晚餐

显示全部楼层 · 发表于 2009-6-14 17:58:51

19d38903bcb5471028b419a6c49fa29f file.exe1
36c08e00701d96cc7a50cd3ddd6e4228 file.exe2
c9c4728160adc687125f8d2b043e081d file.exe3
20d6c54ef91045eb9b008bbc8844606c file.exe4
1575b73e654263642490ba80301546cc file.exe5
a9dc594a1f654d3d04b4a60f822205dc file.exe6
64b7c01ce782935699a0241748126fd8 file.exe7

卡巴报heur

https://www.virustotal.com/anali ... 67e6721e-1244965222
Result: 11/40 (27.5%)

to kl,comodo,lavasoft

Hello,

New malicious software was found in the attached file. Its detection will be included in the next update.
Thank you for your help.

file.exe1
   Trojan.Win32.Tdss.ahex

file.exe2
   Trojan.Win32.Tdss.ahey
   Trojan.Win32.Tdss.ahfa

file.exe3
   Trojan.Win32.Tdss.ahez

file.exe4
   Trojan.Win32.Tdss.ahfa

file.exe5
   Trojan.Win32.Tdss.ahfb
   Trojan.Win32.Tdss.ahff

file.exe6
   Trojan.Win32.Tdss.ahfc

file.exe7
   Trojan.Win32.Tdss.ahfd

有些文件有2个病毒名?

[ 本帖最后由 sam.to 于 2009-6-14 19:36 编辑 ]

显示全部楼层 · 发表于 2009-6-14 18:01:18

to mpav

显示全部楼层 · 发表于 2009-6-14 18:06:29

C:\Documents and Settings\g\桌面\007\007\file.exe1 Artemis!19D38903BCB5 (特洛伊)
2009-6-14 18:05:18 已删除 GL\g D:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\g\桌面\007\007\file.exe2 Artemis!36C08E00701D (特洛伊)
2009-6-14 18:05:19 已删除 GL\g D:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\g\桌面\007\007\file.exe3 Artemis!C9C4728160AD (特洛伊)
2009-6-14 18:05:20 已删除 GL\g D:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\g\桌面\007\007\file.exe4 Artemis!20D6C54EF910 (特洛伊)
2009-6-14 18:05:21 已删除 GL\g D:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\g\桌面\007\007\file.exe5 Generic FakeAlert.k (特洛伊)
2009-6-14 18:05:22 已删除 GL\g D:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\g\桌面\007\007\file.exe6 Artemis!A9DC594A1F65 (特洛伊)
2009-6-14 18:05:23 已删除 GL\g D:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\g\桌面\007\007\file.exe7 Artemis!64B7C01CE782 (特洛伊)

显示全部楼层 · 发表于 2009-6-14 18:08:56

--> 007\file.exe1
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> 007\file.exe2
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> 007\file.exe3
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> 007\file.exe4
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> 007\file.exe5
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> 007\file.exe6
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
--> 007\file.exe7
   [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan

显示全部楼层 · 发表于 2009-6-14 21:58:50

McAfee generic fakealert.kv

显示全部楼层 · 发表于 2009-6-14 22:06:52

dr.web
file.exe1;C:\Documents and Settings\all\桌面\007\007;BackDoor.Tdss.139;Deleted.;
file.exe2;C:\Documents and Settings\all\桌面\007\007;BackDoor.Tdss.139;Deleted.;
file.exe3;C:\Documents and Settings\all\桌面\007\007;BackDoor.Tdss.139;Deleted.;
file.exe4;C:\Documents and Settings\all\桌面\007\007;BackDoor.Tdss.139;Deleted.;
file.exe5;C:\Documents and Settings\all\桌面\007\007;BackDoor.Tdss.139;Deleted.;
file.exe6;C:\Documents and Settings\all\桌面\007\007;BackDoor.Tdss.139;Deleted.;

显示全部楼层 · 发表于 2009-6-14 23:29:32

nod

RAR > 007\file.exe1 is OK
RAR > 007\file.exe2 a variant of Win32/Kryptik.SF trojan
RAR > 007\file.exe3 is OK
RAR > 007\file.exe4 is OK
RAR > 007\file.exe5 is OK
RAR > 007\file.exe6 a variant of Win32/Kryptik.SF trojan
RAR > 007\file.exe7 is OK

[病毒样本] 晚餐

本帖子中包含更多资源

浏览过的版块