收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 对于波波病毒(bobo****.exe)的补充
12下一页
返回列表 发新帖
查看: 4980|回复: 16
收起左侧

[病毒样本] 对于波波病毒(bobo****.exe)的补充

[复制链接]
sbbdms
发表于 2008-11-29 21:28:22 | 显示全部楼层 |阅读模式
原帖地址http://bbs.kafan.cn/thread-367822-1-1.html
其实用迅雷批量http://www.longlong7.cn/bo/BO10(*).exe
批量00~50其实就可以下载许多样本了……

其中还包括3个卡巴不杀的样本……

TO KL

Hello,

BO1004.exe_ - Trojan.Win32.Vapsup.nzf,
BO1005.exe_ - Trojan.Win32.Vapsup.nzg

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

BO1036.exe_ - Trojan.Win32.Vapsup.nzd

This file is already detected. Please update your antivirus bases.

Please quote all when answering.
The answer is relevant to the latest bases from update sources.

>
>
--------------------
Regards, Aseev Evgeny
Virus Analyst

Kaspersky Lab Ltd
Moscow, Russia
Tel/Fax: +7 (095) 797-8700
E-mail:  newvirus@kaspersky.com

[ 本帖最后由 sbbdms 于 2008-11-30 14:51 编辑 ]

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

雨宫优子
发表于 2008-11-29 21:35:11 | 显示全部楼层
楼主也发现了

我的1035号版本就是这么补充上来的...
回复

举报

hj5abc
发表于 2008-11-29 22:43:12 | 显示全部楼层
直接下附件总出现crc错误 所以上了迅雷 总共34个有效。

17.

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

hj5abc
发表于 2008-11-29 22:53:54 | 显示全部楼层
释放后又干掉11个。6 left

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

change_018
发表于 2008-11-29 23:04:22 | 显示全部楼层
怎么感觉伞到我手里就缩水了= =
回复

举报

su-tt
发表于 2008-11-29 23:08:21 | 显示全部楼层
1001、1004、1005、1011、1012、1016、1021、1034、1035、1036 NIS均无视,剩下的杀
回复

举报

hj5abc
发表于 2008-11-29 23:18:04 | 显示全部楼层

回复 5楼 change_018 的帖子

有一些只是antivir不能解包 自己解包再扫。

评分

参与人数 1人气 +1 收起 理由
change_018 + 1 了解:-)

查看全部评分

回复

举报

solcroft
发表于 2008-11-29 23:21:36 | 显示全部楼层
漏了六个

Scan Shell extension scan was finished.
Infections found: 77
Infected objects removed or healed: 77
Not removed or healed: 0
Spyware found: 15
Spyware removed: 15
Not removed: 0
Warnings count: 0
Total object scanned: 129

Infections
File; Infection; Result
C:\Documents and Settings\Limited User\Desktop\bobo\BO1006.exe; Trojan horse BackDoor.Generic9.AYXV; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1006.exe:\regti.sys; Trojan horse BackDoor.Generic9.AYXV; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1007.exe; Trojan horse BackDoor.Generic9.AYXV; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1007.exe:\$IK; Trojan horse Downloader.Adload.OU; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1007.exe:\regti.sys; Trojan horse BackDoor.Generic9.AYXV; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1008.exe; Trojan horse BackDoor.Generic9.AYXV; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1008.exe:\$IK; Trojan horse Generic11.ADKJ; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1008.exe:\regti.sys; Trojan horse BackDoor.Generic9.AYXV; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1009.exe; Trojan horse BackDoor.Generic9.AYXV; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1009.exe:\regti.sys; Trojan horse BackDoor.Generic9.AYXV; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1010.exe; Trojan horse BackDoor.Generic9.BAEU; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1010.exe:\regti.sys; Trojan horse BackDoor.Generic9.BAEU; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1011.exe; Trojan horse BackDoor.Generic9.BBIZ; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1011.exe:\regti.sys; Trojan horse BackDoor.Generic9.BBIZ; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1012.exe; Trojan horse BackDoor.Generic9.BBIZ; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1012.exe:\regti.sys; Trojan horse BackDoor.Generic9.BBIZ; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1013.exe; Trojan horse BackDoor.Generic10.ATQ; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1013.exe:\reggi.sys; Trojan horse BackDoor.Generic10.ATQ; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1014.exe; Trojan horse BackDoor.Generic10.ATQ; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1014.exe:\reggi.sys; Trojan horse BackDoor.Generic10.ATQ; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1015.exe; Trojan horse BackDoor.Generic10.ATQ; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1015.exe:\reggi.sys; Trojan horse BackDoor.Generic10.ATQ; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1017.exe; Trojan horse BackDoor.Generic10.VLW; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1017.exe:\$IK; Trojan horse Generic12.DOH; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1017.exe:\$JK\BackOperHelper.dll; Trojan horse BackDoor.Generic10.VLW; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1017.exe:\przrege.sys; Trojan horse BackDoor.Generic10.IKN; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1018.exe; Trojan horse BackDoor.Generic10.QYG; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1018.exe:\$IK; Trojan horse Generic11.ARMO; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1018.exe:\$JK\BackOperHelper.dll; Trojan horse BackDoor.Generic10.QYG; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1018.exe:\pryrege.sys; Trojan horse Clicker.SWC; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1019.exe; Trojan horse Clicker.SWC; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1019.exe:\pryrege.sys; Trojan horse Clicker.SWC; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1020.exe; Trojan horse BackDoor.Generic10.VUI; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1020.exe:\$IK; Trojan horse Clicker.SWE; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1020.exe:\$JK\BackOperHelper.dll; Trojan horse BackDoor.Generic10.VUI; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1020.exe:\prxfile.sys; Trojan horse Clicker.SWD; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1022.exe; Trojan horse BackDoor.Generic10.VTV; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1022.exe:\$IK; Trojan horse Adload_r.EU; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1022.exe:\$JK\BackOperHelper.dll; Trojan horse BackDoor.Generic10.VTV; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1023.exe; Trojan horse BackDoor.Generic10.VTV; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1023.exe:\$IK; Trojan horse Adload_r.EU; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1023.exe:\$JK\BackOperHelper.dll; Trojan horse BackDoor.Generic10.VTV; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1024.exe; Trojan horse BackDoor.Generic10.VTV; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1024.exe:\$IK; Trojan horse Adload_r.EU; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1024.exe:\$JK\BackOperHelper.dll; Trojan horse BackDoor.Generic10.VTV; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1025.exe; Trojan horse BackDoor.Generic10.VTV; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1025.exe:\$IK; Trojan horse Adload_r.EU; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1025.exe:\$JK\BackOperHelper.dll; Trojan horse BackDoor.Generic10.VTV; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1026.exe; Trojan horse BackDoor.Generic10.VTV; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1026.exe:\$IK; Trojan horse Adload_r.EU; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1026.exe:\$JK\BackOperHelper.dll; Trojan horse BackDoor.Generic10.VTV; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1027.exe; Trojan horse BackDoor.Generic10.VTV; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1027.exe:\$IK; Trojan horse Adload_r.EU; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1027.exe:\$JK\BackOperHelper.dll; Trojan horse BackDoor.Generic10.VTV; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1028.exe; Trojan horse BackDoor.Generic10.ZAX; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1028.exe:\$IK; Trojan horse Adload_r.EU; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1028.exe:\$JK\BackOperHelper.dll; Trojan horse BackDoor.Generic10.ZAX; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1029.exe; Trojan horse BackDoor.Generic10.ZAX; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1029.exe:\$IK; Trojan horse Adload_r.EU; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1029.exe:\$JK\BackOperHelper.dll; Trojan horse BackDoor.Generic10.ZAX; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1030.exe; Trojan horse BackDoor.Generic10.ZAX; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1030.exe:\$IK; Trojan horse Downloader.Generic8.DNL; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1030.exe:\$JK\BackOperHelper.dll; Trojan horse BackDoor.Generic10.ZAX; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1031.exe; Trojan horse BackDoor.Generic10.ZAX; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1031.exe:\$IK; Trojan horse Adload_r.EU; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1031.exe:\$JK\BackOperHelper.dll; Trojan horse BackDoor.Generic10.ZAX; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1032.exe; Trojan horse Generic12.PTC; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1032.exe:\$IK; Trojan horse Clicker.UPV; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1032.exe:\$JK\BackOperHelper.dll; Trojan horse Generic12.PTC; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1033.exe; Trojan horse Generic12.PTC; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1033.exe:\$IK; Trojan horse Generic12.PTD; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1033.exe:\$JK\BackOperHelper.dll; Trojan horse Generic12.PTC; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1034.exe; Trojan horse Generic12.PTC; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1034.exe:\$IK; Trojan horse BHO.GMP; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1034.exe:\$JK\BackOperHelper.dll; Trojan horse Generic12.PTC; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1035.exe; Trojan horse Adload_r.EU; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1035.exe:\$IK; Trojan horse Adload_r.EU; Moved to Virus Vault

Spyware
File; Infection; Result
C:\Documents and Settings\Limited User\Desktop\bobo\BO1006.exe:\fanti.sys; Adware Generic3.KFO; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1007.exe:\fanti.sys; Adware Generic3.IGD; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1008.exe:\fanti.sys; Adware Generic3.IGD; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1009.exe:\fanti.sys; Adware Generic3.IGD; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1010.exe:\$IK; Adware Generic3.IWH; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1010.exe:\fanti.sys; Adware Generic3.IRJ; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1011.exe:\$IK; Adware Generic3.JCU; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1011.exe:\fanti.sys; Adware Generic3.JFD; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1012.exe:\fanti.sys; Adware Generic3.JFD; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1013.exe:\fanii.sys; Adware Generic3.KLX; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1014.exe:\fanii.sys; Adware Generic3.KLX; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1015.exe:\fanii.sys; Adware Generic3.KLX; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1018.exe:\pryfile.sys; Adware Generic3.RGA; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1019.exe:\pryfile.sys; Adware Generic3.RGA; Moved to Virus Vault
C:\Documents and Settings\Limited User\Desktop\bobo\BO1020.exe:\prxrege.sys; Adware Generic3.WZQ; Moved to Virus Vault
回复

举报

change_018
发表于 2008-11-29 23:34:04 | 显示全部楼层

回复 7楼 hj5abc 的帖子

原来如此

这么说,如果我没记错,伞应该漏了5个。
回复

举报

hj5abc
发表于 2008-11-29 23:52:39 | 显示全部楼层

回复 9楼 change_018 的帖子



6个吧?那6个解包后里面文件都扫不出 上报后都确定为under analysis
回复

举报

下一页 »
12下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-12-27 01:57 , Processed in 0.089077 second(s), 3 queries , Redis On.

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表