2008.10.25样本

显示全部楼层 · 发表于 2008-10-25 11:06:36

2008年10月25日采集样本8个.
如果您的安全软件无法查杀,请及时上报.
谢谢

2008.10.25.rar

显示全部楼层 · 发表于 2008-10-25 11:10:54

风险程序 2008-10-25  11:10:36 C:\Documents and Settings\Administrator\桌面\2008.10.25\40C9B1D3.exe Win32.HackTool.RessdtT.cq.2784 隔离成功
病毒 2008-10-25  11:10:34 C:\Documents and Settings\Administrator\桌面\2008.10.25\4B234DFC.exe Win32.TrojDownloader.Unknown.196608 隔离成功
病毒 2008-10-25  11:10:18 病毒在文件C:\Documents and Settings\Administrator\桌面\2008.10.25\4AE2BD59.exe中 JS.RealPlr.ix.1235 处理成功（操作：删除）
病毒 2008-10-25  11:10:16 病毒在文件C:\Documents and Settings\Administrator\桌面\2008.10.25\498D39C3.exe中 Win32.TrojDownloader.Delf.495631 处理成功（操作：删除）
病毒 2008-10-25  11:10:14 病毒在文件C:\Documents and Settings\Administrator\桌面\2008.10.25\4715525E.exe中 Win32.Troj.Agent.458240 处理成功（操作：删除）

显示全部楼层 · 发表于 2008-10-25 11:11:01

42349E64.exe - Win32/Pacex.Gen 病毒的变种
44571294.exe - Win32/TrojanDownloader.FakeAlert.LL 特洛伊木马
4715525E.exe - Win32/Agent.NPF 特洛伊木马
498D39C3.exe - Win32/Spy.Pachat.U 特洛伊木马
4AE2BD59.exe - JS/Exploit.RealPlay.LF 特洛伊木马
4B234DFC.exe > NSIS > 28.exe - Win32/Adware.Cinmus 应用程序的变种
4D02FB76.exe - Win32/TrojanDownloader.FakeAlert.IV 特洛伊木马

NOD KILL 剩一个上报

[ 本帖最后由 lingbo110120 于 2008-10-25 11:12 编辑 ]

显示全部楼层 · 发表于 2008-10-25 11:20:42

Begin scan in 'E:\Download\Virus\25'
E:\Download\Virus\25\40C9B1D3.exe
[DETECTION] Contains recognition pattern of the RKIT/Agent.cbw root kit
[NOTE]    The file was deleted!
E:\Download\Virus\25\42349E64.exe
[DETECTION] Is the TR/ATRAPS.Gen Trojan
[NOTE]    The file was deleted!
E:\Download\Virus\25\44571294.exe
[DETECTION] Is the TR/Agent.97280.7 Trojan
[NOTE]    The file was deleted!
E:\Download\Virus\25\4715525E.exe
[DETECTION] Is the TR/Agent.ageb Trojan
[NOTE]    The file was deleted!
E:\Download\Virus\25\498D39C3.exe
[DETECTION] Is the TR/Dldr.Delf.oyk.1 Trojan
[NOTE]    The file was deleted!
E:\Download\Virus\25\4AE2BD59.exe
[DETECTION] Contains recognition pattern of the JS/Dldr.Agent.SI Java script virus
[NOTE]    The file was deleted!
E:\Download\Virus\25\4D02FB76.exe
[DETECTION] Is the TR/FraudPack.aho Trojan
[NOTE]    The file was deleted!

显示全部楼层 · 发表于 2008-10-25 11:30:26

木马名称:Trojan.Win32.FraudPack.bi
程序:
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\2008[1].10.25\4D02FB76.EXE
是木马程序!
已成功阻止其运行,是否要删除此文件?

显示全部楼层 · 发表于 2008-10-25 11:34:05

kaspersky miss1

显示全部楼层 · 发表于 2008-10-25 12:38:42

使用G DATA AntiVirus检测
版本 19.0.0.54 (2008/10/14)
病毒特征库日期 2008/10/25
开始时间： 2008/10/25 12:36
引擎：引擎A (AVA 19.1007), 引擎B (AVB 19.78)
启发式：开启
档案文件：开启
系统区域：开启
检测rootkits：开启

检测系统区域...
检测以下目录和文件：
C:\Documents and Settings\Administrator\桌面\25\

对象： 42349E64.exe
路径: C:\Documents and Settings\Administrator\桌面\25
状态：病毒，文件被删除
病毒： Packer.Malware.NSAnti.1 (引擎 A)
对象： 40C9B1D3.exe
路径: C:\Documents and Settings\Administrator\桌面\25
状态：病毒，文件被删除
病毒： Win32:Trojan-gen {Other} (引擎 B)
对象： 4715525E.exe
路径: C:\Documents and Settings\Administrator\桌面\25
状态：病毒，文件被删除
病毒： Backdoor.Oderoor.EI (引擎 A)
对象： 498D39C3.exe
路径: C:\Documents and Settings\Administrator\桌面\25
状态：病毒，文件被删除
病毒： Trojan.Agent.Delf.JZ (引擎 A)
对象： 44571294.exe
路径: C:\Documents and Settings\Administrator\桌面\25
状态：病毒，文件被删除
病毒： Win32:Trojan-gen {Other} (引擎 B)
对象： 4AE2BD59.exe
路径: C:\Documents and Settings\Administrator\桌面\25
状态：病毒，文件被删除
病毒： Trojan.Exploit.Js.Agent.AR (引擎 A)
对象： 4D02FB76.exe
路径: C:\Documents and Settings\Administrator\桌面\25
状态：病毒，文件被删除
病毒： Trojan.Downloader.Agent.ZRL (引擎 A)
对象： $[32]\28.exe\[ASProtect]
在压缩档案中： C:\Documents and Settings\Administrator\桌面\25\4B234DFC.exe
状态：发现病毒
病毒： Win32:Cinmus-L [Trj] (引擎 B)
对象： 4B234DFC.exe
路径: C:\Documents and Settings\Administrator\桌面\25
状态：病毒，文件被删除
病毒： Win32:Cinmus-L [Trj] (引擎 B)

扫描完成于： 2008/10/25 12:36
8个文件已检测
8个受感染文件已发现
0个可疑文件已发现

显示全部楼层 · 发表于 2008-10-25 12:56:18

诺顿nis2009和sep都没有查到
一个也没有发现,O(∩_∩)O哈哈~

压缩加密了,没法解压

显示全部楼层 · 发表于 2008-10-25 13:04:33

我只能说样本区小白不宜

显示全部楼层 · 发表于 2008-10-25 13:10:38

Scan Stats:
  Scan Time: 3 seconds
  Scan Options:
  Scan Targets: D:\Virus\2008.10.25\2008.10.25.zip
  Counts:
Total items scanned: 9
- Files & Directories: 9
- Registry Entries: 0
- Processes & Start-up Items: 0
- Network & Browser Items: 0
- Other: 0
- Trusted Files: 0
- Skipped Files: 0

Total security risks detected: 7
Total items resolved: 7
Total items that require attention: 0

Resolved Threats:
Infostealer.Gampass
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
[40c9b1d3.exe] inside of [d:\virus\2008.10.25\2008.10.25.zip] - Deleted

Trojan.Packed.NsAnti
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
[42349e64.exe] inside of [d:\virus\2008.10.25\2008.10.25.zip] - Deleted

Downloader
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
[44571294.exe] inside of [d:\virus\2008.10.25\2008.10.25.zip] - Deleted

Trojan Horse
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
[4715525e.exe] inside of [d:\virus\2008.10.25\2008.10.25.zip] - Deleted

Trojan Horse
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
[498d39c3.exe] inside of [d:\virus\2008.10.25\2008.10.25.zip] - Deleted

Packed.Generic.187
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
[4d02fb76.exe] inside of [d:\virus\2008.10.25\2008.10.25.zip] - Deleted

Suspicious.AH.35
Type: Compressed
Risk: Medium (Medium Stealth, Medium Removal, Medium Performance, Medium Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
[4d02fb76.exe] inside of [d:\virus\2008.10.25\2008.10.25.zip] - Deleted

[病毒样本] 2008.10.25样本

本帖子中包含更多资源

回复 8楼 htshandong 的帖子