收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 由kaba官方论坛挖来的东东!
返回列表 发新帖
查看: 2169|回复: 6
收起左侧

[病毒样本] 由kaba官方论坛挖来的东东!

[复制链接]
幸福的猪猪
发表于 2009-4-23 10:37:14 | 显示全部楼层 |阅读模式
kaba miss 2x!(看在线沙盘的分析结果,发现其本体还有下载犇牛病毒样本的行为!)
(病毒样本源自:hxxp://bbs.kaspersky.com.cn/thread-272608-1-1.html
在线沙盘分析的结果:hxxp://www.threatexpert.com/report.aspx?md5=31fd9bc59d66e9bcdc99174a7c38748f

解压密码为:virus

下载地址全部上报kaba !

[ 本帖最后由 幸福的猪猪 于 2009-4-23 10:41 编辑 ]

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x

评分

参与人数 1人气 +1 收起 理由
sam.to + 1 感谢提供分享

查看全部评分

回复

举报

will
发表于 2009-4-23 10:41:43 | 显示全部楼层

KV2009 24



余下的一个主防秒…


[ 本帖最后由 will 于 2009-4-23 10:43 编辑 ]

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

HC303
发表于 2009-4-23 10:58:33 | 显示全部楼层
红伞,全部杀光。
Beginning disinfection:
G:\virus\TDDOWNLOAD\TDDOWNLOAD\new1(1).exe
    [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
    [NOTE]      The file was deleted!
G:\virus\TDDOWNLOAD\TDDOWNLOAD\new1(2).exe
    [DETECTION] Is the TR/Spy.Gen Trojan
    [NOTE]      The file was deleted!
G:\virus\TDDOWNLOAD\TDDOWNLOAD\new1(3).exe
    [DETECTION] Is the TR/Spy.Gen Trojan
    [NOTE]      The file was deleted!
G:\virus\TDDOWNLOAD\TDDOWNLOAD\new1(4).exe
    [DETECTION] Is the TR/ATRAPS.Gen Trojan
    [NOTE]      The file was deleted!
G:\virus\TDDOWNLOAD\TDDOWNLOAD\new1.exe
    [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
    [NOTE]      The file was deleted!
G:\virus\TDDOWNLOAD\TDDOWNLOAD\new10.exe
    [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
    [NOTE]      The file was deleted!
G:\virus\TDDOWNLOAD\TDDOWNLOAD\new11.exe
    [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
    [NOTE]      The file was deleted!
G:\virus\TDDOWNLOAD\TDDOWNLOAD\new12.exe
    [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
    [NOTE]      The file was deleted!
G:\virus\TDDOWNLOAD\TDDOWNLOAD\new14.exe
    [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
    [NOTE]      The file was deleted!
G:\virus\TDDOWNLOAD\TDDOWNLOAD\new15.exe
    [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
    [NOTE]      The file was deleted!
G:\virus\TDDOWNLOAD\TDDOWNLOAD\new2(1).exe
    [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
    [NOTE]      The file was deleted!
G:\virus\TDDOWNLOAD\TDDOWNLOAD\new2(2).exe
    [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was deleted!
G:\virus\TDDOWNLOAD\TDDOWNLOAD\new2(3).exe
    [DETECTION] Is the TR/Spy.Gen Trojan
    [NOTE]      The file was deleted!
G:\virus\TDDOWNLOAD\TDDOWNLOAD\new2(4).exe
    [NOTE]      The file was deleted!
G:\virus\TDDOWNLOAD\TDDOWNLOAD\new2(5).exe
    [DETECTION] Is the TR/ATRAPS.Gen Trojan
    [NOTE]      The file was deleted!
G:\virus\TDDOWNLOAD\TDDOWNLOAD\new2.exe
    [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
    [NOTE]      The file was deleted!
G:\virus\TDDOWNLOAD\TDDOWNLOAD\new3(1).exe
    [DETECTION] Is the TR/Spy.Gen Trojan
    [NOTE]      The file was deleted!
G:\virus\TDDOWNLOAD\TDDOWNLOAD\new3.exe
    [NOTE]      The file was deleted!
G:\virus\TDDOWNLOAD\TDDOWNLOAD\new4.exe
    [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
    [NOTE]      The file was deleted!
G:\virus\TDDOWNLOAD\TDDOWNLOAD\new5(1).exe
    [DETECTION] Contains recognition pattern of the SPR/Tool.Rootkitdrv.LX.2 program
    [NOTE]      The file was deleted!
G:\virus\TDDOWNLOAD\TDDOWNLOAD\new5.exe
    [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
    [NOTE]      The file was deleted!
G:\virus\TDDOWNLOAD\TDDOWNLOAD\new6.exe
    [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
    [NOTE]      The file was deleted!
G:\virus\TDDOWNLOAD\TDDOWNLOAD\new8.exe
    [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
    [NOTE]      The file was deleted!
G:\virus\TDDOWNLOAD\TDDOWNLOAD\new9.exe
    [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
    [NOTE]      The file was deleted!
G:\virus\TDDOWNLOAD\TDDOWNLOAD\up.exe
    [DETECTION] Is the TR/Hijacker.Gen Trojan
    [NOTE]      The file was deleted!


End of the scan: 2009年4月23日  11:00
Used time: 00:03 Minute(s)

The scan has been done completely.

      2 Scanned directories
     25 Files were scanned
     27 Viruses and/or unwanted programs were found
      0 Files were classified as suspicious
     25 files were deleted
      0 Viruses and unwanted programs were repaired
      0 Files were moved to quarantine
      0 Files were renamed
      0 Files cannot be scanned
     -2 Files not concerned
      0 Archives were scanned
      0 Warnings
     25 Notes
回复

举报

aerbeisi
发表于 2009-4-23 12:34:35 | 显示全部楼层
[Scan path] D:\TDDOWNLOAD
>D:\TDDOWNLOAD\new1(1).exe infected with Trojan.PWS.Wsgame.11279
>D:\TDDOWNLOAD\new1(2).exe infected with Trojan.PWS.Gamania.17197
>D:\TDDOWNLOAD\new1(3).exe - infected with Trojan.PWS.Wsgame.origin
>>D:\TDDOWNLOAD\new1(3).exe/data001 - OK
>>D:\TDDOWNLOAD\new1(3).exe/data002 infected with Trojan.PWS.Wsgame.origin
>D:\TDDOWNLOAD\new1(3).exe - archive contains infected objects
>>D:\TDDOWNLOAD\new1(4).exe infected with Trojan.PWS.Gamania.18012
D:\TDDOWNLOAD\new1.exe infected with Trojan.PWS.Wsgame.11276
D:\TDDOWNLOAD\new10.exe infected with Trojan.PWS.Wsgame.11089
>D:\TDDOWNLOAD\new11.exe infected with Trojan.PWS.Wsgame.11142
>>>D:\TDDOWNLOAD\new12.exe infected with Trojan.PWS.Wsgame.11295
D:\TDDOWNLOAD\new14.exe infected with Trojan.PWS.Gamania.18381
D:\TDDOWNLOAD\new15.exe infected with Trojan.PWS.Wsgame.11089
D:\TDDOWNLOAD\new2(1).exe infected with Trojan.PWS.Wsgame.11089
D:\TDDOWNLOAD\new2(2).exe infected with Trojan.MulDrop.31230
>D:\TDDOWNLOAD\new2(3).exe infected with Trojan.PWS.Gamania.17197
>D:\TDDOWNLOAD\new2(4).exe - infected with Trojan.PWS.Wsgame.origin
>>D:\TDDOWNLOAD\new2(4).exe/data001 - OK
>D:\TDDOWNLOAD\new2(4).exe - OK
>>D:\TDDOWNLOAD\new2(5).exe infected with Trojan.PWS.Gamania.18012
>D:\TDDOWNLOAD\new2.exe infected with Trojan.PWS.Wsgame.11110
>D:\TDDOWNLOAD\new3(1).exe infected with Trojan.DownLoad.31345
>D:\TDDOWNLOAD\new3.exe infected with Trojan.PWS.Wsgame.11178
>>>D:\TDDOWNLOAD\new4.exe infected with Trojan.PWS.Wsgame.11329
>>>>>D:\TDDOWNLOAD\new5(1).exe/data001 - OK
>>>>>>D:\TDDOWNLOAD\new5(1).exe/data002 - OK
>>>D:\TDDOWNLOAD\new5(1).exe - OK
D:\TDDOWNLOAD\new5.exe infected with Trojan.PWS.Wsgame.11089
>D:\TDDOWNLOAD\new6.exe infected with Trojan.PWS.Wsgame.11279
D:\TDDOWNLOAD\new8.exe infected with Trojan.PWS.Wsgame.11089
D:\TDDOWNLOAD\new9.exe infected with Trojan.PWS.Wsgame.11089
>D:\TDDOWNLOAD\up.exe infected with Trojan.MulDrop.30754

-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Scanned: 32
Infected: 25
Modifications: 0
Suspicious: 0
Adware: 0
Dialers: 0
Jokes: 0
Riskware: 0
Hacktools: 0
Cured: 0
Deleted: 0
Renamed: 0
Moved: 0
Ignored: 0
Scan speed: 201 Kb/s
Scan time: 00:00:04
-----------------------------------------------------------------------------
回复

举报

taoyuan237
发表于 2009-4-23 12:47:55 | 显示全部楼层
TO RAV
回复

举报

姚明扣板
发表于 2009-4-24 00:02:08 | 显示全部楼层
感染“犇牛”的电脑速度会明显变慢,出现虚拟内存不足提示,非系统盘的根目录及所有文件夹目录中同时出现“usp10.dll”或“wsock32.dll”文件。部分用户的电脑感染“犇牛”后还会出现弹出大量广告网页、杀毒软件遭强制卸载, 这个东西要特别的注意才行
回复

举报

小乔美子
头像被屏蔽
发表于 2009-4-24 00:04:18 | 显示全部楼层
瑞星全杀
回复

举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-11-7 12:23 , Processed in 0.123704 second(s), 19 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表