【开放测试】卡饭病毒样本包 20250502 第279期

zhuzhu009

警告：

    本主题帖中包含的文件和附件可能对计算机造成潜在危害。虽然没有任何安全软件能够做到100%防护，但这些样本仅供测试、交流与学习使用，严禁用于非法用途。

    请注意，所有样本均为真实威胁，具有严重的危害性。在没有适当安全防护的情况下，请勿随意保存、打开或执行这些样本。建议在虚拟机环境中进行测试，以确保计算机安全。对于任何下载、打开样本或点击附件链接导致的个人数据泄露、系统破坏或其他损失，发布者及卡饭论坛不承担任何责任。

当前测试阶段：开放测试

---

文件信息：

• 文件名称：20250502.zip
• 样本数量：69
• 压缩包密码：infected
  

---

下载链接：

• https://wwzq.lanzouq.com/ilt6h2v412fg   https://pan.moe/s/bv5HQ
  

文件信息：

• SHA256(20250502.zip)：  B412BE82504C4A265E99F028E1C283193B6202E29DF8E214DA95E1EC3C739064
  

---

注意：扫描/双击日志请以附件形式（压缩包）或图片上传，也可以 以1号字体放在回复中。         

          对于日志过长以至于影响会员刷帖/回帖体验的回复，管理人员有权进行屏蔽处理。

若样本中包含 .ps1（Powershell脚本）文件，请手动打开 cmd.exe，输入以下命令以允许运行脚本：

powershell
Powershell.exe Set-ExecutionPolicy Bypass

zhuzhu009

2345 19/69

hipoxiaxxx

FortiClient 扫描 64X，云沙盒 2X，剩余 3X 上报

1. 00fad0f48e901175b2dced47212eab6df0b5af4a0225b2e42cd9f8953abedc74.exe - MSIL/SnakeKeylogger.FQQD!tr
   
2. 024537bcb5cb2e33a164a13fa87e13dfc129efe2dd656084f3954f4ba5a821e1.exe - W32/Malicious_Behavior.VEX
   
3. 08b93daa1c28b852d7264d2c1903873a1a0b57ea8f30033d525497dc25791641.exe - MSIL/Kryptik.ALLB!tr
   
4. 0a8211806999ec0c57cabc1ef48df7c9ec926839193f5ac5b4ec51f4e4157497.exe - MSIL/Agent.CFQ!tr
   
5. 0f5a0bc385bc986d162a55738e406f14914b40247fe32dd6204189d0e21ace92.exe - PossibleThreat
   
6. 104c1281ce6e7178d80a6fe4a4f8c2b3b596ca4fe32ae8916046fc89431a1722.exe - FSA/RISK_MALICIOUS
   
7. 134c8c01c688d2f6a23765c6f917633d2c9f440e6c37753874ddd938862b1ff0.exe - FSA/RISK_MALICIOUS
   
8. 15bfc047dc5728762fff3022cc31477614834a05dbf83f16a639e6db1034ab72.exe - FSA/RISK_MALICIOUS
   
9. 1e35dfb3bf83d01a0b338098592d0e722e326766e7657ec444a8a6351dbd6851.bat - PowerShell/Kryptik.HJ!tr
   
10. 1ec7c4edc2038db0bfaea55962357a0f242a40ac6d0e406f902aed15abae170b.exe - W32/ClipBanker.TZ!tr
    
11. 21409ad75cd35d9e0505f218156c3082fcb2c7c9699ac414dd5fbda00a7c8a3b.exe - MSIL/Kryptik.ANPJ!tr
    
12. 22e652557481b90518054a3d1877245a30048578d6b05a34bf5988c33dcacafc.exe - W32/Rugmi.ANS!tr.dldr
    
13. 2348db2b23b352e959ad466de340007cb04cfaa8132a48487b04640a296c8441.exe - MSIL/Bladabindi.F!tr
    
14. 23fa1ff8a55abdd589f1cdf1845287b20ac81637141cfa3a46dadc066ed9f986.exe - FSA/RISK_MALICIOUS
    
15. 248bdde1eb2fff66b037200945c95b22c3c607aaf3c422b8523304a44c0e99f3.exe - MSIL/GenKryptik.GZHA!tr
    
16. 25d11882af4b8bcd0dfd14ef77394fa72ac29a91bfa3f1e2f3141a9cf3bf577e.exe - MSIL/Agent.DTR!tr.spy
    
17. 2776fae0381070613e5e235e1f556e9466af4e08ca8f70f3dc4ddd93d75acc4d.exe - MSIL/Kryptik.PBZX!tr
    
18. 2bba6b41d457d10ea7ab886c536dae2d16bc245a519f8808bfabd9c76e823142.exe - W32/AI.Pallas.Suspicious.AVEN
    
19. 2ea021bec0045d800172d6b4bba4e916c5ebd32e9b40da4c7dc5f37f317112ec.js - Malware_Generic.P0
    
20. 305df92519f590352913cfe3ad49d093d9f7f93588bc737db559ef531b5bde1c.exe - MSIL/Agent.RYW!tr.dldr
    
21. 318d584e0786fcacb2bc377b71a74900990c261e154c6a9f130b3d8de8fb4b40.xls - MSExcel/CVE_2017_0199.G1!exploit
    
22. 3d57c7b0c61347dd98c2091bb7c4943e40a78dee3d2fa85167a61708e1bee8f0.exe - MSIL/SnakeKeylogger.FQQD!tr
    
23. 43766e6638c396cd911aeddb1939b477864480bb01c50cd2f41f8260a3c2fbfc.exe - MSIL/Kryptik.ALLB!tr
    
24. 47a6ea2947d46e9547989e9c8870805fb585d3ff16a4b9c7b6e8b4a322b61eb3.exe - MSIL/Agent.BSS!tr
    
25. 4b648e5f7ae88af3cafe6877e9acaa11e6006b44d5f96c2a8df1d68585bdea85.exe - FSA/RISK_MALICIOUS
    
26. 54cc14bded44addd135438ad4739ee1209fc52ea70159ae2558d026cd17698cc.exe - MSIL/Kryptik.ALLB!tr
    
27. 5a7de10fa6d093a19addb6aae5c8616c0ce249ffc4bf08602185dd12f5f408e0.exe - W32/Kryptik.BV!tr
    
28. 602f96615af22f7a823131dc7cbda35cc173a45e20f1fdb7f331b831ddf2d9b5.exe - W64/Gasket.BJQV!tr
    
29. 61b08477414108ef94b073994f704f3dff7f48e6aa51d40d3ca8ecc3705bf0c5.exe - W64/Agent.FQM!tr
    
30. 6654332518cf46a45a19872eb153485d86c7bf9ecae29d86491e3256f1e2c087.vbs - Malware_Generic.P0
    
31. 6c66b759f3433d1518c3c781ef4240e78b20aaecfeedbf93f34c95d4cf9b2a2a.exe - W32/AI.Pallas.Suspicious.AVEN
    
32. 6f75dff740d74a773e0a5329983fdc06bc1e4a0f74c3e851c9c9a5add30ef128.exe - W32/VBKrypt.MBSX!tr
    
33. 756c14ee6f81488ac0a35e3ef3866a3b5b2eb76351ab292a7c30a0ce242dcd19.exe - MSIL/Kryptik.PBZX!tr
    
34. 7631877fb3e39b166e33ffc6beeba1c64d6c5c7d7d8c9c0035f9148e65dedccb.exe - FSA/RISK_MALICIOUS
    
35. 768b34ba5b6d83b5f837e945c8310bab454d5b9a299c011f4c81a4d78267c62f.exe - W32/Themida.HZB!tr
    
36. 7d08987fc839798b65f03b60de6b1b296fe91bf36a8ce2b0b35a3ffd55c52737.exe - FSA/RISK_MALICIOUS
    
37. 865d757dbd675369b749dd68b1da5f785900d98d39386376e3464422248fa561.exe - FSA/RISK_MALICIOUS
    
38. 8a3be79e4d0780160e607165cb38f0b102e95f7d5caf798e94663429eef4bb8e.js - JS/Agent.ACKB!tr.dldr
    
39. 8d071dcb45fd83eb7e8f6495d6e6588adfcd1febce528844281452e882bbf12d.exe - MSIL/GenericKD.69901747!tr
    
40. 8e564a2a0e1bdb442649ba702cfb4ebfaa4d28a1e404d9f6ba44a06398008e16.exe - FSA/RISK_MALICIOUS
    
41. 9265c0c701c4946e2a297e15051c42a3d318da6bf0882abc673629f005e8428d.js - JS/Agent.ACKB!tr.dldr
    
42. 9427d7db2f7965373c6c2c0a57098ef8503818308e2bcd57c19b95c29a0fa789.exe - W32/Loader_Ropalidia.O!tr
    
43. 983eff99c764596fd7bd3476c0e10336b16a5923e32299b2d21bdf17e2211150.exe - W32/Runner.OK!tr
    
44. 98f0e3b9d3b50219bee1ac997b56c4379328f78457db6513b2fabee58a9b599c.exe - W64/Kryptik.BVR!tr
    
45. 9ed152b3a82cfc314a69a93cf59b967a5329261cf907b563a08f50a88fb9d9b9.exe - FSA/RISK_MALICIOUS
    
46. a3f59359cdb38a9596029f6be803087c601193295f431ca0b31a0d055e23d881.exe - W64/Gasket.BJQV!tr
    
47. a6c105746ed8704d74b793ef0b04c8eac1e48fbb34db69d7c8e43a9a43ec82a6.lnk - LNK/Agent.D!tr
    
48. b3b3d2e1dfc77efa21b337da267d93da1e3900625c6670e3629d20340e9f0dd8.exe - MSIL/SnakeKeylogger.FQQD!tr
    
49. bdef9be3bb347205e3800ea8ea2b9962b33a8b1818cea9690a96fb3b7c531923.exe - MSIL/CoinMiner.CFQ!tr
    
50. c2d9ad53a67c4b5cc27315a7b2bec353c50178d07058a6f94a207131348cc243.exe - MSIL/Kryptik.PBZX!tr
    
51. c6f89955e03e91b02d60169829cf5655cc6a2812b570ad181677b3cc6d11fc28.exe - FSA/RISK_MALICIOUS
    
52. d00496672a72c8d00cd1d188454fd9109717b0ab2c66e29c1c5ed73ab5d5a8ad.vbs - Malware_Generic.P0
    
53. d7285f992ffd2b3120a8da5054f28bde82bd5185e5695758cebf3d5cb11da8f1.exe - Riskware/Application
    
54. e29a3db17025e34336b10d36e5dd59ff5d1ac07ada8df0cddba0d3f3db689f65.exe - W32/Amadey.A!tr.dldr
    
55. e3f04ee38c97dd8de99e55ec59d6882fb7a5dbb79b2fae10664016036284e211.exe - MSIL/Agent.ECL!tr
    
56. e42c16e314e53ea756b4c726676272c7248a89c228364663c63b08bb1889d280.exe - PowerShell/Agent.CQH!tr
    
57. e49c0602bd2fffa76071700c36fb4ff11778f755792155d7f75b00a019e82702.exe - FSA/RISK_MALICIOUS
    
58. eda8968dfb8b37bcc7e612747c66df19af0d0de364d5fb3873dc031fd8fc3227.exe - W64/Kryptik.FBJ!tr
    
59. ee21aa4d8c30c0173a668f1fca70e740eaec54e8164f9bee0be3175ddb560b5d.exe - FSA/RISK_MALICIOUS
    
60. efa9015c2a50a3b7184d201badbe5037764e8dbf61d4267f1479f2150f219d02.exe - MSIL/SnakeKeylogger.FQQD!tr
    
61. f28ccba5fe17dc035620b248f516a967435eef3ef428f26e2ccb8333836c1132.exe - W32/Agent.NFZ!tr
    
62. f3b03dd677c48f38d3e407c423b77ff7b8e5a51cf096cb4673f6f0f016bd6b3c.exe - MSIL/SnakeKeylogger.FQQD!tr
    
63. fe425f034245df80aa7de7f613c39ecc9801077ccb38d23f153ba9076c1e6f35.exe - FSA/RISK_MALICIOUS
    
64. fedd185a46f49c7581e13a12ed5ec25a8e135590ada09cd6f9ed0a2db4e105d3.js - JS/Agent.ZEH!tr

复制代码

莒县小哥

MD杀65枚

OrangeCell

F-secure kill 44x

jijianan2007

EES 解压剩3

电脑发烧迷

360 kill 64x，eset kill 65x，卡巴kill 66x（按实际剩余算）卡巴双击剩1，ASMI扫描到但是不删除

jijianan2007

360杀毒  63X剩6

ewader

莒县小哥 发表于 2025-5-2 16:52
MD杀65枚

MD最近很牛叉呀

啊松

卡巴扫描剩余2个