找到一个“小红伞汉化补丁”

绅博周幸

AhnLab-V3	2008.5.10.0	2008.05.10	-
AntiVir	7.8.0.17	2008.05.09	BDS/Hupigon.Gen
Authentium	4.93.8	2008.05.11	-
Avast	4.8.1169.0	2008.05.10	Win32:Hupigon-YY
AVG	7.5.0.516	2008.05.10	-
BitDefender	7.2	2008.05.08	-
CAT-QuickHeal	9.50	2008.05.10	-
ClamAV	0.92.1	2008.05.10	-
DrWeb	4.44.0.09170	2008.05.10	-
eSafe	7.0.15.0	2008.05.09	suspicious Trojan/Worm
eTrust-Vet	31.4.5772	2008.05.09	-
Ewido	4.0	2008.05.10	-
F-Prot	4.4.2.54	2008.05.10	-
F-Secure	6.70.13260.0	2008.05.10	Hupigon.gen110
Fortinet	3.14.0.0	2008.05.11	-
Ikarus	T3.1.1.26	2008.05.11	Backdoor.Pigeon.775
Kaspersky	7.0.0.125	2008.05.11	-
McAfee	5292	2008.05.10	-
Microsoft	1.3408	2008.05.11	-
NOD32v2	3090	2008.05.09	-
Norman	5.80.02	2008.05.09	Hupigon.gen110
Panda	9.0.0.4	2008.05.10	Suspicious file
Prevx1	V2	2008.05.11	-
Rising	20.43.52.00	2008.05.10	-
Sophos	4.29.0	2008.05.11	Mal/GrayBird-B
Sunbelt	3.0.1097.0	2008.05.07	VIPRE.Suspicious
Symantec	10	2008.05.11	-
TheHacker	6.2.92.307	2008.05.11	-
VBA32	3.12.6.5	2008.05.10	-
VirusBuster	4.3.26:9	2008.05.10	-
Webwasher-Gateway	6.6.2	2008.05.09	Trojan.Backdoor.Hupigon.Gen

附加信息

File size: 728576 bytes

MD5...: 572fa2f40e353e00c226dfe063d0b195

SHA1..: 70933f9bdd44e5c0d29cb552f7f2dd0f01de74c4

SHA256: 54bdea15eccf43c255ac16b41fa7e89211b4cc8a6601dd4c59102a337c158f34

SHA512: 36e8cc9823da235be12ae5ba6e6b0657154e90b8bc2361453d3e56205e1c9fdb 89d0d2606dce523c4607b0a7b5c276f4b34a92715ff8107ca7f1e351bd8557e3

PEiD..: -

PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x592024 timedatestamp.....: 0x4780e4c5 (Sun Jan 06 14:25:09 2008) machinetype.......: 0x14c (I386) ( 8 sections ) name viradd virsiz rawdsiz ntrpy md5 0x1000 0xdb000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e 0xdc000 0x61000 0x60c00 7.98 e8ee4923629e73b6141dc7f9ec7f1375 0x13d000 0x2000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e 0x13f000 0x3000 0x2200 7.98 d957f6a2e7d251a5d6abe63b4f52ba6e 0x142000 0x1000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e .data 0x143000 0x4f000 0x4ea00 7.93 510fc9d63187a4d36bc4a1963483a7e8 .adata 0x192000 0x1000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e .text 0x192000 0x200 0x200 7.00 651ab250b67996717106b7d24d1b14dd ( 22 imports ) > kernel32.dll: GetProcAddress, GetModuleHandleA, LoadLibraryA > user32.dll: CreateWindowExA > advapi32.dll: SetSecurityInfo > msacm32.dll: acmFormatChooseA > oleaut32.dll: SafeArrayPtrOfIndex > gdi32.dll: UnrealizeObject > comctl32.dll: ImageList_SetIconSize > ws2_32.dll: WSAIoctl > shell32.dll: Shell_NotifyIconA > wininet.dll: InternetReadFile > advapi32.dll: StartServiceA > mpr.dll: WNetOpenEnumA > winmm.dll: waveOutWrite > user32.dll: GetKeyboardType > wsock32.dll: WSACleanup > avicap32.dll: capCreateCaptureWindowA > version.dll: VerQueryValueA > advapi32.dll: ReportEventA > oleaut32.dll: SysFreeString > advapi32.dll: RegQueryValueExA > oleaut32.dll: VariantChangeTypeEx > kernel32.dll: RaiseException ( 0 exports )

注意: VirusTotal 是 Hispasec Sistemas 提供的免费服务. 我们不保证任何该服务的可用性和持续性. 尽管使用多种反病毒引擎所提供的检测率优于使用单一产品, 但这些结果并不保证文件无害. 目前来说, 没有任何一种解决方案可以提供 100% 的病毒和恶意软件检测率. 如果您购买了一款声称具有此能力的产品, 那么您可能已经成为受害者.

绅博周幸

貌似主流的全部扫不出来

无尽藏海

Joker

C:\Documents and Settings\Administrator\桌面\小红伞汉化补丁.rar>>小红伞汉化补丁.exe        Heuri.Suspicious.EROS        启发式扫描        还未处理

tracydk

原帖由 无尽藏海 于 2008-5-11 14:19 发表

...........不说什么了

Palkia

kv 0

sam.to

上报KL

[ 本帖最后由 kato9096 于 2008-5-11 15:14 编辑 ]

sam.to

Hello,

#######.exe_ - Backdoor.Win32.Hupigon.bvqg

New malicious software was found in this file. It's detection will be included in the next update. Thank you for your help.

Please quote all when answering.

--
Best regards, Kirill Erakhtin
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.

yinqi190

卡巴 没反应啊

qigang

8，9楼怎么回事？