楼主: jck1996
收起左侧

[病毒样本] 熊猫烧香新种~~熊猫2010贺新春无敌版

  [复制链接]
evilrabbit
发表于 2010-1-11 08:39:50 | 显示全部楼层
回复 30# IllusionWing


    啥时候放出UGuard啊,级别是启发级别还是?
还有个级别3.1 期待
小桥流水1
发表于 2010-1-11 13:52:32 | 显示全部楼层
文件 Not available, prior to VT database update 接收于 2008.02.24 14:57:29 (UTC)
当前状态: 完成
结果: 18/33 (54.55%)

格式化文本
打印结果



反病毒引擎版本最后更新扫描结果
AhnLab-V3---
AntiVir--TR/Drop.Agent.WF.83
Authentium---
Avast--Win32:Agent-OWT
AVG--BackDoor.Hupigon3.AEUZ
BitDefender--Trojan.Dropper.RIL
CAT-QuickHeal---
ClamAV--Trojan.Dropper-3144
DrWeb--Trojan.MulDrop.11143
eSafe--suspicious Trojan/Worm
eTrust-Vet---
Ewido---
F-Prot--W32/Trojan.CFMM
F-Secure--Malware.BPKG
FileAdvisor---
Fortinet--W32/Agent.WF!tr
Ikarus---
Kaspersky--Trojan-Dropper.Win32.Agent.wf
McAfee---
Microsoft---
NOD32v2--Win32/TrojanDropper.Agent.WF
Norman--Malware.BPKG
Panda--Trj/Multidropper.RHY
Prevx1---
Rising--Dropper.Win32.Agent.k
SAVMail---
Sophos---
Sunbelt--Trojan-Dropper.RIL
Symantec---
TheHacker---
VBA32--Trojan-Dropper.Win32.Agent.wf
VirusBuster---
Webwasher-Gateway--Trojan.Drop.Agent.WF.83
附加信息
File size: 582558 bytes
MD5   : 9bcfeb2cd472a2c211e91bb2c50626fc
SHA1  : 94b02bbb2a95b4a8c6752f27d7103bb26f4e73c3
SHA256: eb1d58c5c0b22506e905f44d1486aac0ed87f911c1bb735c9cf3dcbfa2c12b5e
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x1000
timedatestamp.....: 0x465278A6 (Tue May 22 06:59:18 2007)
machinetype.......: 0x14C (Intel I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0xB000 0xA600 6.41 078ea854cca2bf764053bce4c5bfabb6
.data 0xC000 0x10000 0xE00 5.98 7545cc4b5ed0c219a2135dfdc0b74f7e
.idata 0x1C000 0x1000 0x1000 4.91 fd8feba71f9ac9dfb6113d7aa284d4ce
.rsrc 0x1D000 0x79C4 0x7A00 4.18 9ebcd14b1a42bd2ceb89e9125a17a60a

( 7 imports )

> advapi32.dll: RegCloseKey, RegCreateKeyExA, RegOpenKeyExA, RegQueryValueExA, RegSetValueExA
> comctl32.dll: -
> gdi32.dll: DeleteObject
> kernel32.dll: CloseHandle, CompareStringA, CreateDirectoryA, CreateDirectoryW, CreateFileA, CreateFileW, DeleteFileA, DeleteFileW, DosDateTimeToFileTime, ExitProcess, ExpandEnvironmentStringsA, FileTimeToLocalFileTime, FileTimeToSystemTime, FindClose, FindFirstFileA, FindFirstFileW, FindNextFileA, FindNextFileW, FindResourceA, FreeLibrary, GetCPInfo, GetCommandLineA, GetCurrentDirectoryA, GetDateFormatA, GetFileAttributesA, GetFileAttributesW, GetFileType, GetFullPathNameA, GetLastError, GetLocaleInfoA, GetModuleFileNameA, GetModuleHandleA, GetNumberFormatA, GetProcAddress, GetProcessHeap, GetStdHandle, GetTempPathA, GetTickCount, GetTimeFormatA, GetVersionExA, GlobalAlloc, HeapAlloc, HeapFree, HeapReAlloc, IsDBCSLeadByte, LoadLibraryA, LocalFileTimeToFileTime, MoveFileA, MoveFileExA, MultiByteToWideChar, OpenFile, ReadFile, SetCurrentDirectoryA, SetEnvironmentVariableA, SetFileAttributesA, SetFileAttributesW, SetFilePointer, SetFileTime, SetLastError, SetVolumeLabelA, Sleep, SystemTimeToFileTime, WaitForSingleObject, WideCharToMultiByte, WriteFile, _lclose, lstrcmpiA, lstrlenA
> ole32.dll: CLSIDFromString, CoCreateInstance, CreateStreamOnHGlobal, OleInitialize, OleUninitialize
> shell32.dll: SHBrowseForFolderA, SHChangeNotify, SHFileOperationA, SHGetFileInfoA, SHGetMalloc, SHGetSpecialFolderLocation, ShellExecuteExA, SHGetPathFromIDListA
> user32.dll: CharLowerA, CharToOemA, CharToOemBuffA, CharUpperA, CopyRect, CreateWindowExA, DefWindowProcA, DestroyIcon, DestroyWindow, DialogBoxParamA, DispatchMessageA, EnableWindow, EndDialog, FindWindowExA, GetClassNameA, GetClientRect, GetDlgItem, GetDlgItemTextA, GetMessageA, GetParent, GetSysColor, GetSystemMetrics, GetWindow, GetWindowLongA, GetWindowRect, GetWindowTextA, IsWindow, IsWindowVisible, LoadBitmapA, LoadCursorA, LoadIconA, LoadStringA, MapWindowPoints, MessageBoxA, OemToCharA, OemToCharBuffA, PeekMessageA, PostMessageA, RegisterClassExA, SendDlgItemMessageA, SendMessageA, SetDlgItemTextA, SetFocus, SetMenu, SetWindowLongA, SetWindowPos, SetWindowTextA, ShowWindow, TranslateMessage, UpdateWindow, WaitForInputIdle, wsprintfA, wvsprintfA

( 0 exports )
TrID  : File type identification
96.2% (.EXE) WinRAR Self Extracting archive (518022/5)
1.5% (.EXE) Win32 Executable Generic (8527/13/3)
1.4% (.DLL) Win32 Dynamic Link Library (generic) (7583/30/2)
0.3% (.EXE) Generic Win/DOS Executable (2002/3)
0.3% (.EXE) DOS Executable Generic (2000/1)
ssdeep: 12288:VV7Ogp/FafaM9DaSX5OvdSkjn6NZ60DnfO3vXKmVz:HamafRBR5w56s3vf
Prevx Info: http://info.prevx.com/aboutprogramtext.asp?PX5=AAFF23B29E227952E3700845E6BF0B000056FF92
PEiD  : -
packers (Kaspersky): UPX
packers (F-Prot): ZIP, UPX
packers (Authentium): ZIP, ZIP, UPX
RDS   : NSRL Reference Data Set
-


注意: VirusTotal 是 Hispasec Sistemas 提供的免费服务. 我们不保证任何该服务的可用性和持续性. 尽管使用多种反病毒引擎所提供的检测率优于使用单一产品, 但这些结果并不保证文件无害. 目前来说, 没有任何一种解决方案可以提供 100% 的病毒和恶意软件检测率. 如果您购买了一款声称具有此能力的产品, 那么您可能已经成为受害者.

中邪
发表于 2010-1-15 10:11:23 | 显示全部楼层
ESET 3.0.695.0
Killed!
wangyunxi80
头像被屏蔽
发表于 2010-1-15 11:46:29 | 显示全部楼层
杀不到它的ms没几个
schumi小粉
发表于 2010-1-15 11:59:46 | 显示全部楼层
Win32/TrojanDropper.Agent.WF
智造中国
发表于 2010-1-15 13:34:41 | 显示全部楼层
呵呵,看看在人家那杀了,自己就不试了。
Johnny.R.
发表于 2010-1-15 17:26:52 | 显示全部楼层
名字好好玩。但是楼主,你开头说病毒没法清除,最后又说很多杀软都能杀是什么意思??矛盾了吧......
zongzi0518
发表于 2010-1-15 19:55:12 | 显示全部楼层
一朝怕蛇咬。十年怕井绳呀  我怕怕了
无聊
发表于 2010-1-15 21:11:22 | 显示全部楼层
这个不是最新的吧?
luoni96121
发表于 2010-1-15 21:47:55 | 显示全部楼层
卡巴报毒了
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2026-4-20 07:59 , Processed in 0.064768 second(s), 3 queries , Redis On.

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表