C:\Users\admin\Downloads\20250405\a1a10c9c14060099b1347861df29dcca01f9841b3822b2ae08a2c684245e41e5.exe » AUTOIT » script.bin - a variant of Win32/Injector.Autoit.GYQ trojan - cleaned by deleting [1]
  149. C:\Users\admin\Downloads\20250405\a208fa8d6f4c610340fbc9e632163d02203c5bffdfc1096851530800d47a0741.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  150. C:\Users\admin\Downloads\20250405\a313e0c456b2f0bc4ae15dc052990adf4084cb5bd1585fa55c1fb2d07e031539.js - JS/Kryptik.CTH trojan - cleaned by deleting [1]
  151. C:\Users\admin\Downloads\20250405\7e16f304636e5ab48de115d7a3c26cb7033c1aa59927dfb62222374192a58876.exe - a variant of Win64/Packed.Themida.GP trojan - cleaned by deleting [1]
  152. C:\Users\admin\Downloads\20250405\7e2c94b2a8f561fb52b21bea4647ff57ecb250de613c14a210fe203cb3c79e47.exe - a variant of MSIL/Kryptik.AEYN trojan - cleaned by deleting [1]
  153. C:\Users\admin\Downloads\20250405\8044220d34e77501df4a9831ac27802261ea2309f104bb49ac00301df36dee72.js - JS/TrojanDownloader.Agent.ACAX trojan - cleaned by deleting [1]
  154. C:\Users\admin\Downloads\20250405\a777a2eec9933c95e419cce77b09cffb73f0c4afcffde00942b9665098aa7fb4.exe - a variant of MSIL/TrojanDownloader.Agent.OXE trojan - cleaned by deleting [1]
  155. C:\Users\admin\Downloads\20250405\845891a72cc0919505444ad923bd196b5c79cf1d02c253080fdd5698a6cd1aff.exe - a variant of MSIL/Kryptik.ANLK trojan - cleaned by deleting [1]
  156. C:\Users\admin\Downloads\20250405\aa7105a237dc64c8eb179f18d54641e5d7b9ab7da7bf71709a0d773f20154778.exe - a variant of Win32/GenKryptik.HHXA trojan - cleaned by deleting [1]
  157. C:\Users\admin\Downloads\20250405\84e067c22bb2df495d6a7318d187181c7ed9a424d1bc29e92f8272b09c1f60e6.exe » AUTOIT » script.bin - a variant of Win32/Injector.Autoit.GYQ trojan - cleaned by deleting [1]
  158. C:\Users\admin\Downloads\20250405\aca8a0cb7f827524693e4931e9cb76f5ce26210e4476ce0347381cc875572056.exe - a variant of Generik.NWPKKWX trojan - cleaned by deleting [1]
  159. C:\Users\admin\Downloads\20250405\85feaa55c26b755a19532a790f98fb4319698d25d3478fb25fe3eb0fdc8891ee.exe - a variant of MSIL/Kryptik.ANLK trojan - cleaned by deleting [1]
  160. C:\Users\admin\Downloads\20250405\aede7c76458edd68d86748891ded44ccefc5f35a2118ec3ed6c5fdaf4f715b17.exe - a variant of Win32/Packed.Themida.HZB trojan - cleaned by deleting [1]
  161. C:\Users\admin\Downloads\20250405\0b860a73446e43e7d0a40ba3834a3e67eb38d5d0a606c2ad506a523902b302a8.msi » MSI » cab1.cab » CAB » AudioGenie3 - a variant of Win32/TrojanDownloader.Rugmi.AQI.gen trojan - deleted
  162. C:\Users\admin\Downloads\20250405\c735b191a72ddd8c234d3ee61c95fbdf9e8a7dd21b6ec31131991a9072ea8da9.exe » AUTOIT » script.bin - a variant of Win32/HackTool.Silentall.N potentially unsafe application - deleted
  163. C:\Users\admin\Downloads\20250405\1a1af5c23959e9f0e52bbbea1f07d702458a0949c92ef45312cac0aeaf878d5a.exe - Suspicious Object - cleaned by deleting [1]
  164. C:\Users\admin\Downloads\20250405\1d352b84939f0c1f339741d2384aab1a87159e26bdf0600baa645535a7f2ecbb.exe - Suspicious Object - cleaned by deleting [1]
  165. C:\Users\admin\Downloads\20250405\496347e5c5387e2b4c0da7abed3aa68902b5809bbfb8db4f237bd2f0918e9f5e.exe - Suspicious Object - cleaned by deleting [1]
  166. C:\Users\admin\Downloads\20250405\929ba21692a4e6e6cf7997efffe636f8a26d37421bd264d107fedee41a89bc0e.exe - Suspicious Object - cleaned by deleting [1]
复制代码

  1. 0a2b59698651ff2b7b94bc9b41fd04482eb5a2e78242227caf3c59c7ce21284b.js
  2. 620917aec5d2bbb15e5a415a91ff011e7a3cff5865456ccdb723c7f84123fc6c.vbe
  3. cc2137c6993dc3966cdf9195c6a5154c6a5e643fa7f90bdbc7e2522626fa9a56.bat
复制代码



回复

举报

OrangeCell
发表于 2025-4-5 17:21:21 | 显示全部楼层
本帖最后由 OrangeCell 于 2025-4-5 17:48 编辑

F-Seccure扫描126x,余21

双击剩余6x(包含一个无法运行)


本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

OrangeCell
发表于 2025-4-5 17:22:02 | 显示全部楼层
zhuzhu009 发表于 2025-4-5 17:18
2345 74/147

TR是红伞,其他应该是2345自研吧
回复

举报

netweb
发表于 2025-4-5 17:22:03 | 显示全部楼层
本帖最后由 netweb 于 2025-4-5 17:37 编辑

eset

kill 145x  miss 2x



火绒补杀剩下的2x





本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

jijianan2007
发表于 2025-4-5 17:22:34 | 显示全部楼层
本帖最后由 jijianan2007 于 2025-4-5 17:31 编辑

360企业安全云

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

xenonums
发表于 2025-4-5 17:24:45 | 显示全部楼层
本帖最后由 xenonums 于 2025-4-5 17:35 编辑

测试登记

测试软件:Dr.Web

测试结果:80/147

2345一个水平



本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

zhuzhu009
 楼主| 发表于 2025-4-5 17:30:53 | 显示全部楼层
OrangeCell 发表于 2025-4-5 17:22
TR是红伞,其他应该是2345自研吧

可能吧
回复

举报

123456aaaafsdeg
发表于 2025-4-5 17:32:26 | 显示全部楼层
OrangeCell 发表于 2025-4-5 17:22
TR是红伞,其他应该是2345自研吧

哈希拉黑
回复

举报

下一页 »
123下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-4-17 08:58 , Processed in 0.132507 second(s), 18 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表