avi.exe

显示全部楼层 · 发表于 2008-11-16 18:59:46

avi.exe

显示全部楼层 · 发表于 2008-11-16 19:01:17

C:\Documents and Settings\Owner\桌面\avi.rar > RAR > avi.exe - Win32/PSW.OnLineGames.NRF 特洛伊木马的变种

显示全部楼层 · 发表于 2008-11-16 19:02:00

嘿嘿，对下载地址感兴趣。

显示全部楼层 · 发表于 2008-11-16 19:02:12

egin scan in 'E:\Download\Virus\avi.rar'
E:\Download\Virus\avi.rar
[0] Archive type: RAR
--> avi.exe
[DETECTION] Is the TR/PSW.Magania.dx Trojan
[WARNING] The file was ignored!

显示全部楼层 · 发表于 2008-11-16 19:02:24

Scan Started Sun Nov 16 19:04:46 2008
-------------------------------------------------------------------------------

C:\Documents and Settings\Owner\桌面\avi.exe: Trojan.Starter-12 FOUND
----------- SCAN SUMMARY -----------
Known viruses: 461375
Engine version: 0.93
Scanned directories: 0
Scanned files: 1
Infected files: 1

Data scanned: 0.07 MB
Time: 26.062 sec (0 m 26 s)
--------------------------------------
Completed
--------------------------------------

显示全部楼层 · 发表于 2008-11-16 19:03:08

Win32:Trojan-gen {Other}

显示全部楼层 · 发表于 2008-11-16 19:04:04

显示全部楼层 · 发表于 2008-11-16 19:05:38

直接P掉。

显示全部楼层 · 发表于 2008-11-16 19:05:43

http://cc0810.web1.1-host.com.cn/wduser/avi.exe

显示全部楼层 · 发表于 2008-11-16 19:06:04

文件 avi.exe 接收于 2008.11.16 12:04:42 (CET)
反病毒引擎版本最后更新扫描结果
AhnLab-V3 2008.11.14.3 2008.11.15 Win-Trojan/OnlineGameHack.B
AntiVir 7.9.0.31 2008.11.14 TR/PSW.Magania.dx
Authentium 5.1.0.4 2008.11.15 W32/OnlineGames.D.gen!GSA
Avast 4.8.1281.0 2008.11.16 Win32:Trojan-gen {Other}
AVG 8.0.0.199 2008.11.15 PSW.OnlineGames.BGPJ
BitDefender 7.2 2008.11.16 Trojan.PWS.Agent.SGC
CAT-QuickHeal 10.00 2008.11.15 (Suspicious) - DNAScan
ClamAV 0.94.1 2008.11.15 Trojan.Starter-12
DrWeb 4.44.0.09170 2008.11.16 Trojan.MulDrop.23001
eSafe 7.0.17.0 2008.11.13 Suspicious File
eTrust-Vet 31.6.6210 2008.11.14 Win32/Lolyda!generic
F-Prot 4.4.4.56 2008.11.15 W32/OnlineGames.D.gen!GSA
F-Secure 8.0.14332.0 2008.11.16 Trojan-GameThief.Win32.Magania.gen
GData 19 2008.11.16 Trojan.PWS.Agent.SGC
Ikarus T3.1.1.45.0 2008.11.16 Trojan-PWS.Win32.Agent.hf
Kaspersky 7.0.0.125 2008.11.16 Trojan-GameThief.Win32.Magania.gen
McAfee 5435 2008.11.15 New Malware.aj
Microsoft 1.4104 2008.11.16 PWS:Win32/Lolyda.N
NOD32 3615 2008.11.15 a variant of Win32/PSW.OnLineGames.NRF
Norman 5.80.02 2008.11.14 W32/Packed_Upack.A
Panda 9.0.0.4 2008.11.15 Suspicious file
PCTools 4.4.2.0 2008.11.15 Packed/Upack
Rising 21.03.42.00 2008.11.14 Trojan.PSW.Win32.GameOL.rtn
SecureWeb-Gateway 6.7.6 2008.11.14 Trojan.PSW.Magania.dx
Sophos 4.35.0 2008.11.16 Troj/PWS-AVJ
Sunbelt 3.1.1801.2 2008.11.14 Trojan.Win32.Packed.gen (v)
Symantec 10 2008.11.16 Infostealer.Hibik.A
TheHacker 6.3.1.1.155 2008.11.15 W32/Behav-Heuristic-060
TrendMicro 8.700.0.1004 2008.11.14 PAK_Generic.006
VBA32 3.12.8.9 2008.11.15 Trojan-GameThief.Win32.Magania.gen
VirusBuster 4.5.11.0 2008.11.15 Packed/Upack
附加信息
File size: 15477 bytes
MD5...: 9e9a0b2de76a3b4d9d78a11b730c0a44
SHA1..: ea9bf6e36a0b68e70f12a94c1ebccddab1f3312d
SHA256: 13b8b32518096659fc1e7d13a17a8681691425c2288bee2a1375f72750d2eda1
SHA512: 03e4f748a95b1bcae6405825210199ad0abd69d855f4de0206dd32f57037e5bd dc2b22ef5ea9ee351a409e94987c888673d67cd26ec6df22fcafffa6e651415b
PEiD..: -
TrID..: File type identification DOS Executable Generic (100.0%)
PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x401018 timedatestamp.....: 0x4011b0be (Fri Jan 23 23:39:42 2004) machinetype.......: 0x14c (I386) ( 3 sections ) name viradd virsiz rawdsiz ntrpy md5 PS 0x1000 0x10000 0x1f0 5.18 ee65c2bc5e021c4e1d2f1784b2824563 @HA 0x11000 0xb000 0x3940 7.97 2b66359e14517b58b786c4d37d3e21ba A@ 0x1c000 0x1000 0x1f0 5.18 ee65c2bc5e021c4e1d2f1784b2824563 ( 0 imports ) ( 0 exports ) 
packers (Kaspersky): PE_Patch, UPack
packers (Authentium): UPack
packers (F-Prot): UPack
packers (Avast): Upack

[病毒样本] avi.exe

本帖子中包含更多资源

本帖子中包含更多资源

回复 3楼 qigang 的帖子

浏览过的版块