源源不断，瑞星免杀

显示全部楼层 · 发表于 2008-5-7 23:20:39

00006F90 00406F90    0 http://www.laidown.com.cn/js/js0.exe
00006FE8 00406FE8    0 gain.exe
00006FFC 00406FFC    0 monkav.exe
00007008 00407008    0 http://www.laidown.com.cn/js/js.exe
00007064 00407064    0 a0.exe
00007074 00407074    0 xia2.exe
00007080 00407080    0 http://www.laidown.com.cn/js/js1.exe
000070C8 004070C8    0 xia3.exe
000070D4 004070D4    0 http://www.laidown.com.cn/js/js2.exe
0000711C 0040711C    0 xia4.exe
00007128 00407128    0 http://www.laidown.com.cn/js/js3.exe
00007170 00407170    0 xia5.exe
0000717C 0040717C    0 http://www.laidown.com.cn/js/js4.exe
000071C4 004071C4    0 xia6.exe
000071D0 004071D0    0 http://www.laidown.com.cn/js/js5.exe
00007218 00407218    0 xia7.exe
00007224 00407224    0 http://www.laidown.com.cn/js/js6.exe
0000726C 0040726C    0 xia8.exe
00007278 00407278    0 http://www.laidown.com.cn/js/js7.exe
000072C0 004072C0    0 xia9.exe
000072CC 004072CC    0 http://www.laidown.com.cn/js/js8.exe
00007314 00407314    0 xia10.exe
00007320 00407320    0 http://www.laidown.com.cn/js/js9.exe
00007368 00407368    0 xia11.exe
00007374 00407374    0 http://www.laidown.com.cn/js/js10.exe
000073BC 004073BC    0 xia12.exe
000073C8 004073C8    0 http://ww1.laidown.com.cn/js/js11.exe
00007410 00407410    0 xia13.exe
0000741C 0040741C    0 http://ww1.laidown.com.cn/js/js12.exe
00007464 00407464    0 xia14.exe
00007470 00407470    0 http://ww1.laidown.com.cn/js/js13.exe
000074B8 004074B8    0 xia15.exe
000074C4 004074C4    0 http://ww1.laidown.com.cn/js/js14.exe
0000750C 0040750C    0 xia16.exe
00007518 00407518    0 http://ww1.laidown.com.cn/js/js15.exe
00007560 00407560    0 xia17.exe
0000756C 0040756C    0 http://ww1.laidown.com.cn/js/js16.exe
000075B4 004075B4    0 xia18.exe
000075C0 004075C0    0 http://ww1.laidown.com.cn/js/js17.exe
00007608 00407608    0 xia19.exe
00007614 00407614    0 http://ww1.laidown.com.cn/js/js18.exe
0000765C 0040765C    0 xia20.exe
00007668 00407668    0 http://ww1.laidown.com.cn/js/js19.exe
000076B0 004076B0    0 xia21.exe
000076BC 004076BC    0 http://ww1.laidown.com.cn/js/js20.exe
00007704 00407704    0 xia22.exe
00007710 00407710    0 http://ww2.laidown.com.cn/js/js21.exe
00007758 00407758    0 xia23.exe
00007764 00407764    0 http://ww2.laidown.com.cn/js/js22.exe
000077AC 004077AC    0 xia24.exe
000077B8 004077B8    0 http://ww2.laidown.com.cn/js/js23.exe
00007800 00407800    0 xia25.exe
0000780C 0040780C    0 http://ww2.laidown.com.cn/js/js24.exe
00007854 00407854    0 xia26.exe
00007860 00407860    0 http://ww2.laidown.com.cn/js/js25.exe
000078A8 004078A8    0 xia27.exe
000078B4 004078B4    0 http://ww2.laidown.com.cn/js/js26.exe
000078FC 004078FC    0 xia28.exe
00007908 00407908    0 http://ww2.laidown.com.cn/js/js27.exe
00007950 00407950    0 xia29.exe
0000795C 0040795C    0 http://ww2.laidown.com.cn/js/js28.exe
000079A4 004079A4    0 xia30.exe
000079B0 004079B0    0 http://ww2.laidown.com.cn/js/js29.exe
000079F8 004079F8    0 xia31.exe
00007A04 00407A04    0 http://ww2.laidown.com.cn/js/js30.exe
00007A4C 00407A4C    0 xia32.exe
00007A58 00407A58    0 http://ww3.laidown.com.cn/js/js31.exe
00007AA0 00407AA0    0 xia33.exe
00007AAC 00407AAC    0 http://ww3.laidown.com.cn/js/js32.exe
00007AF4 00407AF4    0 xia34.exe
00007B00 00407B00    0 http://ww3.laidown.com.cn/js/js33.exe
00007B48 00407B48    0 xia35.exe
00007B54 00407B54    0 http://ww3.laidown.com.cn/js/js34.exe
00007B9C 00407B9C    0 xia36.exe
00007BA8 00407BA8    0 http://ww3.laidown.com.cn/js/js35.exe

显示全部楼层 · 发表于 2008-5-7 23:21:36

沙发呀。下下来用江民扫描看看。

显示全部楼层 · 发表于 2008-5-7 23:22:33

样本区里的dd对于瑞X来说ms多是免杀……嘿嘿！！！

显示全部楼层 · 发表于 2008-5-7 23:28:15

第一个卡巴无视，第二个拦截

下载者 Trojan-Downloader.Win32.Losabel.jc

显示全部楼层 · 发表于 2008-5-7 23:32:26

TO KL

显示全部楼层 · 发表于 2008-5-7 23:39:08

CdBBP.rar那个压缩包运行下一看就是梦幻木马5月4日版本生成的。

显示全部楼层 · 发表于 2008-5-7 23:49:06

准确地说是下载者的变种，因为之前运行的样本跟现在的样本所产生的木马不一样，杀软都不能完全辨认了。

显示全部楼层 · 发表于 2008-5-7 23:57:54

显示全部楼层 · 发表于 2008-5-8 05:16:08

这个微点真吓人,看他半天没反应还以为给过了呢.谁知道一分钟后才报.

[病毒样本] 源源不断，瑞星免杀

本帖子中包含更多资源

那个exe文件是下载者

回复 2楼 EQ2 的帖子

本帖子中包含更多资源

本帖子中包含更多资源