搜索
查看: 4698|回复: 23
收起左侧

[病毒样本] 一个分解2~100内质因数的PAS程序,只不过加几层北斗。。。。

[复制链接]
promised
发表于 2007-3-24 19:09:55 | 显示全部楼层 |阅读模式

AntivirusVersionUpdateResult
AhnLab-V32007.3.24.103.24.2007 [td]no virus found
AntiVir7.3.1.4403.23.2007HEUR/Malware
Authentium4.93.803.23.2007 [td]no virus found
Avast4.7.936.003.23.2007 [td]no virus found
AVG7.5.0.44703.23.2007 [td]no virus found
BitDefender7.203.24.2007 [td]no virus found
CAT-QuickHeal9.0003.23.2007(Suspicious) - DNAScan
ClamAVdevel-2007031203.24.2007 [td]no virus found
DrWeb4.3303.24.2007 [td]no virus found
eSafe7.0.14.003.22.2007suspicious Trojan/Worm
eTrust-Vet30.6.350603.23.2007 [td]no virus found
Ewido4.003.24.2007 [td]no virus found
FileAdvisor103.24.2007 [td]no virus found
Fortinet2.85.0.003.24.2007suspicious
F-Prot4.3.1.4503.23.2007 [td]no virus found
F-Secure6.70.13030.003.24.2007 [td]no virus found
IkarusT3.1.1.303.24.2007Backdoor.Win32.PcClient.GV
Kaspersky4.0.2.2403.24.2007 [td]no virus found
McAfee499103.23.2007New Malware.aq
Microsoft1.230603.24.2007 [td]no virus found
NOD32v2214103.24.2007 [td]no virus found
Norman5.80.0203.23.2007 [td]no virus found
Panda9.0.0.403.23.2007 [td]no virus found
Prevx1V203.24.2007 [td]no virus found
Sophos4.15.003.23.2007Mal/Packer
Sunbelt2.2.907.003.24.2007 [td]no virus found
Symantec1003.24.2007 [td]no virus found
TheHacker6.1.6.08003.23.2007 [td]no virus found
UNA1.8303.16.2007 [td]no virus found
VBA323.11.203.24.2007 [td]no virus found
VirusBuster4.3.7:903.23.2007Packed/NSPack
Webwasher-Gateway6.0.103.24.2007Heuristic.Malware

Aditional Information
File size: 20731 bytes
MD5: bf99a6ef48d0da03a62595a69ee3e7c9
SHA1: 07499249f235f7031411ae65b3f22d5ae54454e4
packers: NSPACK, NSPACK
packers: NSPack, PE_Patch

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
The EQs
发表于 2007-3-24 19:10:42 | 显示全部楼层
唉。。。。北斗。。。。nod32的痛。。。。
小邪邪
发表于 2007-3-24 19:14:05 | 显示全部楼层
喔,真想不到咖啡都启发了,报可疑
不过主流厂商一般不会乱报壳的,这点应该可以放心吧
promised
 楼主| 发表于 2007-3-24 19:14:41 | 显示全部楼层
原帖由 小邪邪 于 2007-3-24 19:14 发表
喔,真想不到咖啡都启发了,报可疑
不过主流厂商一般不会乱报壳的,这点应该可以放心吧

对咖啡的启发表示怀疑。。。。。。。。。。
The EQs
发表于 2007-3-24 19:16:31 | 显示全部楼层
现在发现很多厂商都喜欢报壳。。。。不希望nod32也跟着报壳。。。。
小邪邪
发表于 2007-3-24 19:17:01 | 显示全部楼层

回复 #4 promised 的帖子

不清楚,反正企业版都没报,不知道在搞什么飞机?
jimmyleo
发表于 2007-3-24 19:19:33 | 显示全部楼层
vt~现在真的有点飞机了
马力
发表于 2007-3-24 19:24:34 | 显示全部楼层
驱逐舰没有报
jlennon
头像被屏蔽
发表于 2007-3-24 19:27:23 | 显示全部楼层
-----------------------------SCAN REPORT-----------------------------
F-PROT Antivirus for Windows

Antivirus Scanning Engine version number: 4.3.1
Virus signature file from: 2007-3-24, 0:11

Scan name: [Custom Scan]
Path to scan: C:\Documents and Settings\Administrator\桌面\Noname0.rar

Normal scan
Also scan: Inside subfolders, Compressed files, Streams

Scan started: 2007-3-24, 19:27:12
---------------------------------------------------------------------

[Found possible virus]         <{no name} (not disinfectable)>        C:\Documents and Settings\Administrator\桌面\Noname0.rar->Noname0.exe->(NSPack)->(PE_Patch)->(NSPack)->(PE_Patch)
[Contains infected objects]        C:\Documents and Settings\Administrator\桌面\Noname0.rar
[Quarantined]        C:\Documents and Settings\Administrator\桌面\Noname0.rar->Noname0.exe->(NSPack)->(PE_Patch)->(NSPack)->(PE_Patch)

---------------------------------------------------------------------
Scan ended:        2007-3-24, 19:27:15
Duration:        0:00:03

Scan result:

Scanned files:                 1
Infected objects:         1
Disinfected objects:         0
Quarantined files:         1
---------------------------------------------------------------------
F-PORT报壳不奇怪
金剑
头像被屏蔽
发表于 2007-3-24 19:54:41 | 显示全部楼层
风暴胜者V2 测试版本(http://www.v0day.com)
______您的安全是我们的责任_______________

___________病毒查杀结果__________________
2007年3月24日19时54分34秒 开始查杀C:\Documents and Settings\Administrator\桌面\新建文件夹\Noname0
=========================================

_________文件性质分析结果________________
"带壳"仅指文件性质,仅供专业人员分析使用。


-----------------------------------------

2007年3月24日19时54分34秒收起线程…100% 查杀完毕!
扫描文件:1查杀病毒:0
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛|卡饭乐购| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 苏ICP备07004770号 ) GMT+8, 2019-9-21 07:03 , Processed in 0.053287 second(s), 5 queries , MemCache On.

快速回复 返回顶部 返回列表