木马下载FTP服务器上面的东东!(貌似针对NOD32,kaba编写的免杀)
miss to kaba kill,waiting for reply。。。(kaba heur 3x)
Hello,
1433.exe_ - Backdoor.Win32.Hupigon.gbpo,
3389.exe_ - Backdoor.Win32.Hupigon.gbpp,
sc.exe_ - Backdoor.Win32.Hupigon.gbpq,
SuperSC.exe_ - Worm.Win32.Wogue.cf
New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.
shift.bat_
No malicious code was found in this file.
winlogin.exe_
Haven't a password we can't extract this file. Please send us a password or repack files
with password 'infected' (without quotes) and send it to us.
文件 1433.zip 接收于 2009.02.18 02:31:33 (CET)
当前状态: 正在读取 ... 队列中 等待中 扫描中 完成 未发现 停止
结果: 29/39 (74.36%)
| 反病毒引擎 | 版本 | 最后更新 | 扫描结果 | | a-squared | 4.0.0.93 | 2009.02.18 | Trojan-PWS.Win32.OnLineGames!IK | | AhnLab-V3 | 5.0.0.2 | 2009.02.17 | Win-Trojan/GrayBird.259193 | | AntiVir | 7.9.0.83 | 2009.02.17 | BDS/Backdoor.Gen | | Authentium | 5.1.0.4 | 2009.02.17 | W32/Downloader.AT.gen!Eldorado | | Avast | 4.8.1335.0 | 2009.02.17 | Win32:Hupigon-AHB | | AVG | 8.0.0.237 | 2009.02.17 | Generic10.AQMQ | | BitDefender | 7.2 | 2009.02.18 | GenPack:Backdoor.Hupigon.AYRQ | | CAT-QuickHeal | 10.00 | 2009.02.17 | Win32.Trojan.Pepatch.E.3 | | ClamAV | 0.94.1 | 2009.02.18 | - | | Comodo | 982 | 2009.02.17 | - | | DrWeb | 4.44.0.09170 | 2009.02.17 | BackDoor.Pigeon.83 | | eSafe | 7.0.17.0 | 2009.02.17 | Suspicious File | | eTrust-Vet | 31.6.6362 | 2009.02.17 | - | | F-Prot | 4.4.4.56 | 2009.02.17 | W32/Hupigon.K.gen!Eldorado | | F-Secure | 8.0.14470.0 | 2009.02.18 | W32/Suspicious_N.gen | | Fortinet | 3.117.0.0 | 2009.02.17 | - | | GData | 19 | 2009.02.18 | GenPack:Backdoor.Hupigon.AYRQ | | Ikarus | T3.1.1.45.0 | 2009.02.18 | Trojan-PWS.Win32.OnLineGames | | K7AntiVirus | 7.10.630 | 2009.02.14 | - | | Kaspersky | 7.0.0.125 | 2009.02.18 | - | | McAfee | 5529 | 2009.02.17 | Bat/sdel | | McAfee+Artemis | 5529 | 2009.02.17 | Generic!Artemis | | Microsoft | 1.4306 | 2009.02.18 | Backdoor:Win32/Hupigon.gen | | NOD32 | 3862 | 2009.02.17 | - | | Norman | 6.00.06 | 2009.02.17 | W32/Suspicious_N.gen | | nProtect | 2009.1.8.0 | 2009.02.17 | - | | Panda | 10.0.0.10 | 2009.02.17 | Trj/CI.A | | PCTools | 4.4.2.0 | 2009.02.17 | Packed/NSPack | | Prevx1 | V2 | 2009.02.18 | - | | Rising | 21.17.12.00 | 2009.02.17 | Packer.Win32.PePatch.d | | SecureWeb-Gateway | 6.7.6 | 2009.02.17 | Trojan.Backdoor.Backdoor.Gen | | Sophos | 4.38.0 | 2009.02.17 | Mal/Packer | | Sunbelt | 3.2.1855.2 | 2009.02.17 | Email-Worm.Win32.Bagle.C (vf) | | Symantec | 10 | 2009.02.18 | Packed.Generic.115 | | TheHacker | 6.3.2.2.259 | 2009.02.18 | - | | TrendMicro | 8.700.0.1004 | 2009.02.17 | Mal_MLWR-5 | | VBA32 | 3.12.8.13 | 2009.02.17 | Backdoor.Win32.Hupigon.ctpe | | ViRobot | 2009.2.17.1611 | 2009.02.17 | Backdoor.Win32.Hupigon.258563 | | VirusBuster | 4.5.11.0 | 2009.02.17 | Packed/NSPack |
| 附加信息 | | File size: 830656 bytes | | MD5...: 686b065c3c07efa70db392f439ab2ae3 | | SHA1..: 5b40e94d22962b5472017395427a956bf2c772c4 | | SHA256: 8cdecf9d00a026998debcb908c789dcdc74150668457bdf098977621e5ebfe91 | SHA512: 7c7c8754f2a340af55047d6e6de24ba534dac158fe40a875009e49e581bd1cbb
a5615ab518bcc5992f74037cf9f5ed026bf22d2e13e810c13d158425b44e9302
| ssdeep: 12288:nzWKRQK7CbYDZrjH4hu9tSzWuRQ27C3YDZt5H+huizWKRQK7CbYDZrjH4h
uCwv/J:nlOUgc9tShyU6cilOUgcCwZXr
| | PEiD..: - | TrID..: File type identification
ZIP compressed archive (99.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%) | | PEInfo: - | | packers (Avast): NsPack, UPX, NsPack, UPX, NsPack, UPX, NsPack | | packers (Authentium): NSPack, NSPack, NSPack, NSPack, PE_Patch | | packers (F-Prot): NSPack, PE_Patch, RAR |
[ 本帖最后由 FLogo 于 2009-2-18 13:34 编辑 ] |
发表于 2009-2-18 09:35:05
发表于 2009-2-18 10:49:54
