收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 紅傘C過但是P版報的的木馬
1 ...234567891011下一页
返回列表 发新帖
楼主: lanvin
 收起左侧

[病毒样本] 紅傘C過但是P版報的的木馬

[复制链接]
mofunzone
发表于 2007-5-4 17:10:07 | 显示全部楼层

回复 #68 EQ2 的帖子

咖啡的启发没有名称上的区别,就是靠着后面的.a .u什么的来判断是什么类型的,自己多去mcafee官方看看吧,那和是不是病毒没有关系,只是名字罢了
回复

举报

The EQs
发表于 2007-5-4 17:10:39 | 显示全部楼层

回复 #71 mofunzone 的帖子

你也说是名字了。。。。。。。那么KAV为什么不是呢???
回复

举报

The EQs
发表于 2007-5-4 17:12:29 | 显示全部楼层

搞笑的卡巴

Name of malicious program↑ Detection timeUpdate released
29 April 2007
Packed.Win32.Tibs.v19:37 20:45
28 April 2007
Packed.Win32.Klone.af20:45   
27 April 2007
Packed.Win32.Tibs.u13:14 15:03
17 April 2007
Packed.Win32.Tibs.t21:39   
16 April 2007
Packed.Win32.PePatch.hÐ Ñ–20:24   
Packed.Win32.PePatch.hv20:22   
Packed.Win32.PePatch.hu20:12   
15 April 2007
Packed.Win32.Tibs.s14:28 15:35
Packed.Win32.Tibs.r00:56 02:01
13 April 2007
Packed.Win32.Tibs.q23:10 00:51
11 April 2007
Packed.Win32.PolyCrypt.b16:09   
Packed.Win32.Tibs.p11:37 13:01
9 April 2007
Packed.Win32.PePatch.ah23:48   
Packed.Win32.Tibs.o19:55 21:03
5 April 2007
Packed.Win32.NSAnti.n15:26   
4 April 2007
Packed.Win32.PePatch.ht15:44   
14 March 2007
Packed.Win32.PePatch.hr06:49 08:38
28 February 2007
Packed.Win32.Klone.ad22:31 00:32
14 February 2007
Packed.Win32.PePatch.hq15:34 16:22
Packed.Win32.PePatch.hp08:39 10:00
12 February 2007
Packed.Win32.PePatch.ho18:59 22:06
5 February 2007
Packed.Win32.Tibs.n19:29 21:02
Packed.Win32.Tibs.m19:29 21:02
29 January 2007
Packed.Win32.PePatch.hj07:17 08:38
26 January 2007
Packed.Win32.PePatch.hi21:25 22:52
25 January 2007
Packed.Win32.Tibs.l21:57   
22 January 2007
Packed.Win32.PePatch.hf20:23 22:02
18 January 2007
Packed.Win32.PePatch.ha21:31 22:10
Packed.Win32.PePatch.gy21:31 22:10
11 January 2007
Packed.Win32.PePatch.gs15:32 18:07
1  |  2  |  3  |  4  |  5  |  Next Page >>  |  Last Page


回复

举报

The EQs
发表于 2007-5-4 17:13:00 | 显示全部楼层
January 2007
Packed.Win32.PePatch.gr02:35 03:58
28 December 2006
Packed.Win32.NSAnti.j21:58 23:28
22 December 2006
Packed.Win32.PePatch.gq18:37 20:50
Packed.Win32.PePatch.gp15:03 17:24
Packed.Win32.PePatch.go15:03 17:24
21 December 2006
Packed.Win32.Klone.ab20:12 22:38
Packed.Win32.PePatch.gn18:53 21:26
Packed.Win32.NSAnti.i18:37 20:08
Packed.Win32.PePatch.gm17:59 20:08
Packed.Win32.PePatch.gl17:59 20:08
Packed.Win32.PePatch.gk17:59 20:08
Packed.Win32.PePatch.gj17:29 18:52
Packed.Win32.NSAnti.h17:29 18:52
Packed.Win32.NSAnti.g17:10 18:52
Packed.Win32.PePatch.gi16:03 17:38
19 December 2006
Packed.Win32.NSAnti.f22:19 00:50
18 December 2006
Packed.Win32.Klone.aa19:40 22:02
Packed.Win32.Klone.z18:01 21:04
Packed.Win32.Klone.y17:50 21:04
15 December 2006
Packed.Win32.PePatch.gh22:09 00:07
14 December 2006
Packed.Win32.Klone.x23:19 00:45
Packed.Win32.PePatch.gg18:56 20:10
Packed.Win32.PePatch.gf15:45 17:08
12 December 2006
Packed.Win32.Klone.w01:25 02:36
7 December 2006
Packed.Win32.Klone.v01:30 03:54
Packed.Win32.PePatch.ge00:39 01:48
5 December 2006
Packed.Win32.PePatch.gd13:43 15:42
4 December 2006
Packed.Win32.Klone.u22:25 00:56
Packed.Win32.PePatch.gc04:59 06:50
29 November 2006
Packed.Win32.PePatch.gb21:48 00:12
回复

举报

mofunzone
发表于 2007-5-4 17:13:16 | 显示全部楼层

回复 #72 EQ2 的帖子

我要说的就是,人家报告的只是人家给病毒定义的名字而已,可能kav入库前病毒是用的polycrpt加壳的,所以人家病毒的名称就叫做packed.polycrpt.a,而你一定认为是人家通过壳来识别的
这正是我要说明的,明白?
你自己天天看到个crypt,packed就说报壳,好笑而已
回复

举报

The EQs
发表于 2007-5-4 17:13:36 | 显示全部楼层
事到如今。。。。和你没什么说的了。。。。。卡巴报NSANTI还有这么多花样。。。
回复

举报

The EQs
发表于 2007-5-4 17:14:07 | 显示全部楼层

回复 #75 mofunzone 的帖子

自己看看卡巴的病毒升级情况吧。。。
回复

举报

lanvin
 楼主| 发表于 2007-5-4 17:14:17 | 显示全部楼层
紅傘的回復
Avira Scan Results
--------------------------
We received the following archive files:


File ID Filename Size (Byte) Result
535287 1423.rar 173.21 KB OK

A listing of files contained inside archives alongside their results can be found below:

File ID Filename Size (Byte) Result
535014 1423.exe 191.5 KB MALWARE


Please find a detailed report concerning each individual sample below:

Filename Result
1423.exe MALWARE

The file '1423.exe' has been determined to be 'MALWARE'. Our analysts named the threat DR/PCK.PolyCrypt.B.13. The term "DR/" denotes a program that is able to place a virus or a malware discretely on a system.Detection is added to our virus definition file (VDF) starting with version 6.38.01.88.
回复

举报

The EQs
发表于 2007-5-4 17:14:50 | 显示全部楼层
27 November 2006
Packed.Win32.NSAnti.e23:06 00:36
23 November 2006
Packed.Win32.Klone.t00:16 02:18
22 November 2006
Packed.Win32.NSAnti.d22:53 00:08
21 November 2006
Packed.Win32.NSAnti.c22:52 00:17
20 November 2006
Packed.Win32.Tibs.j16:49 18:31
Packed.Win32.Tibs.k16:49 18:31
17 November 2006
Packed.Win32.Klone.s19:52   
Packed.Win32.Clone.s19:31   
16 November 2006
Packed.Win32.PePatch.fz20:43 22:43
Packed.Win32.PePatch.ga20:43 22:43
15 November 2006
Packed.Win32.PePatch.fy17:07 19:11
14 November 2006
Packed.Win32.PePatch.fx22:07 00:15
Packed.Win32.PePatch.fw15:50 18:55
13 November 2006
Packed.Win32.PePatch.fv18:33 20:25
Packed.Win32.Tibs.i17:51 19:31
Packed.Win32.Klone.r17:51 19:31
Packed.Win32.PePatch.fu17:45 19:31
11 November 2006
Packed.Win32.Klone.q19:02 23:34
10 November 2006
Packed.Win32.PePatch.fr20:47 23:12
Packed.Win32.PePatch.ft20:28 23:12
Packed.Win32.PePatch.fs20:27 23:12
Packed.Win32.PePatch.fq20:11 23:12
Packed.Win32.PePatch.fp17:41 19:40
7 November 2006
Packed.Win32.Klone.p20:50 23:22
3 November 2006
Packed.Win32.Klone.o18:31 20:14
Packed.Win32.PePatch.fo18:20 20:14
2 November 2006
Packed.Win32.Klone.n19:38 21:04
Packed.Win32.PePatch.fn19:15 21:04
30 October 2006
Packed.Win32.Klone.m20:23 22:10
Packed.Win32.PePatch.fm18:03 20:22
回复

举报

lanvin
 楼主| 发表于 2007-5-4 17:15:21 | 显示全部楼层
你們繼續
回复

举报

下一页 »
1 ...234567891011下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-1-12 01:49 , Processed in 0.116441 second(s), 15 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表