PCSL 可疑恶意网站每日分析 20081006

显示全部楼层 · 发表于 2008-10-6 02:56:02

http://megapliki.interia.pl/download/MEGAPLIKI/SpeedX-pl(pobrane_z_megapliki).exe

复制代码

Multi Command-Line Scanner Report
-------------------------------------------------------------------------
D:\Threat Centre\Multi-scan\SpeedX-pl(pobrane_z_megapliki).exe
MD5 Hash: BD28D8DFD4F22E573C554C4037A4AC11
Type: Win32 Executable MS Visual C++ / Extension: .EXE

A-squared ----- Trojan-Dialer.HT!IK
Avast ----- Win32:Adware-gen [Adw]
Antivir ----- ADSPY/BetterInternet.IH.1
BitDefender ----- Nothing
ClamWin ----- Nothing
Dr.Web ----- Nothing
NOD32 ----- Nothing
F-prot ----- Nothing
Ikarus ----- Trojan-Dialer.HT
Jiangmin ----- Nothing
Kaspersky ----- not-a-virus:AdWare.Win32.BetterInternet.ih
Kingsoft ----- Nothing
Mcafee ----- Generic PUP.x.
Microsoft ----- Nothing
Norman ----- Nothing
Panda ----- Nothing
Sophos ----- Mal/Packer
Trend Micro ----- Cryp_Yodac
Vba32 ----- AdWare.Win32.BetterInternet.ih
VirusBuster ----- Packed/Yoda

*** 10/20 antivirus engines found virus in this file ***
-------------------------------------------------------------------------

Task done @ 2008-10-06 星期一 2:49:32.65

http://dl.targetsaver.com/2k/tsinstall_4_0_4_0_b4.exe

复制代码

Multi Command-Line Scanner Report
-------------------------------------------------------------------------
D:\Threat Centre\Multi-scan\tsinstall_4_0_4_0_b4.exe
MD5 Hash: 237A21A936337EFBDB04695C8957DEEE
Type: Wise Installer executable / Extension: .EXE

A-squared ----- Trojan-Downloader.Win32.TSUpdate.N!IK
Avast ----- Win32:Adware-gen [Adw]
Antivir ----- TR/Dldr.TSUpdat.F.3
BitDefender ----- Trojan.Downloader.Tsupdate.N
ClamWin ----- Trojan.Downloader.TSUp-13
Dr.Web ----- Trojan.DownLoader.5289
NOD32 ----- Win32/TrojanDownloader.TSUpdate.N trojan
F-prot ----- W32/Malware!c615
Ikarus ----- Trojan-Downloader.Win32.TSUpdate.N
Jiangmin ----- Nothing
Kaspersky ----- Trojan-Downloader.Win32.TSUpdate.n
Kingsoft ----- Win32.TrojDownloader.TSUpdate.n.1509364
Mcafee ----- Uploader-R.dr.
Microsoft ----- Adware:Win32/TargetSaver
Norman ----- Trojan DLoader.FDHO
Panda ----- Adware/Sqwire
Sophos ----- Mal/Emogen-G
Trend Micro ----- Adware_.6B8AA91E
Vba32 ----- Trojan-Downloader.Win32.TSUpdate.p
VirusBuster ----- Nothing

*** 18/20 antivirus engines found virus in this file ***
-------------------------------------------------------------------------

Task done @ 2008-10-06 星期一 2:46:20.71

http://randomnewnames.com/v/updates/getupd221.exe

复制代码

Multi Command-Line Scanner Report
-------------------------------------------------------------------------
D:\Threat Centre\Multi-scan\getupd221.exe
MD5 Hash: BCEF9EE0D0C8204D99C8C819AE958B9A
Type: Win32 Executable MS Visual C++ / Extension: .EXE

A-squared ----- Nothing
Avast ----- Nothing
Antivir ----- Nothing
BitDefender ----- Nothing
ClamWin ----- Nothing
Dr.Web ----- Nothing
NOD32 ----- Nothing
F-prot ----- Nothing
Ikarus ----- Nothing
Jiangmin ----- Nothing
Kaspersky ----- Nothing
Kingsoft ----- Nothing
Mcafee ----- Nothing
Microsoft ----- Adware:Win32/Arove.A
Norman ----- Nothing
Panda ----- Nothing
Sophos ----- Nothing
Trend Micro ----- Nothing
Vba32 ----- Nothing
VirusBuster ----- Nothing

*** 1/20 antivirus engines found virus in this file ***
-------------------------------------------------------------------------

Task done @ 2008-10-06 星期一 2:52:08.76

显示全部楼层 · 发表于 2008-10-6 04:58:52

铁壳呢

显示全部楼层 · 发表于 2008-10-6 11:02:08

铁壳的命令行正在联系

显示全部楼层 · 发表于 2008-10-6 12:08:45

打包上传....
3.rar
virus

显示全部楼层 · 发表于 2008-10-6 16:20:48

扫描的是什么工具？？

显示全部楼层 · 发表于 2008-10-6 22:34:28

实验室自主研发工具
由帅气的will同学和神秘的小A顾问一起合作完成

显示全部楼层 · 发表于 2008-10-7 11:16:05

好厉害！

[已鉴定] PCSL 可疑恶意网站每日分析 20081006

评分

回复 6楼 lanvin 的帖子