未发怖过的video.cfg(CodecPack)

显示全部楼层 · 发表于 2008-10-26 23:51:31

Hello,

video(1).cfg, video(10).cfg, video(11).cfg, video(12).cfg, video(13).cfg, video(14).cfg, video(15).cfg, video(16).cfg, video(17).cfg, video(18).cfg, video(19).cfg, video(2).cfg, video(20).cfg, video(21).cfg, video(22).cfg, video(23).cfg, video(24).cfg, video(25).cfg, video(26).cfg, video(27).cfg, video(28).cfg, video(29).cfg, video(3).cfg, video(30).cfg, video(31).cfg, video(32).cfg, video(33).cfg, video(34).cfg, video(35).cfg, video(36).cfg, video(37).cfg, video(38).cfg, video(39).cfg, video(4).cfg, video(40).cfg, video(41).cfg, video(42).cfg, video(43).cfg, video(44).cfg, video(45).cfg, video(46).cfg, video(47).cfg, video(48).cfg, video(49).cfg, video(5).cfg, video(50).cfg, video(51).cfg, video(52).cfg, video(53).cfg, video(54).cfg, video(55).cfg, video(56).cfg, video(57).cfg, video(58).cfg, video(59).cfg, video(6).cfg, video(7).cfg, video(8).cfg, video(9).cfg - Trojan-Downloader.Win32.CodecPack.ge

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Please quote all when answering.
The answer is relevant to the latest bases from update sources.

--
Best regards, Andrey Ladikov
Virus analyst, Kaspersky Lab.
e-mail: newvirus@kaspersky.com
http://www.kaspersky.com/

http://www.kaspersky.com/virusscanner - free online virus scanner.
http://www.kaspersky.com/helpdesk.html - technical support.

显示全部楼层 · 发表于 2008-10-26 23:58:17

File ID    Filename    Size (Byte) Result
25172754    1026temp@.rar 283.91 KB OK
A listing of files contained inside archives alongside their results can be found below:

File ID    Filename    Size (Byte) Result
25172755    video(2).cfg    72.5 KB    UNDER ANALYSIS

显示全部楼层 · 发表于 2008-10-27 01:26:00

应该有人上报给卡巴过吧

显示全部楼层 · 发表于 2008-10-27 07:19:12

Multi Command-Line Scanner Report
-------------------------------------------------------------------------
D:\Desk\Samples\Collect\MCLS\video(1).cfg
MD5 Hash: 3C266BD0F47C4F77FA2739802F35E94A
Type: UPX compressed Win32 Executable / Extension: .EXE

A-squared ----- Nothing
Avast ----- Win32:Trojan-gen {Other}
Avg ----- Downloader.Zlob_r.CY
Antivir ----- Nothing
BitDefender ----- Nothing
ClamWin ----- Nothing
Dr.Web ----- Nothing
NOD32 ----- Nothing
Ikarus ----- Nothing
Jiangmin ----- Nothing
Kaspersky ----- Trojan-Downloader.Win32.CodecPack.ge
Kingsoft ----- Win32.Troj.Agent.180228
Vba32 ----- Nothing

*** 4/13 antivirus engines found virus in this file ***
-------------------------------------------------------------------------
D:\Desk\Samples\Collect\MCLS\video(2).cfg
MD5 Hash: E1B2E7DA196910FE1814EFCAD5005579
Type: UPX compressed Win32 Executable / Extension: .EXE

A-squared ----- Nothing
Avast ----- Win32:Trojan-gen {Other}
Avg ----- Downloader.Zlob_r.CY
Antivir ----- Nothing
BitDefender ----- Nothing
ClamWin ----- Nothing
Dr.Web ----- Nothing
NOD32 ----- Nothing
Ikarus ----- Nothing
Jiangmin ----- Nothing
Kaspersky ----- Trojan-Downloader.Win32.CodecPack.ge
Kingsoft ----- Win32.Troj.Agent.180228
Vba32 ----- Nothing

*** 4/13 antivirus engines found virus in this file ***
-------------------------------------------------------------------------
D:\Desk\Samples\Collect\MCLS\video(3).cfg
MD5 Hash: 4AE8B8EF842F0463CB7E3F469C41A708
Type: UPX compressed Win32 Executable / Extension: .EXE

A-squared ----- Nothing
Avast ----- Win32:Trojan-gen {Other}
Avg ----- Downloader.Zlob_r.CY
Antivir ----- Nothing
BitDefender ----- Nothing
ClamWin ----- Nothing
Dr.Web ----- Nothing
NOD32 ----- Nothing
Ikarus ----- Nothing
Jiangmin ----- Nothing
Kaspersky ----- Trojan-Downloader.Win32.CodecPack.ge
Kingsoft ----- Win32.Troj.Agent.180228
Vba32 ----- Nothing

*** 4/13 antivirus engines found virus in this file ***
-------------------------------------------------------------------------
D:\Desk\Samples\Collect\MCLS\video(4).cfg
MD5 Hash: 7FD12BB3150327E347D1E403018F75A7
Type: UPX compressed Win32 Executable / Extension: .EXE

A-squared ----- Nothing
Avast ----- Win32:Trojan-gen {Other}
Avg ----- Downloader.Zlob_r.CY
Antivir ----- Nothing
BitDefender ----- Nothing
ClamWin ----- Nothing
Dr.Web ----- Nothing
NOD32 ----- Nothing
Ikarus ----- Nothing
Jiangmin ----- Nothing
Kaspersky ----- Trojan-Downloader.Win32.CodecPack.ge
Kingsoft ----- Win32.Troj.Agent.180228
Vba32 ----- Nothing

*** 4/13 antivirus engines found virus in this file ***
-------------------------------------------------------------------------

Task done @ 2008/10/27 һ  7:18:43.64

显示全部楼层 · 发表于 2008-10-27 13:13:35

Begin scan in 'E:\Download\Virus\1026temp@.rar'
E:\Download\Virus\1026temp@.rar
[0] Archive type: RAR
--> video(3).cfg
   [DETECTION] Is the TR/Agent.akax Trojan
--> video(4).cfg
   [DETECTION] Is the TR/Agent.akax Trojan
--> video(1).cfg
   [DETECTION] Is the TR/Agent.akax Trojan
--> video(2).cfg
   [DETECTION] Is the TR/Agent.akax Trojan
[NOTE]    The file was deleted!

显示全部楼层 · 发表于 2008-10-27 16:31:57

原帖由 sanhu35 于 2008-10-27 01:26 发表
应该有人上报给卡巴过吧

那人便是我

显示全部楼层 · 发表于 2008-10-27 16:36:08

Scan Stats:
  Scan Time: 2 seconds
  Scan Options:
  Scan Targets: D:\Virus\1026temp@.rar
  Counts:
Total items scanned: 6
- Files & Directories: 6
- Registry Entries: 0
- Processes & Start-up Items: 0
- Network & Browser Items: 0
- Other: 0
- Trusted Files: 0
- Skipped Files: 0

Total security risks detected: 4
Total items resolved: 4
Total items that require attention: 0

Resolved Threats:
Risks in compressed file "1026temp@.rar"
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
4 Files
d:\virus\1026temp@.rar - Deleted

显示全部楼层 · 发表于 2008-10-27 16:44:32

有卡巴忙的了

显示全部楼层 · 发表于 2008-10-27 20:19:22

McAfee 全灭。。

video(1).cfg    downloader-bkm
video(2).cfg    downloader-bkm
video(3).cfg    downloader-bkm
video(4).cfg    downloader-bkm

显示全部楼层 · 发表于 2008-10-27 21:04:25

[病毒样本] 未发怖过的video.cfg(CodecPack)

本帖子中包含更多资源

回复 6楼 kato9096 的帖子

本帖子中包含更多资源

浏览过的版块