收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 加密 1x
1234
返回列表 发新帖
楼主: Yjln
 收起左侧

[病毒样本] 加密 1x

  [复制链接]
偶偶偶114514
发表于 2025-12-19 11:54:25 | 显示全部楼层
lsop1349987 发表于 2025-12-17 15:50
drweb miss
emsi双击kill

我靠,oem bd都能杀,我best没反应
(补下:噢才看到这貌似是自家引擎
回复

举报

syswow64
发表于 2025-12-19 13:31:14 | 显示全部楼层
gtc 发表于 2025-12-19 10:54
还准备试试E文版,这...

SEP防勒索一直都很拉,不要指望它像卡巴那么全面,防不住正常,防得住是意外之喜
回复

举报

22222221
发表于 2025-12-20 17:38:11 | 显示全部楼层
HMPA:kill
Mitigation   CryptoGuard
Timestamp    2025-12-20T09:36:59

Platform     10.0.19045/x64 v2019 af_50
PID          8592
Application  C:\Users\Administrator\Desktop\exe.exe
Created      2025-12-17T05:15:20
Description  exe.exe

Filename     C:\Users\Administrator\Desktop\exe.exe

Detection    Generic.Ransom.C

1*C:\Users\Administrator\Desktop\1 - 副本 (4) - 副本.pdf
   Opened L1058691, Read T1058816|100% H32768|^46379, Write T1058816|100% H16384|^263 #1,w1,r1,LT

2*C:\Users\Administrator\Desktop\1 - 副本 (3).pdf
   Opened L1058691, Read T1058816|100% H32768|^46379, Write T1058816|100% H16384|^263 #8,w8,r8,LT

3*C:\Users\Administrator\Desktop\1 - 副本 (3) - 副本.pdf
   Opened L1058691, Read T1058816|100% H32768|^46379, Write T1058816|100% H16384|^263 #15,w15,r15,LT

4*C:\Users\Administrator\Desktop\1 - 副本 (2).pdf
   Opened L1058691, Read T1058816|100% H32768|^46379, Write T1058816|100% H16384|^263 #19,w19,r19,LT

5*C:\Users\Administrator\Desktop\1 - 副本 (2) - 副本.pdf
   Opened L1058691, Read T1058816|100% H32768|^46379, Write T1058816|100% H16384|^263 #23,w23,r23,LT

6 C:\Windows\system32\oleaut32.dll
   Opened L833136, Read T32768|3% H32768|^216833 #25



Process Trace
1  C:\Users\Administrator\Desktop\exe.exe [8592]
2  C:\Windows\explorer.exe [3460]

Dropped Files
1  C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\QB4BBBAV\W02_MostlySunny_40[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
2  C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\D15YJD32\N01_News_03[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
3  C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\VL1VBTLY\N01_News_13[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
4  C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\VL1VBTLY\N01_News_07[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
5  C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\QB4BBBAV\N01_News_16[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
6  C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\D15YJD32\N01_News_11[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
7  C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\QB4BBBAV\N01_News_15[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
8  C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\D15YJD32\N01_News_19[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
9  C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\VL1VBTLY\N01_News_14[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
10 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\QB4BBBAV\N01_News_22[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
11 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\QB4BBBAV\N01_News_24[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
12 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\D15YJD32\N01_News_18[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
13 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\VL1VBTLY\N01_News_26[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
14 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\D15YJD32\N01_News_17[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
15 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\VL1VBTLY\N01_News_20[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
16 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\E1EJQ6ZH\N01_News_30[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
17 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\QB4BBBAV\N01_News_21[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
18 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\D15YJD32\N01_News_23[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
19 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\VL1VBTLY\N01_News_25[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
20 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\E1EJQ6ZH\N01_News_06[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
21 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\QB4BBBAV\N01_News_29[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
22 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\D15YJD32\N01_News_33[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
23 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\VL1VBTLY\N01_News_31[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
24 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\E1EJQ6ZH\N01_News_37[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
25 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\QB4BBBAV\N01_News_28[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
26 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\D15YJD32\N01_News_38[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
27 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\VL1VBTLY\N01_News_39[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
28 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\E1EJQ6ZH\N01_News_32[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
29 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\QB4BBBAV\WI06_Sunset_01[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
30 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\D15YJD32\N01_News_34[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
31 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\VL1VBTLY\N01_News_35[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
32 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\E1EJQ6ZH\WI06_Sunset_03[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
33 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\QB4BBBAV\WI06_Sunset_02[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
34 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\D15YJD32\N01_News_27[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
35 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\VL1VBTLY\N01_News_36[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
36 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\E1EJQ6ZH\WI06_Sunset_04[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
37 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\QB4BBBAV\WI06_Sunset_07[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
38 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\D15YJD32\WI06_Sunset_05[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
39 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\VL1VBTLY\WI06_Sunset_09[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
40 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\E1EJQ6ZH\N01_News_40[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
41 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\QB4BBBAV\WI06_Sunset_06[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
42 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\D15YJD32\WI06_Sunset_11[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
43 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\VL1VBTLY\WI06_Sunset_14[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
44 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\VL1VBTLY\WI06_Sunset_13[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
45 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\E1EJQ6ZH\WI06_Sunset_08[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
46 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\QB4BBBAV\WI06_Sunset_10[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
47 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\D15YJD32\WI06_Sunset_16[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
48 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\E1EJQ6ZH\WI06_Sunset_12[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
49 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\QB4BBBAV\WI06_Sunset_15[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
50 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\D15YJD32\WI06_Sunset_22[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
51 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\VL1VBTLY\WI06_Sunset_25[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
52 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\E1EJQ6ZH\WI06_Sunset_19[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
53 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\QB4BBBAV\WI06_Sunset_18[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
54 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\D15YJD32\WI06_Sunset_27[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
55 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\VL1VBTLY\WI06_Sunset_23[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
56 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\E1EJQ6ZH\WI06_Sunset_29[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
57 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\QB4BBBAV\WI06_Sunset_21[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
58 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\D15YJD32\WI06_Sunset_32[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
59 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\VL1VBTLY\WI06_Sunset_20[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
60 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\E1EJQ6ZH\WI06_Sunset_28[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
61 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\E1EJQ6ZH\WI06_Sunset_31[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
62 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\QB4BBBAV\WI06_Sunset_34[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
63 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\D15YJD32\WI06_Sunset_35[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
64 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\VL1VBTLY\WI06_Sunset_26[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
65 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\QB4BBBAV\WI06_Sunset_33[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
66 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\D15YJD32\WI06_Sunset_30[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
67 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\VL1VBTLY\WI06_Sunset_38[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
68 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\E1EJQ6ZH\WI06_Sunset_40[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
69 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\QB4BBBAV\WI06_Sunset_37[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
70 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\D15YJD32\WI08_Humid2_01[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
71 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\VL1VBTLY\WI06_Sunset_36[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
72 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\E1EJQ6ZH\WI08_Humid2_04[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
73 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\QB4BBBAV\WI08_Humid2_05[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
74 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\D15YJD32\WI06_Sunset_17[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
75 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\VL1VBTLY\WI06_Sunset_39[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
76 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\E1EJQ6ZH\WI08_Humid2_07[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
77 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\QB4BBBAV\WI08_Humid2_06[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
78 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\D15YJD32\WI08_Humid2_03[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
79 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\VL1VBTLY\WI08_Humid2_09[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
80 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\E1EJQ6ZH\WI08_Humid2_12[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
81 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\QB4BBBAV\WI08_Humid2_11[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
82 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\D15YJD32\WI08_Humid2_15[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
83 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\VL1VBTLY\WI08_Humid2_13[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
84 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\E1EJQ6ZH\WI08_Humid2_10[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
85 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\QB4BBBAV\WI08_Humid2_16[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
86 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\D15YJD32\WI08_Humid2_20[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
87 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\VL1VBTLY\WI08_Humid2_18[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
88 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\E1EJQ6ZH\WI08_Humid2_02[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
89 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\E1EJQ6ZH\WI08_Humid2_14[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
90 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\E1EJQ6ZH\W02_MostlySunny_26[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
91 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\QB4BBBAV\WI08_Humid2_21[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
92 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\D15YJD32\WI08_Humid2_19[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
93 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\VL1VBTLY\WI08_Humid2_29[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
94 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\QB4BBBAV\WI08_Humid2_23[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
95 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\D15YJD32\WI08_Humid2_25[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
96 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\VL1VBTLY\WI08_Humid2_26[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
97 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\QB4BBBAV\WI08_Humid2_31[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
98 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\D15YJD32\WI08_Humid2_32[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
99 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\VL1VBTLY\WI08_Humid2_36[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
100 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\E1EJQ6ZH\WI08_Humid2_33[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
101 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\QB4BBBAV\WI08_Humid2_22[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
102 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\D15YJD32\WI08_Humid2_34[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
103 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\VL1VBTLY\WI08_Humid2_08[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
104 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\E1EJQ6ZH\WI08_Humid2_35[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
105 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\QB4BBBAV\WI08_Humid2_27[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
106 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\D15YJD32\WI08_Humid2_24[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
107 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\VL1VBTLY\WI08_Humid2_40[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
108 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\E1EJQ6ZH\WI08_Humid2_17[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
109 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\QB4BBBAV\WI06_Sunset_24[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
110 C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\D15YJD32\WI08_Humid2_28[1].svg
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
111 C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\ccba5a5986c77e43.automaticDestinations-ms
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
        Read by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
112 C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\microsoft-edgesource=windowsfeeds&timestamp=1766223404402&url=https%3A%2F%2Fwww.msn.cn%2Fzh-cn%3Focid%3Dwinp1taskbar%26cvid%3D69466e1e4bdc49918a5bed058ba51348%26ei%3D9.lnk
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]
113 C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\Internet.lnk
     Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [3460]

Thumbprints
2c348c346ac963918666944d85696602d5e716bedeb3e6af19c159f0cd451aa9 (ALG5)
8b5425b057966c09dd92661b96b2ef5be6d059b6fb4a6ecfb36b782a40ef66af (FLD1)
43e8debd20699fd598813213cc550c7b1e75a60cfeeb7f9d58433abbbd3d88bc


回复

举报

1234
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2026-3-1 10:28 , Processed in 0.062410 second(s), 2 queries , Redis On.

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表