2008.11.11光棍节样本

kavfans99

E096FD68.exe 是病毒吗？看起来不像耶.....

aelbert

卡巴2009
2008-11-11 16:05:10        检测到威胁        卡巴斯基全功能安全软件                               
2008-11-11 16:05:17        检测到威胁        卡巴斯基全功能安全软件                               
2008-11-11 16:05:19        检测到威胁        卡巴斯基全功能安全软件                               
2008-11-11 16:05:27        检测到威胁        卡巴斯基全功能安全软件                               
2008-11-11 16:05:30        检测到威胁        卡巴斯基全功能安全软件                               
2008-11-11 16:05:33        检测到威胁        卡巴斯基全功能安全软件                               
2008-11-11 16:05:46        检测到威胁        卡巴斯基全功能安全软件                               
2008-11-11 16:06:02        检测到威胁        卡巴斯基全功能安全软件                               
2008-11-11 16:06:04        检测到威胁        卡巴斯基全功能安全软件                               
2008-11-11 16:06:11        检测到威胁        卡巴斯基全功能安全软件                               
2008-11-11 16:06:16        检测到威胁        卡巴斯基全功能安全软件                               
2008-11-11 16:06:18        检测到威胁        卡巴斯基全功能安全软件

will

  Total Command-Line Scanner Report
-------------------------------------------------------------------------
  Report for Jiangmin Command-Line Scanner :

  D19B297B.exe ----- Trojan/Obfuscated.rpb  
  D3710E27.exe ----- TrojanSpy.Banker.sby  
  D5EE40DF.exe ----- TrojanSpy.Magania.egu  
  D70E144D.exe ----- TrojanDownloader.Delf.ahj  
  DD02D2C0.exe ----- Backdoor/Huigezi.scp  
  DEAFB95F.exe ----- Trojan/PSW.Magania.cok  
  E096FD68.exe ----- TrojanDownloader.ACVE.h  
  E53876CF.exe ----- TrojanDownloader.Delf.ahj  
  E7FB5468e.exe ----- TrojanDownloader.Delf.ahj  

  Jiangmin found 9 detections in 12 files.
-------------------------------------------------------------------------
  Task done @ 2008/11/11 二 17:15:22.34

will

Multi Command-Line Scanner Report
-------------------------------------------------------------------------   
D:\Desk\Samples\Collect\MCLS\D19B297B.exe   
Type: Win32 Executable MS Visual C++ / Extension: .EXE   
MD5 Hash: 8618C9FC5C0D732323936A5157FB1C4A   

A-squared ----- Virus.Win32.Swizzor!IK    
Avast ----- Win32:Swizzor-N [Trj]    
Avg ----- Generic11.ARLE     
Antivir ----- TR/Dldr.Swizzor.Gen    
BitDefender ----- Trojan.Generic.959868    
ClamWin ----- Nothing   
Dr.Web ----- Nothing   
Eset ----- Nothing   
Ikarus ----- Virus.Win32.Swizzor    
Jiangmin ----- Trojan/Obfuscated.rpb    
Kaspersky ----- Trojan.Win32.Obfuscated.gen    
Kingsoft ----- Win32.Troj.Obfuscated.463360    
Vba32 ----- OScope.Trojan.BagsWay.C    

*** 10/13 antivirus engines found virus in this file ***   
-------------------------------------------------------------------------   
D:\Desk\Samples\Collect\MCLS\D33B012A.exe   
Type: Win32 Executable Generic / Extension: .EXE   
MD5 Hash: 6E6A7266798B1821194CD425761992C6   

A-squared ----- Trojan.Win32.Helpud.A!IK    
Avast ----- Win32:Gamona [Trj]    
Avg ----- PSW.OnlineGames.2.AE     
Antivir ----- TR/Crypt.XPACK.Gen    
BitDefender ----- Packer.Malware.NSAnti.1    
ClamWin ----- Trojan.Magania-7060    
Dr.Web ----- Trojan.Nsanti.Packed    
Eset ----- a variant of Win32/Pacex.Gen virus    
Ikarus ----- Trojan.Win32.Helpud.A    
Jiangmin ----- Nothing   
Kaspersky ----- Trojan-GameThief.Win32.Magania.afek    
Kingsoft ----- Win32.Troj.OnlineGamesT.qv.139259    
Vba32 ----- Trojan-GameThief.Win32.Magania.afek    

*** 12/13 antivirus engines found virus in this file ***   
-------------------------------------------------------------------------   
D:\Desk\Samples\Collect\MCLS\D3710E27.exe   
Type: DOS Executable Generic / Extension: .EXE   
MD5 Hash: 0BA9BC46411A36A40F286337556E400C   

A-squared ----- Trojan-Spy.Win32.Banker.ahy!IK    
Avast ----- Win32:Trojan-gen {Other}    
Avg ----- PSW.Banker4.AOAT     
Antivir ----- TR/Crypt.CFI.Gen    
BitDefender ----- Trojan.Generic.866001    
ClamWin ----- Trojan.Bancos-14519    
Dr.Web ----- Trojan.PWS.Banker.origin    
Eset ----- a variant of Win32/Spy.Banker.OYT trojan    
Ikarus ----- Trojan-Spy.Win32.Banker.ahy    
Jiangmin ----- TrojanSpy.Banker.sby    
Kaspersky ----- Trojan-Banker.Win32.Banker.ycs    
Kingsoft ----- Nothing   
Vba32 ----- Trojan-Spy.xBank.51    

*** 12/13 antivirus engines found virus in this file ***   
-------------------------------------------------------------------------   
D:\Desk\Samples\Collect\MCLS\D5EE40DF.exe   
Type: Win32 Executable Generic / Extension: .EXE   
MD5 Hash: 3E5AD9B5DF40AC37A0E45F83EDA7AC3F   

A-squared ----- Trojan.Win32.Helpud.A!IK    
Avast ----- Win32:Gamona [Trj]    
Avg ----- PSW.OnlineGames.2.AE     
Antivir ----- TR/Crypt.XPACK.Gen    
BitDefender ----- Packer.Malware.NSAnti.1    
ClamWin ----- Trojan.Magania-7041    
Dr.Web ----- Trojan.Nsanti.Packed    
Eset ----- a variant of Win32/Pacex.Gen virus    
Ikarus ----- Trojan.Win32.Helpud.A    
Jiangmin ----- TrojanSpy.Magania.egu    
Kaspersky ----- Trojan-GameThief.Win32.Magania.affu    
Kingsoft ----- Win32.Troj.OnlineGamesT.qv.139259    
Vba32 ----- Trojan-GameThief.Win32.Magania.affu    

*** 13/13 antivirus engines found virus in this file ***   
-------------------------------------------------------------------------   
D:\Desk\Samples\Collect\MCLS\D70E144D.exe   
Type: Win32 Executable Generic / Extension: .EXE   
MD5 Hash: 85C32E6B8A946DB620C028554827E5DE   

A-squared ----- Virus.Trojan.Win32.Agent.gam!IK    
Avast ----- Win32:Delf-HJO [Trj]    
Avg ----- PSW.Generic6.AGFC     
Antivir ----- TR/Dldr.Delf.oyk.1    
BitDefender ----- Trojan.Agent.Delf.JZ    
ClamWin ----- Trojan.Downloader-56563    
Dr.Web ----- Trojan.DownLoad.6025    
Eset ----- Win32/Spy.Pachat.U trojan    
Ikarus ----- Virus.Trojan.Win32.Agent.gam    
Jiangmin ----- TrojanDownloader.Delf.ahj    
Kaspersky ----- Trojan-Downloader.Win32.Delf.oyw    
Kingsoft ----- Win32.TrojDownloader.Delf.495631    
Vba32 ----- Trojan-Downloader.Win32.Delf.oyw    

*** 13/13 antivirus engines found virus in this file ***   
-------------------------------------------------------------------------   
D:\Desk\Samples\Collect\MCLS\DBC8CB27.exe   
Type: Win32 EXE PECompact compressed / Extension: .EXE   
MD5 Hash: BCCAB0AE922F566F0E78FDC0E4BE1362   

A-squared ----- Virus.Win32.QQPass.QF!IK    
Avast ----- Win32:Virtualizer [Cryp]    
Avg ----- PSW.Lineage.BAX     
Antivir ----- TR/Dropper.Gen    
BitDefender ----- GenPack:Trojan.Spy.Delf.NRT    
ClamWin ----- Nothing   
Dr.Web ----- Trojan.PWS.Gamania.13532    
Eset ----- a variant of Win32/PSW.Lineage.NGS trojan    
Ikarus ----- Virus.Win32.QQPass.QF    
Jiangmin ----- Nothing   
Kaspersky ----- Packed.Win32.PePatch.jf    
Kingsoft ----- Win32.Hack.MaskPET.a.36864    
Vba32 ----- Embedded.MalwareScope.Trojan-PSW.Game.13    

*** 11/13 antivirus engines found virus in this file ***   
-------------------------------------------------------------------------   
D:\Desk\Samples\Collect\MCLS\DD02D2C0.exe   
Type: Generic Win/DOS Executable / Extension: .EXE   
MD5 Hash: 002B4CB1853AB4B01B98CF8FD9301B3C   

A-squared ----- Backdoor.Win32.Hupigon!IK    
Avast ----- Win32:Rootkit-gen [Rtk]    
Avg ----- PSW.OnlineGames_r.R     
Antivir ----- TR/Rootkit.Gen    
BitDefender ----- Backdoor.Hupigon.ZXJ    
ClamWin ----- Nothing   
Dr.Web ----- Nothing   
Eset ----- a variant of Win32/Rootkit.Ressdt.NAH trojan    
Ikarus ----- Backdoor.Win32.Hupigon    
Jiangmin ----- Backdoor/Huigezi.scp    
Kaspersky ----- Backdoor.Win32.Hupigon.csoo    
Kingsoft ----- Win32.Hack.Huigezi.4224    
Vba32 ----- Backdoor.Win32.Hupigon.csoo    

*** 11/13 antivirus engines found virus in this file ***   
-------------------------------------------------------------------------   
D:\Desk\Samples\Collect\MCLS\DEAFB95F.exe   
Type: Win32 Executable Generic / Extension: .EXE   
MD5 Hash: 6041D93D3B11FEC4051E2465F38F7E9D   

A-squared ----- Worm.Win32.Viking.ex!IK    
Avast ----- Win32:Gamona [Trj]    
Avg ----- PSW.OnlineGames.2.AE     
Antivir ----- TR/Crypt.XPACK.Gen    
BitDefender ----- Packer.Malware.NSAnti.1    
ClamWin ----- Trojan.Magania-7375    
Dr.Web ----- Trojan.Nsanti.Packed    
Eset ----- Win32/PSW.OnLineGames.NNM trojan    
Ikarus ----- Worm.Win32.Viking.ex    
Jiangmin ----- Trojan/PSW.Magania.cok    
Kaspersky ----- Trojan-GameThief.Win32.Magania.afva    
Kingsoft ----- Win32.Troj.OnlineGamesT.qv.139259    
Vba32 ----- Trojan-GameThief.Win32.Magania.afva    

*** 13/13 antivirus engines found virus in this file ***   
-------------------------------------------------------------------------   
D:\Desk\Samples\Collect\MCLS\E096FD68.exe   
MD5 Hash: 532B7DF53FF95CA29ACAD5987678DE31   

A-squared ----- Nothing   
Avast ----- Nothing   
Avg ----- Nothing   
Antivir ----- Nothing   
BitDefender ----- Trojan.Generic.975167    
ClamWin ----- Nothing   
Dr.Web ----- Nothing   
Eset ----- Nothing   
Ikarus ----- Nothing   
Jiangmin ----- TrojanDownloader.ACVE.h    
Kaspersky ----- Trojan-Downloader.Win32.ACVE.ah    
Kingsoft ----- Nothing   
Vba32 ----- Nothing   

*** 3/13 antivirus engines found virus in this file ***   
-------------------------------------------------------------------------   
D:\Desk\Samples\Collect\MCLS\E53876CF.exe   
Type: Win32 Executable Generic / Extension: .EXE   
MD5 Hash: 01F526095CD3C37FE3EE5ADFCCEF6814   

A-squared ----- Virus.Trojan.Win32.Agent.gam!IK    
Avast ----- Win32:Delf-HJO [Trj]    
Avg ----- PSW.Generic6.AGFC     
Antivir ----- TR/Dldr.Delf.oyk.1    
BitDefender ----- Trojan.Agent.Delf.JZ    
ClamWin ----- Trojan.Downloader-56563    
Dr.Web ----- Trojan.DownLoad.6025    
Eset ----- Win32/Spy.Pachat.U trojan    
Ikarus ----- Virus.Trojan.Win32.Agent.gam    
Jiangmin ----- TrojanDownloader.Delf.ahj    
Kaspersky ----- Trojan-Downloader.Win32.Delf.oys    
Kingsoft ----- Win32.TrojDownloader.Delf.495631    
Vba32 ----- Trojan-Downloader.Win32.Delf.oys    

*** 13/13 antivirus engines found virus in this file ***   
-------------------------------------------------------------------------   
D:\Desk\Samples\Collect\MCLS\E6792120.exe   
Type: DOS Executable Generic / Extension: .EXE   
MD5 Hash: 06459EE9DDC3321353796AC5939C0B0A   

A-squared ----- Trojan-PWS.Win32.Agent.hf!IK    
Avast ----- Win32:Trojan-gen {Other}    
Avg ----- PSW.OnlineGames.BEVH     
Antivir ----- TR/Dropper.Gen    
BitDefender ----- Trojan.PWS.OnlineGames.ZTC    
ClamWin ----- Nothing   
Dr.Web ----- Nothing   
Eset ----- a variant of Win32/Kryptik.AE trojan    
Ikarus ----- Trojan-PWS.Win32.Agent.hf    
Jiangmin ----- Nothing   
Kaspersky ----- Trojan-GameThief.Win32.OnLineGames.hni    
Kingsoft ----- Win32.Troj.OnLineGamesT.gr.2637    
Vba32 ----- Nothing   

*** 9/13 antivirus engines found virus in this file ***   
-------------------------------------------------------------------------   
D:\Desk\Samples\Collect\MCLS\E7FB5468e.exe   
Type: Win32 Executable Generic / Extension: .EXE   
MD5 Hash: 8E1B6FD0C79701F81F982137DEBAD728   

A-squared ----- Virus.Trojan.Win32.Agent.gam!IK    
Avast ----- Win32:Delf-HJO [Trj]    
Avg ----- PSW.Generic6.AGFC     
Antivir ----- TR/Dldr.Delf.oyk.1    
BitDefender ----- Trojan.Agent.Delf.JZ    
ClamWin ----- Trojan.Downloader-56563    
Dr.Web ----- Trojan.DownLoad.6025    
Eset ----- Win32/Spy.Pachat.U trojan    
Ikarus ----- Virus.Trojan.Win32.Agent.gam    
Jiangmin ----- TrojanDownloader.Delf.ahj    
Kaspersky ----- Trojan-Downloader.Win32.Delf.oyl    
Kingsoft ----- Win32.TrojDownloader.Delf.495631    
Vba32 ----- Trojan-Downloader.Win32.Delf.oyl    

*** 13/13 antivirus engines found virus in this file ***   
-------------------------------------------------------------------------   

Task done @ 2008/11/11 二 17:19:20.24   

will

E096FD68.exe     NONE PE FILE

328397663

卡巴全杀~~!

上传生成物~~!

[ 本帖最后由 328397663 于 2008-11-12 10:56 编辑 ]

robbin1006

为什么我的铁壳scs居然什么都没杀出来，别人的铁壳却杀出来了。而且我的病毒库是最新的。

wuxiljm

楼上的，此包有密