木马群+过去式的威金变种

显示全部楼层 · 发表于 2009-3-15 16:33:39

hxxp://u2.1369zz.com/gz/G15.exe
hxxp://u2.1369zz.com/gz/G14.exe
hxxp://u2.1369zz.com/gz/G13.exe
hxxp://u2.1369zz.com/gz/G12.exe
hxxp://u2.1369zz.com/gz/G11.exe
hxxp://u2.1369zz.com/gz/G9.exe
hxxp://u2.1369zz.com/gz/G8.exe
hxxp://u2.1369zz.com/gz/G7.exe
hxxp://u2.1369zz.com/gz/G1.exe
hxxp://u2.1369zz.com/lm/S20.exe
hxxp://u2.1369zz.com/lm/S19.exe
hxxp://u2.1369zz.com/lm/S18.exe
hxxp://u2.1369zz.com/lm/S17.exe
hxxp://u2.1369zz.com/lm/S16.exe
hxxp://u2.1369zz.com/lm/S15.exe
hxxp://u2.1369zz.com/lm/S14.exe
hxxp://u2.1369zz.com/lm/S12.exe
hxxp://u2.1369zz.com/lm/S13.exe
hxxp://u2.1369zz.com/lm/S11.exe
hxxp://u2.1369zz.com/lm/S10.exe
hxxp://u2.1369zz.com/lm/S9.exe
hxxp://u2.1369zz.com/lm/S8.exe
hxxp://u2.1369zz.com/lm/S6.exe
hxxp://u2.1369zz.com/lm/S7.exe
hxxp://u2.1369zz.com/lm/S5.exe
hxxp://u2.1369zz.com/lm/S4.exe
hxxp://u2.1369zz.com/lm/S3.exe
hxxp://u2.1369zz.com/lm/S2.exe
hxxp://u2.1369zz.com/lm/S1.exe
hxxp://u8.1369zz.com/sb/ko.exe
hxxp://u8.1369zz.com/la/L8.exe
hxxp://u8.1369zz.com/la/L9.exe
hxxp://u8.1369zz.com/la/L6.exe
hxxp://u8.1369zz.com/la/L5.exe
hxxp://u8.1369zz.com/la/L4.exe
hxxp://u8.1369zz.com/la/L3.exe
hxxp://u8.1369zz.com/la/L1.exe
hxxp://u8.1369zz.com/la/L17.exe
hxxp://u9.1369zz.com/cj/1a.exe
hxxp://u2.1369zz.com/gz/G4.exe
hxxp://u8.1369zz.com/la/fm.exe
hxxp://u8.1369zz.com/la/L2.exe
hxxp://u2.1369zz.com/gz/G2.exe
hxxp://u2.1369zz.com/gz/G10.exe

以上样本全都打包上报！kaba miss 4x ，to kill ！（解压密码为virus）

Hello,

1a.exe_ - Backdoor.Win32.VB.hzm,
ko.exe_ - Trojan-Downloader.Win32.Agent.bldl,
L1.exe_ - Trojan-GameThief.Win32.WOW.glf,
L5.exe_ - Trojan-GameThief.Win32.WOW.gld

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

hxxp://sss.0734114.com/xb/009.exe

kaba miss ，to kill ！（rising 报LOGOGO病毒，上网查资料说是威金的变种，不知道是不是真的呀！）

Hello,

009.exe_ - Trojan-Downloader.Win32.Agent.bldp

New malicious software was found in this file. It's detection will be included in the next update. Thank you for your help.

[ 本帖最后由幸福的猪猪于 2009-3-15 16:41 编辑 ]

显示全部楼层 · 发表于 2009-3-15 16:44:34

miss1
45 Files were scanned
44 viruses and/or unwanted programs were found

显示全部楼层 · 发表于 2009-3-15 16:44:53

miss to rs

显示全部楼层 · 发表于 2009-3-15 17:10:55

显示全部楼层 · 发表于 2009-3-15 17:42:00

Name: Packed/FSG
Type: Sequence

Description:

Files:
c:\users\administrator\desktop\009\009.exe

TDDOWNLOAD MISS 8 to VB

显示全部楼层 · 发表于 2009-3-15 18:25:48

009应该是双重病毒
00009278 00809278    0 SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\PPStream.exe
000092BC 008092BC    0 SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WinRAR.exe
000092FC 008092FC    0 SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Storm.exe
0000933C 0080933C    0 SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Maxthon.exe
0000937C 0080937C    0 AppFileName
00009388 00809388    0 Software\KuGoo
000093A0 008093A0    0 QQF007
000093B0 008093B0    0 SoftWare\Microsoft\Windows\CurrentVersion\Run
000094F9 008094F9    0 QQQQQS
000096B8 008096B8    0 ie.dll
000096C8 008096C8    0 http://www.baidu-002.cn/sms/ie.dll

显示全部楼层 · 发表于 2009-3-15 18:40:38

virus.凝逸反毒 14

显示全部楼层 · 发表于 2009-3-15 19:59:06

无法找到该页
您正在搜索的页面可能已经删除、更名或暂时不可用。

#1网址to kl(url filtering)

[病毒样本] 木马群+过去式的威金变种

本帖子中包含更多资源

本帖子中包含更多资源

回复 6楼 EQ2 的帖子