大量伪快播(Qvod.exe,click.exe,duogua.exe),天天更新 (637 楼有新)

jason_jiang

409 to xandora(panda)

sam.to

1d7a4919e4a901142cf9088276168ec9  Qvodplayer.exe1
cfb0a52780ff0f4586a760a57ffeda9d  Qvodplayer.exe11
11076af9baafc1f525acf54cbf788e6b  Qvodplayer.exe2
fa7717dae5a2a3008bf2fbd9aa26e08e  Qvodplayer.exe3
8293cfbd6d03d87b8570a614acdd45f5  Qvodplayer.exe4
da74064a03912be38a62b2fa1bce85a7  Qvodplayer.exe5
0e3eea456d2f626b8721ffeccdb7f8c1  Qvodplayer.exe6
75bc317c0bde5e17f489e54fc7030b66  Qvodplayer.exe7

今早google一下,本来只有3个网址再找多一个,刚又google一下,找了n个….以后是大包

to kl,ll,mcafee,comodo,avira,eset

http://sample.nod32.com.hk/index.php?a=query〈=0&md5=130055116cfecb2af3d24f7ad4d6236a


A listing of files contained inside archives alongside their results can be found below:

File ID	Filename	Size (Byte)	Result
25810925	Qvodplayer.exe1	88.5 KB	UNDER ANALYSIS
25810926	Qvodplayer.exe11	88.5 KB	UNDER ANALYSIS
25810927	Qvodplayer.exe2	88.5 KB	UNDER ANALYSIS
25810928	Qvodplayer.exe3	88.5 KB	UNDER ANALYSIS
25810929	Qvodplayer.exe4	88.5 KB	UNDER ANALYSIS
25810930	Qvodplayer.exe5	88.5 KB	UNDER ANALYSIS
25810931	Qvodplayer.exe6	88.5 KB	UNDER ANALYSIS
25810932	Qvodplayer.exe7	88.5 KB	UNDER ANALYSIS

Qvodplayer.exe1, Qvodplayer.exe11, Qvodplayer.exe2, Qvodplayer.exe3, Qvodplayer.exe4, Qvodplayer.exe5, Qvodplayer.exe6, Qvodplayer.exe7 - Trojan-Downloader.Win32.Agent.ebkw

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Please quote all when answering.
The answer is relevant to the latest bases from update sources.

Regards, Vitaly Vorobiov
Virus Analyst



Filename         Result          Qvodplayer.exe1          MALWARE

The file 'Qvodplayer.exe1' has been determined to be 'MALWARE'. Our analysts named the threat TR/Dldr.Adload.Y.2. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.
Filename         Result          Qvodplayer.exe11          MALWARE

The file 'Qvodplayer.exe11' has been determined to be 'MALWARE'. Our analysts named the threat TR/Dldr.Adload.Y.3. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.
Filename         Result          Qvodplayer.exe2          MALWARE

The file 'Qvodplayer.exe2' has been determined to be 'MALWARE'. Our analysts named the threat TR/Dldr.Adload.Y.4. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.
Filename         Result          Qvodplayer.exe3          MALWARE

The file 'Qvodplayer.exe3' has been determined to be 'MALWARE'. Our analysts named the threat TR/Dldr.Adload.Y.5. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.
Filename         Result          Qvodplayer.exe4          MALWARE

The file 'Qvodplayer.exe4' has been determined to be 'MALWARE'. Our analysts named the threat TR/Dldr.Adload.Y.10. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.
Filename         Result          Qvodplayer.exe5          MALWARE

The file 'Qvodplayer.exe5' has been determined to be 'MALWARE'. Our analysts named the threat TR/Dldr.Adload.Y.11. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.
Filename         Result          Qvodplayer.exe6          MALWARE

The file 'Qvodplayer.exe6' has been determined to be 'MALWARE'. Our analysts named the threat TR/Dldr.Adload.Y.8. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.
Filename         Result          Qvodplayer.exe7          MALWARE

The file 'Qvodplayer.exe7' has been determined to be 'MALWARE'. Our analysts named the threat TR/Dldr.Adload.Y.1. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.

jason_jiang

412
7x to xandora(panda)

13804120104

ESET 不错 刚下载到桌面就给自动删除了 我还没来得及反应呢

kav2046

23456 金山毒霸 杀！

ablhr

412
费尔清空

FDXLMC

A5特洛伊木马被拦截

Flying_Bird

状态： 已检测   (事件：8)       
2010/7/19 20:44:14        已检测        病毒 HEUR:Trojan.Win32.Generic        E:\DOWNLOAD\23456.rar/Qvodplayer.exe1        高       
2010/7/19 20:44:15        已检测        病毒 HEUR:Trojan.Win32.Generic        E:\DOWNLOAD\23456.rar/Qvodplayer.exe11        高       
2010/7/19 20:44:15        已检测        病毒 HEUR:Trojan.Win32.Generic        E:\DOWNLOAD\23456.rar/Qvodplayer.exe2        高       
2010/7/19 20:44:16        已检测        病毒 HEUR:Trojan.Win32.Generic        E:\DOWNLOAD\23456.rar/Qvodplayer.exe3        高       
2010/7/19 20:44:16        已检测        病毒 HEUR:Trojan.Win32.Generic        E:\DOWNLOAD\23456.rar/Qvodplayer.exe4        高       
2010/7/19 20:44:17        已检测        病毒 HEUR:Trojan.Win32.Generic        E:\DOWNLOAD\23456.rar/Qvodplayer.exe5        高       
2010/7/19 20:44:17        已检测        病毒 HEUR:Trojan.Win32.Generic        E:\DOWNLOAD\23456.rar/Qvodplayer.exe6        高       
2010/7/19 20:44:18        已检测        病毒 HEUR:Trojan.Win32.Generic        E:\DOWNLOAD\23456.rar/Qvodplayer.exe7        高       

sam.to

ddb888cf27477649d9e31c4612c00fbd  click.exe@
c78ee32cadada0eae27294aba16805fc  Qvodplayer.ex2e
bc2876450d8f18144d3b70eb650a2726  Qvodplayer.ex##e
a4e5a1121e3d0cbe66f1f65517363bfd  Qvodplayer.e$xe
906f875ab8aa1f4116942ece783f0cf3  Qvodplayer.exe^
5c6a1249e5a84ee4d7e34ca687570156  Qvodplayer.exe~
532b158f4780ff1713faa802bbbd9987  Qvodplayer.e%xe
3707e5e0bf730a8b45c5ead0c11eac63  Qvodplayer.exe!
2a0e3df462988015ea4e869aebde7e4c  Qvodplayer.e&xe
2443ae55fc5d77661417feb49e805b1b  Qvodplayer.exe~~
164392185cc5d248483e62d1886c4d59  Qvodplayer.e3xe
06c6c4b75b42c43c30a5f336742cf98d  Qvodplayer.exe4


to kl,ll,mcafee,comodo,avira



A listing of files contained inside archives alongside their results can be found below:

File ID	Filename	Size (Byte)	Result
25812215	click.exe@	87 KB	UNDER ANALYSIS
25812216	Qvodplayer.e$xe	88.5 KB	UNDER ANALYSIS
25812217	Qvodplayer.e%xe	88.5 KB	UNDER ANALYSIS
25812218	Qvodplayer.e&xe	88.5 KB	UNDER ANALYSIS
25812219	Qvodplayer.e3xe	88.5 KB	UNDER ANALYSIS
25812220	Qvodplayer.ex##e	88.5 KB	UNDER ANALYSIS
25812221	Qvodplayer.ex2e	88.5 KB	UNDER ANALYSIS
25812222	Qvodplayer.exe!	88.5 KB	UNDER ANALYSIS
25812223	Qvodplayer.exe4	88.5 KB	UNDER ANALYSIS
25812224	Qvodplayer.exe^	88.5 KB	UNDER ANALYSIS
25812225	Qvodplayer.exe~	88.5 KB	UNDER ANALYSIS
25812226	Qvodplayer.exe~~	88.5 KB	UNDER ANALYSIS

Please find a detailed report concerning each individual sample below:

Filename

Result

click.exe@

MALWARE

The file 'click.exe@' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Zbot.C.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection will be added to our virus definition file (VDF) with one of the next updates.

Filename

Result

Qvodplayer.e$xe

MALWARE

The file 'Qvodplayer.e$xe' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Adload.Y.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.09.123.

Filename

Result

Qvodplayer.e%xe

MALWARE

The file 'Qvodplayer.e%xe' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Adload.Y.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.09.123.

Filename

Result

Qvodplayer.e&xe

MALWARE

The file 'Qvodplayer.e&xe' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Adload.Y.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.09.123.

Filename

Result

Qvodplayer.e3xe

MALWARE

The file 'Qvodplayer.e3xe' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Adload.Y.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.09.123.

Filename

Result

Qvodplayer.ex##e

MALWARE

The file 'Qvodplayer.ex##e' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Adload.Y.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.09.123.

Filename

Result

Qvodplayer.ex2e

MALWARE

The file 'Qvodplayer.ex2e' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Adload.Y.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.09.123.

Filename

Result

Qvodplayer.exe!

MALWARE

The file 'Qvodplayer.exe!' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Adload.Y.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.09.123.

Filename

Result

Qvodplayer.exe4

MALWARE

The file 'Qvodplayer.exe4' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Adload.Y.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.09.123.

Filename

Result

Qvodplayer.exe^

MALWARE

The file 'Qvodplayer.exe^' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Adload.Y.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.09.123.

Filename

Result

Qvodplayer.exe~

MALWARE

The file 'Qvodplayer.exe~' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Adload.Y.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.09.123.

Filename

Result

Qvodplayer.exe~~

MALWARE

The file 'Qvodplayer.exe~~' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.Adload.Y.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.09.123.

Filename

Result

PPSPlayer.exe

MALWARE

The file 'PPSPlayer.exe' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Spy.ZBot.ame.13.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.08.04.Please note that Avira's proactive heuristic detection module AHeAD detected this threat up front without the latest VDF update as: TR/Dldr.Delphi.Gen.

波导的勇者

MPAV  kill