收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 病毒样本生成物56X
12下一页
返回列表 发新帖
查看: 4113|回复: 12
收起左侧

[病毒样本] 病毒样本生成物56X

[复制链接]
angir
发表于 2010-1-1 16:20:16 | 显示全部楼层 |阅读模式
RT
来源:http://bbs.kafan.cn/thread-618497-1-1.html
生成物没有抓全,也不保证全部生成物均为malware
如果有clean的样本请自行无视

ps:不需要上报微点

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

angir
 楼主| 发表于 2010-1-1 17:57:31 | 显示全部楼层
To AVIRA,KL
回复

举报

62590423
发表于 2010-1-1 18:10:57 | 显示全部楼层
没人回复
回复

举报

angir
 楼主| 发表于 2010-1-1 18:11:34 | 显示全部楼层
回复 3# 62590423


    是……
觉得好奇怪的说
回复

举报

jason_jiang
发表于 2010-1-1 18:27:26 | 显示全部楼层
f-secure left 17, to

结果: 找到 39 恶意软件
Adware.Sogou.Gen (广告软件)
D:\Backup\Desktop\Unknownfiles\CPUSH.DLL
D:\Backup\Desktop\Unknownfiles\CPUSH.TMP
D:\BACKUP\DESKTOP\UNKNOWNFILES\CPUSH.TMP 操作: 删除
Gen:Adware.Heur.my8@NKNc1Job (广告软件)
D:\Backup\Desktop\Unknownfiles\WINDRV.CED
D:\Backup\Desktop\Unknownfiles\WINDRV.CED.1.BAK
D:\BACKUP\DESKTOP\UNKNOWNFILES\WINDRV.CED.1.BAK 操作: 删除
Trojan.Obfuscated.KU (病毒)
D:\Backup\Desktop\Unknownfiles\01.SYS 操作: 删除
Gen:Trojan.Heur.emW@XQuVyul (病毒)
D:\Backup\Desktop\Unknownfiles\16.EXE 操作: 删除
Gen:Trojan.Heur.emW@XQ4fMtd (病毒)
D:\Backup\Desktop\Unknownfiles\12.EXE 操作: 删除
Gen:Trojan.Heur.emW@XEEYNjh (病毒)
D:\Backup\Desktop\Unknownfiles\12FR3.EXE 操作: 删除
D:\Backup\Desktop\Unknownfiles\SYSBAR.EXE 操作: 删除
Trojan.Generic.2900681 (病毒)
D:\Backup\Desktop\Unknownfiles\AV2F.TMP 操作: 删除
Trojan.Generic.2890542 (病毒)
D:\Backup\Desktop\Unknownfiles\APPMGMTS.DLL 操作: 删除
D:\Backup\Desktop\Unknownfiles\QMGR.DLL 操作: 删除
Trojan.Generic.2911667 (病毒)
D:\Backup\Desktop\Unknownfiles\AV8.TMP 操作: 删除
D:\Backup\Desktop\Unknownfiles\AV9.TMP 操作: 删除
Trojan.Generic.2900653 (病毒)
D:\Backup\Desktop\Unknownfiles\AVA.TMP 操作: 删除
Trojan.Generic.CJ.AIXD (病毒)
D:\Backup\Desktop\Unknownfiles\CORPOR.DLL 操作: 删除
Generic.Malware.dld!!.552617DA (病毒)
D:\Backup\Desktop\Unknownfiles\D.EXE 操作: 删除
Trojan.Viking.A (病毒)
D:\Backup\Desktop\Unknownfiles\EXPOR.EXE 操作: 删除
GenPack:Generic.Malware.Fdld.86434219 (怀疑的感染)
D:\Backup\Desktop\Unknownfiles\DK.EXE 操作: 删除
D:\Backup\Desktop\Unknownfiles\LASSO.EXE 操作: 删除
Trojan.Generic.2901671 (病毒)
D:\Backup\Desktop\Unknownfiles\GAMECLIEN.EXE 操作: 删除
Gen:Rootkit.Heur.bqW@h8Rfcdg (病毒)
D:\Backup\Desktop\Unknownfiles\IBRNF.SYS 操作: 删除
Trojan.Downloader.JMQL (病毒)
D:\Backup\Desktop\Unknownfiles\ERNEL32.DLL 操作: 删除
Generic.Malware.SP!g.F0CFA2F2 (病毒)
D:\Backup\Desktop\Unknownfiles\MING9B090423.EXE 操作: 删除
Backdoor:W32/Koutodoor.gen!A (病毒)
D:\Backup\Desktop\Unknownfiles\MJFF.DLL 操作: 删除
D:\Backup\Desktop\Unknownfiles\NMEI.DLL 操作: 删除
Gen:Trojan.Heur.ouZ@XEBzpEi (病毒)
D:\Backup\Desktop\Unknownfiles\MTLRD.SYS 操作: 删除
Generic.Malware.P!g.1560A17F (病毒)
D:\Backup\Desktop\Unknownfiles\NB9MING32C090423.DLL 操作: 删除
Worm.Generic.218714 (病毒)
D:\Backup\Desktop\Unknownfiles\NETSVER.EXE 操作: 删除
Trojan.Generic.1625154 (病毒)
D:\Backup\Desktop\Unknownfiles\OK.TXTSERVER.EXE 操作: 删除
Trojan.Generic.2254987 (病毒)
D:\Backup\Desktop\Unknownfiles\PCIDUMP.SYS 操作: 删除
Trojan.Generic.2899721 (病毒)
D:\Backup\Desktop\Unknownfiles\PLINK.EXE 操作: 删除
Adware:W32/Cinmus.gen!H (病毒)
D:\Backup\Desktop\Unknownfiles\PRINT32.DLL 操作: 删除
Trojan.AVKill.CA (病毒)
D:\Backup\Desktop\Unknownfiles\SYSERE.EXE 操作: 删除
DeepScan:Generic.Adw.Cinmus.2.E8144529 (病毒)
D:\Backup\Desktop\Unknownfiles\STYHTG.EXE 操作: 删除
Trojan.Generic.2901467 (病毒)
D:\Backup\Desktop\Unknownfiles\VC3.EXE 操作: 删除
Backdoor.Agent.AAJL (病毒)
D:\Backup\Desktop\Unknownfiles\VIRUS.EXE 操作: 删除
Generic.PWS.Games.4.A3AF7F16 (病毒)
D:\Backup\Desktop\Unknownfiles\kb91113225.dll 操作: 删除
Gen:Adware.Heur.iu3@snkpgjnib (广告软件)
D:\Backup\Desktop\Unknownfiles\13.EXE 操作: 删除
回复

举报

kingmuro
头像被屏蔽
发表于 2010-1-1 19:44:04 | 显示全部楼层
avast           38个

2010-1-1 19:42:10        GXF        1528        Sign of "Win32:Rootkit-CN [Trj]" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\01.SYS" file.  
2010-1-1 19:42:13        GXF        1528        Sign of "Win32:BHO-VA [Trj]" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\12.EXE" file.  
2010-1-1 19:42:13        GXF        1528        Sign of "Win32:BHO-VA [Trj]" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\12FR3.EXE\$[32]\36.exe" file.  
2010-1-1 19:42:13        GXF        1528        Sign of "Win32:Cinmus-AU [Adw]" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\13.EXE\$[34]\$R0" file.  
2010-1-1 19:42:13        GXF        1528        Sign of "Win32:BHO-VA [Trj]" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\16.EXE" file.  
2010-1-1 19:42:13        GXF        1528        Sign of "Win32:OnLineGames-FOS [Trj]" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\AV2F.TMP" file.  
2010-1-1 19:42:13        GXF        1528        Sign of "Win32:OnLineGames-FOS [Trj]" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\AV8.TMP" file.  
2010-1-1 19:42:13        GXF        1528        Sign of "Win32:OnLineGames-FOS [Trj]" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\AV9.TMP" file.  
2010-1-1 19:42:13        GXF        1528        Sign of "Win32:OnLineGames-FOS [Trj]" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\AVA.TMP" file.  
2010-1-1 19:42:13        GXF        1528        Sign of "Win32:Malware-gen" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\CORPOR.DLL" file.  
2010-1-1 19:42:13        GXF        1528        Sign of "Win32:BHO-GG [Adw]" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\CPUSH.DLL" file.  
2010-1-1 19:42:13        GXF        1528        Sign of "Win32:BHO-GG [Adw]" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\CPUSH.TMP" file.  
2010-1-1 19:42:13        GXF        1528        Sign of "Win32:Agent-AERY [Trj]" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\DK.EXE\[NsPack]" file.  
2010-1-1 19:42:13        GXF        1528        Sign of "Win32:Viking-CF" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\EXPOR.EXE\[UPX]\[Embedded_I#2070]" file.  
2010-1-1 19:42:13        GXF        1528        Sign of "Win32:Malware-gen" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\GAMECLIEN.EXE\[Embedded_I#1070]" file.  
2010-1-1 19:42:13        GXF        1528        Sign of "Win32:Viking-CF" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\GAMECLIEN.EXE" file.  
2010-1-1 19:42:13        GXF        1528        Sign of "Win32:RtkDL [Rtk]" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\IBRNF.SYS" file.  
2010-1-1 19:42:13        GXF        1528        Sign of "Win32:Vilsel-D [Trj]" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\kb91113225.dll\[Upack]" file.  
2010-1-1 19:42:13        GXF        1528        Sign of "Win32:Agent-AERY [Trj]" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\LASSO.EXE\[NsPack]" file.  
2010-1-1 19:42:13        GXF        1528        Sign of "Win32:AutoRun-AXT [Wrm]" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\MING9B090423.EXE" file.  
2010-1-1 19:42:13        GXF        1528        Sign of "Win32:Rootkit-CN [Trj]" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\MTLRD.SYS" file.  
2010-1-1 19:42:14        GXF        1528        Sign of "Win32:Agent-SIM [Trj]" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\NB9MING32C090423.DLL" file.  
2010-1-1 19:42:14        GXF        1528        Sign of "Win32:Malware-gen" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\NETSVER.EXE" file.  
2010-1-1 19:42:14        GXF        1528        Sign of "Win32:Rootkit-gen [Rtk]" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\OK.TXTSERVER.EXE\[Embedded_I#1060]\[Embedded_I#5cc0]" file.  
2010-1-1 19:42:14        GXF        1528        Sign of "Win32:Perkesh [Rtk]" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\OK.TXTSERVER.EXE\[Embedded_I#1060]\[Embedded_I#6c40]" file.  
2010-1-1 19:42:14        GXF        1528        Sign of "Win32:Trojan-gen" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\OK.TXTSERVER.EXE\[Embedded_I#1060]\[Embedded_I#8cc0]" file.  
2010-1-1 19:42:14        GXF        1528        Sign of "Win32:Perkesh [Rtk]" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\OK.TXTSERVER.EXE\[Embedded_I#1060]" file.  
2010-1-1 19:42:14        GXF        1528        Sign of "Win32:Perkesh [Rtk]" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\OK.TXTSERVER.EXE" file.  
2010-1-1 19:42:14        GXF        1528        Sign of "Win32:Malware-gen" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\PLINK.EXE" file.  
2010-1-1 19:42:14        GXF        1528        Sign of "Win32:Cinmus-AU [Adw]" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\PRINT32.DLL" file.  
2010-1-1 19:42:14        GXF        1528        Sign of "Win32:Trojan-gen" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\QMGR.DLL" file.  
2010-1-1 19:42:14        GXF        1528        Sign of "NSIS:Cinmus [Adw]" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\STYHTG.EXE\nsis.hdr" file.  
2010-1-1 19:42:14        GXF        1528        Sign of "Win32:Cinmus-AU [Adw]" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\STYHTG.EXE\$TEMP\$TEMP\13.exe\$[34]\$R0" file.  
2010-1-1 19:42:14        GXF        1528        Sign of "Win32:BHO-VA [Trj]" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\SYSBAR.EXE" file.  
2010-1-1 19:42:14        GXF        1528        Sign of "Win32:Malware-gen" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\VC3.EXE" file.  
2010-1-1 19:42:14        GXF        1528        Sign of "Win32:Malware-gen" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\VIRUS.EXE\[Embedded_I#5d68]" file.  
2010-1-1 19:42:14        GXF        1528        Sign of "Win32:Trojan-gen" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\VIRUS.EXE" file.  
2010-1-1 19:42:14        GXF        1528        Sign of "Win32:Malware-gen" has been found in "D:\My Documents\桌面\test\virus\Unknownfiles\Windows.ime" file.
回复

举报

winxp0286
发表于 2010-1-1 21:59:43 | 显示全部楼层
杯具啊.ESET NOD 4.0
C:\Documents and Settings\Administrator\桌面\virus[1].part01.rar > RAR > Unknownfiles\01.SYS - Win32/Ysmarsys 特洛伊木马 的变种
C:\Documents and Settings\Administrator\桌面\virus[1].part01.rar > RAR > Unknownfiles\12.EXE - 可能是 Win32/Adware.Cinmus 应用程序 的变种
C:\Documents and Settings\Administrator\桌面\virus[1].part01.rar > RAR > Unknownfiles\12FR3.EXE > NSIS > Entries.bin - 正常
C:\Documents and Settings\Administrator\桌面\virus[1].part01.rar > RAR > Unknownfiles\12FR3.EXE > NSIS > Strings.txt - 正常
C:\Documents and Settings\Administrator\桌面\virus[1].part01.rar > RAR > Unknownfiles\12FR3.EXE > NSIS > script.nsi - 正常
C:\Documents and Settings\Administrator\桌面\virus[1].part01.rar > RAR > Unknownfiles\12FR3.EXE > NSIS > System.dll - 正常
C:\Documents and Settings\Administrator\桌面\virus[1].part01.rar > RAR > Unknownfiles\12FR3.EXE > NSIS > 36.exe - 可能是 Win32/Adware.Cinmus 应用程序 的变种
C:\Documents and Settings\Administrator\桌面\virus[1].part01.rar > RAR > Unknownfiles\13.EXE > NSIS > Entries.bin - 正常
C:\Documents and Settings\Administrator\桌面\virus[1].part01.rar > RAR > Unknownfiles\13.EXE > NSIS > Strings.txt - 正常
C:\Documents and Settings\Administrator\桌面\virus[1].part01.rar > RAR > Unknownfiles\13.EXE > NSIS > script.nsi - 正常
C:\Documents and Settings\Administrator\桌面\virus[1].part01.rar > RAR > Unknownfiles\13.EXE > NSIS > System.dll - 正常
C:\Documents and Settings\Administrator\桌面\virus[1].part01.rar > RAR > Unknownfiles\13.EXE > NSIS > 龏
回复

举报

saga3721
发表于 2010-1-1 22:03:33 | 显示全部楼层
25537193  XUNLEI.DLL  24.5 KB  UNDER ANALYSIS
25537196  ~0B6D5A.~~~  514 KB  UNDER ANALYSIS
25537197  ~0BA070.~~~  498 KB  UNDER ANALYSIS
25537190  IBRNF.SYS  28.13 KB  UNDER ANALYSIS
25537191  S.EXE  72 KB  UNDER ANALYSIS
25537192  SYSERE.EXE  24.5 KB  UNDER ANALYSIS
回复

举报

winxp0286
发表于 2010-1-1 22:04:48 | 显示全部楼层
为什么ESET 才扫到26个文件?难道计数方式不一样?

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

失落的手链
发表于 2010-1-2 00:15:09 | 显示全部楼层
瑞星2010

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

下一页 »
12下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2026-4-20 06:16 , Processed in 0.081202 second(s), 2 queries , Redis On.

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表