【正式测试】卡饭病毒样本包 20260316 第283期

显示全部楼层 · 发表于昨天 20:10

本帖最后由 lingchenheiye 于 2026-3-16 20:23 编辑

既然eset和火绒已经有人报了，那我来个WD，杀14个，剩8个

显示全部楼层 · 发表于昨天 20:11

360 17/22

显示全部楼层 · 发表于昨天 20:14

2345 2/22 全是小红伞的功劳

显示全部楼层 · 发表于昨天 20:25

本帖最后由 UNknownOoo 于 2026-3-16 20:34 编辑

X-Sec
扫描12x

Basic Info:
---------------------
Program Version: 3.2.4.0
Rising Virus Database Version: 25.00.64.30
X-Sec Heuristic Engine: Enabled
Rising Antivirus Engine: Enabled
Rising Cloud Engine: Enabled
Backup Before Resolve: Enabled
---------------------
Targets:
---------------------
C:\Users\UnknownOoo\Downloads\infected2026031601
---------------------
2026/03/16 20:31:54 Threat Detected: C:\Users\UnknownOoo\Downloads\infected2026031601\2026第一季度违纪人员内部调查信息.exe -- [rame-cloud] Trojan.Undefined!8.1327C
2026/03/16 20:32:01 Threat Detected: C:\Users\UnknownOoo\Downloads\infected2026031601\AWB 9165032030.exe -- [rame-cloud] Trojan.Kryptik!8.8
2026/03/16 20:32:04 Threat Detected: C:\Users\UnknownOoo\Downloads\infected2026031601\HGU98765456789000.bat -- [rame-cloud] Dropper.Agent/PS!8.111A0
2026/03/16 20:32:04 Threat Detected: C:\Users\UnknownOoo\Downloads\infected2026031601\installer.exe -- [rame-rdml] Trojan.Kryptik@AI.90
2026/03/16 20:32:07 Threat Detected: C:\Users\UnknownOoo\Downloads\infected2026031601\met-tech_pricing_request_product_specifications_drawings_031620260000000_pdf.js -- [rame-cloud] Downloader.MalBehav/JS!8.1BA21
2026/03/16 20:32:08 Threat Detected: C:\Users\UnknownOoo\Downloads\infected2026031601\Passhyr.exe -- [rame-cloud] Trojan.Injector!8.C4
2026/03/16 20:32:08 Threat Detected: C:\Users\UnknownOoo\Downloads\infected2026031601\Performa Invoice 2602.exe -- [rame-rdm.msil2] Malware.Obfus/MSIL@AI.83
2026/03/16 20:32:11 Threat Detected: C:\Users\UnknownOoo\Downloads\infected2026031601\PO230824312.JS.js -- [rame-cloud] Trojan.Generic!8.C3
2026/03/16 20:32:12 Threat Detected: C:\Users\UnknownOoo\Downloads\infected2026031601\random.exe -- [rame-cloud] Trojan.Loader!8.15A8
2026/03/16 20:32:14 Threat Detected: C:\Users\UnknownOoo\Downloads\infected2026031601\Request-for-Quotation.js -- [rame-cloud] Trojan.SAgent!8.10172
2026/03/16 20:32:15 Threat Detected: C:\Users\UnknownOoo\Downloads\infected2026031601\setup.exe -- [rame-cloud] Backdoor.Agima!8.11417
2026/03/16 20:32:15 Threat Detected: C:\Users\UnknownOoo\Downloads\infected2026031601\signature.hta -- [rame-topis] PUF.Runner/PS!8.188C4
2026/03/16 20:32:17 Threat Detected: C:\Users\UnknownOoo\Downloads\infected2026031601\Specifications Order.js -- [rame-cloud] Worm.Generic!8.402
2026/03/16 20:33:13 Threat Detected: C:\Users\UnknownOoo\Downloads\infected2026031601\win-sougoushurusd-x64.exe -- [rame-classic] Trojan.Agent/IFPS!1.13AFF

复制代码

显示全部楼层 · 发表于昨天 20:42

本帖最后由游戏王武藤游戏于 2026-3-16 21:02 编辑

Avast：12/22

显示全部楼层 · 发表于昨天 21:12

感谢分享

显示全部楼层 · 发表于昨天 21:19

本帖最后由反病毒fileman 于 2026-3-16 21:25 编辑

火绒kill10个文件

显示全部楼层 · 发表于昨天 21:51

本帖最后由 123456aaaafsdeg 于 2026-3-16 21:53 编辑

腾讯

2026-3-16 21:52:54 MD5:7d806c9d6ec69c4bd4bf3229e3478d65 C:\Users\Administrator\Desktop\测试样本\Specifications Order.js [Script.Worm.Generic.hflw(aiScore=m)] [删除成功]
2026-3-16 21:52:54 MD5:966d8da6422ee21e23520f869212cd87 C:\Users\Administrator\Desktop\测试样本\met-tech_pricing_request_product_specifications_drawings_031620260000000_pdf.js [Script.Trojan.Generic.xwhl(aiScore=m)] [删除成功]
2026-3-16 21:52:54 MD5:40bc7855ed73e9e9fc64729ae66db4f8 C:\Users\Administrator\Desktop\测试样本\Documento-IRPF.exe [Win32.Packed.Acked.nsmw(aiScore=h)] [删除成功]
2026-3-16 21:52:55 MD5:3424edaa2031ee2421193f9fae2ed45a C:\Users\Administrator\Desktop\测试样本\vk_swiftshader_icd.ps1 [Win32.Trojan.Agent.dkjl(aiScore=m)] [删除成功]
2026-3-16 21:52:55 MD5:1b405ee9bde05b5df25e6ca77033e0eb C:\Users\Administrator\Desktop\测试样本\PO230824312.JS.js [Script.Trojan.Generic.nsmw(aiScore=m)] [删除成功]
2026-3-16 21:52:55 MD5:6e891448cef259c3073c5fc978e498e8 C:\Users\Administrator\Desktop\测试样本\Performa Invoice 2602.exe [Msil.Trojan.LummaStealer.Nqil] [删除成功]
2026-3-16 21:52:56 MD5:f0dae4992a35aae6660a02d1f8192352 C:\Users\Administrator\Desktop\测试样本\Quote EUTR26-024352.bat [Win32.Trojan-Dropper.Jandropper.mqil(aiScore=m)] [删除成功]
2026-3-16 21:52:56 MD5:db6d616ccbd257bdc15de1ee98cbd890 C:\Users\Administrator\Desktop\测试样本\setup.exe [Win32.Trojan.Genkryptik.Mgil] [删除成功]
2026-3-16 21:52:56 MD5:da93c688e9acb64216a87f92f416205e C:\Users\Administrator\Desktop\测试样本\Request-for-Quotation.js [Script.Trojan.Sagent.Bkjl] [删除成功]
2026-3-16 21:52:56 MD5:edfd995e212addde1be14e008728bc56 C:\Users\Administrator\Desktop\测试样本\Goodforbestfeelings.vbs [Vbs.Trojan.Sagent.qcnw(aiScore=m)] [删除成功]
2026-3-16 21:52:56 MD5:a3d1581a8dfcccfe9e7bf3ab2b4fbb2d C:\Users\Administrator\Desktop\测试样本\3.15Svniayrvojcdubr137vrika3.exe [Win32.Trojan.Silverfox.Kcnw] [删除成功]
2026-3-16 21:53:03 MD5:bf90710f378c58f592f1a8325d2fafcf C:\Users\Administrator\Desktop\测试样本\signature.hta [Script.Trojan-Downloader.Generic.Udkl] [删除成功]
2026-3-16 21:53:03 MD5:ab7752fab3f572161a2a7afd8e2a25ac C:\Users\Administrator\Desktop\测试样本\HGU98765456789000.bat [Win32.Trojan-Dropper.Jandropper.fwnw(aiScore=m)] [删除成功]
2026-3-16 21:53:04 MD5:a7670e168af019717bf7c26210f3da82 C:\Users\Administrator\Desktop\测试样本\AWB 9165032030.exe [Msil.Trojan.Agenttesla.Rwhl] [删除成功]

复制代码

显示全部楼层 · 发表于昨天 21:59

本帖最后由 LacicMayu 于 2026-3-16 22:56 编辑

Bitdefender Endpoint Security Tools静态 7x

双击 11x 余4双击无反应/检查虚拟机

附EDR报告 https://qfile.qq.com/q/KOBZukenCw
补 Bitdefender 云沙箱查杀仅miss1

显示全部楼层 · 发表于昨天 22:00

本帖最后由谈谈MEMZ 于 2026-3-16 22:24 编辑

CYNET
由于控制台非常非常非常非常非常难用无法量化动态成绩

静态 7 个红伞引擎驱动
动态漏了多少不详反正漏飞边子了

控制台截图

受感染设备截图

[病毒样本] 【正式测试】卡饭病毒样本包 20260316 第283期

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源

本帖子中包含更多资源