收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 病毒样本 附带分析
123下一页
返回列表 发新帖
楼主: 思齐鼠
 收起左侧

[病毒样本] 病毒样本 附带分析

  [复制链接]
瓜皮猫
发表于 2010-12-24 21:48:25 | 显示全部楼层
思齐鼠 发表于 2010-12-24 21:11
——————————————————自定义命名:Trojan/downloader.A————————————

eset 的启发很强大啊
eset kill   高启发
C:\Users\微亿毫\Desktop\样本.rar > RAR > QQ刷会员.exe - 未查明的 NewHeur_PE 病毒

to eset
回复

举报

s8706042
发表于 2010-12-24 22:12:28 | 显示全部楼层
已上報趨勢嚕~
回复

举报

ppy0606
发表于 2010-12-24 22:20:24 | 显示全部楼层
2010-12-24 22:18:10    创建新进程    允许
进程: c:\windows\explorer.exe
目标: d:\我的文档\viurs test\样本\qq刷会员.exe
命令行: "d:\我的文档\viurs test\样本\QQ刷会员.exe"
规则: [应用程序组]威胁提示Ⅰ -> [应用程序]* -> [子应用程序]d:\我的文档\*

2010-12-24 22:18:13    修改注册表值    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache
值: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
规则: [注册表组]资源管理器相关设置 -> [注册表]*\Software\Microsoft\Windows\CurrentVersion\Explorer\*Shell Folders*

2010-12-24 22:18:14    修改注册表值    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cookies
值: C:\Documents and Settings\Administrator\Cookies
规则: [注册表组]资源管理器相关设置 -> [注册表]*\Software\Microsoft\Windows\CurrentVersion\Explorer\*Shell Folders*

2010-12-24 22:18:14    修改注册表值    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\History
值: C:\Documents and Settings\Administrator\Local Settings\History
规则: [注册表组]资源管理器相关设置 -> [注册表]*\Software\Microsoft\Windows\CurrentVersion\Explorer\*Shell Folders*

2010-12-24 22:18:15    修改文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: \Device\NamedPipe\ROUTER
规则: [应用程序组]威胁提示Ⅰ -> [应用程序]* -> [文件]\device\namedpipe\*

2010-12-24 22:18:15    修改文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: \Device\NamedPipe\ROUTER
规则: [应用程序组]威胁提示Ⅰ -> [应用程序]* -> [文件]\device\namedpipe\*

2010-12-24 22:18:15    修改注册表值    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Common AppData
值: C:\Documents and Settings\All Users\Application Data
规则: [注册表组]资源管理器相关设置 -> [注册表]*\Software\Microsoft\Windows\CurrentVersion\Explorer\*Shell Folders*

2010-12-24 22:18:15    修改文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: \Device\NamedPipe\ROUTER
规则: [应用程序组]威胁提示Ⅰ -> [应用程序]* -> [文件]\device\namedpipe\*

2010-12-24 22:18:16    修改注册表值    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\AppData
值: C:\Documents and Settings\Administrator\Application Data
规则: [注册表组]资源管理器相关设置 -> [注册表]*\Software\Microsoft\Windows\CurrentVersion\Explorer\*Shell Folders*

2010-12-24 22:18:16    修改文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: \Device\NamedPipe\ROUTER
规则: [应用程序组]威胁提示Ⅰ -> [应用程序]* -> [文件]\device\namedpipe\*

2010-12-24 22:18:16    修改文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: \Device\NamedPipe\ROUTER
规则: [应用程序组]威胁提示Ⅰ -> [应用程序]* -> [文件]\device\namedpipe\*

2010-12-24 22:18:18    修改注册表值    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\AppData
值: C:\Documents and Settings\Administrator\Application Data
规则: [注册表组]资源管理器相关设置 -> [注册表]*\Software\Microsoft\Windows\CurrentVersion\Explorer\*Shell Folders*

2010-12-24 22:18:18    修改文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: \Device\NamedPipe\ROUTER
规则: [应用程序组]威胁提示Ⅰ -> [应用程序]* -> [文件]\device\namedpipe\*

2010-12-24 22:18:19    修改注册表值    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\AppData
值: C:\Documents and Settings\Administrator\Application Data
规则: [注册表组]资源管理器相关设置 -> [注册表]*\Software\Microsoft\Windows\CurrentVersion\Explorer\*Shell Folders*

2010-12-24 22:18:19    修改文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: \Device\NamedPipe\ROUTER
规则: [应用程序组]威胁提示Ⅰ -> [应用程序]* -> [文件]\device\namedpipe\*

2010-12-24 22:18:19    修改文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: \Device\NamedPipe\ROUTER
规则: [应用程序组]威胁提示Ⅰ -> [应用程序]* -> [文件]\device\namedpipe\*

2010-12-24 22:18:19    修改注册表值    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\AppData
值: C:\Documents and Settings\Administrator\Application Data
规则: [注册表组]资源管理器相关设置 -> [注册表]*\Software\Microsoft\Windows\CurrentVersion\Explorer\*Shell Folders*

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\103[1].exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\103[2].exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\103[3].exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\103[4].exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\103[5].exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\103[6].exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\103[7].exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\103[8].exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\103[9].exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\103[10].exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\103[11].exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\103CAFES7UG.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\103CAFES7UGCA37EU6S.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\103CAFES7UGCA37EU6SCAA06B7D.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\103CAFES7UGCA37EU6SCAA06B7DCA9WYUWF.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\103CAFES7UGCA37EU6SCAA06B7DCA9WYUWFCAA3EUOW.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\103CAFES7UGCA37EU6SCAA06B7DCA9WYUWFCAA3EUOWCA0SUJY6.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\103CAFES7UGCA37EU6SCAA06B7DCA9WYUWFCAA3EUOWCA0SUJY6CATZ53OW.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\103CAFES7UGCA37EU6SCAA06B7DCA9WYUWFCAA3EUOWCA0SUJY6CATZ53OWCAVVIIF5.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\103CAFES7UGCA37EU6SCAA06B7DCA9WYUWFCAA3EUOWCA0SUJY6CATZ53OWCAVVIIF5CAFPIP04.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\103CAFES7UGCA37EU6SCAA06B7DCA9WYUWFCAA3EUOWCA0SUJY6CATZ53OWCAVVIIF5CAFPIP04CARKEY2C.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\103CAFES7UGCA37EU6SCAA06B7DCA9WYUWFCAA3EUOWCA0SUJY6CATZ53OWCAVVIIF5CAFPIP04CARKEY2CCAXFAFUH.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\103CAFES7UGCA37EU6SCAA06B7DCA9WYUWFCAA3EUOWCA0SUJY6CATZ53OWCAVVIIF5CAFPIP04CARKEY2CCAXFAFUHCAB0WKCD.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\103CAFES7UGCA37EU6SCAA06B7DCA9WYUWFCAA3EUOWCA0SUJY6CATZ53OWCAVVIIF5CAFPIP04CARKEY2CCAXFAFUHCAB0WKCDCATWTA0X.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\103CAFES7UGCA37EU6SCAA06B7DCA9WYUWFCAA3EUOWCA0SUJY6CATZ53OWCAVVIIF5CAFPIP04CARKEY2CCAXFAFUHCAB0WKCDCATWTA0XCAP2CVJI.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\103CAFES7UGCA37EU6SCAA06B7DCA9WYUWFCAA3EUOWCA0SUJY6CATZ53OWCAVVIIF5CAFPIP04CARKEY2CCAXFAFUHCAB0WKCDCATWTA0XCAP2CVJICAHEL301.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\103CAFES7UGCA37EU6SCAA06B7DCA9WYUWFCAA3EUOWCA0SUJY6CATZ53OWCAVVIIF5CAFPIP04CARKEY2CCAXFAFUHCAB0WKCDCATWTA0XCAP2CVJICAHEL301CA2JL1ZQ.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\103CAFES7UGCA37EU6SCAA06B7DCA9WYUWFCAA3EUOWCA0SUJY6CATZ53OWCAVVIIF5CAFPIP04CARKEY2CCAXFAFUHCAB0WKCDCATWTA0XCAP2CVJICAHEL301CA2JL1ZQCAB3RBTB.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\103CAFES7UGCA37EU6SCAA06B7DCA9WYUWFCAA3EUOWCA0SUJY6CATZ53OWCAVVIIF5CAFPIP04CARKEY2CCAXFAFUHCAB0WKCDCATWTA0XCAP2CVJICAHEL301CA2JL1ZQCAB3RBTBCAAC9VOY.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\FES7UGCA37EU6SCAA06B7DCA9WYUWFCAA3EUOWCA0SUJY6CATZ53OWCAVVIIF5CAFPIP04CARKEY2CCAXFAFUHCAB0WKCDCATWTA0XCAP2CVJICAHEL301CA2JL1ZQCAB3RBTBCAAC9VOYCA92ZMH8.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\37EU6SCAA06B7DCA9WYUWFCAA3EUOWCA0SUJY6CATZ53OWCAVVIIF5CAFPIP04CARKEY2CCAXFAFUHCAB0WKCDCATWTA0XCAP2CVJICAHEL301CA2JL1ZQCAB3RBTBCAAC9VOYCA92ZMH8CAC3TRY1.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\A06B7DCA9WYUWFCAA3EUOWCA0SUJY6CATZ53OWCAVVIIF5CAFPIP04CARKEY2CCAXFAFUHCAB0WKCDCATWTA0XCAP2CVJICAHEL301CA2JL1ZQCAB3RBTBCAAC9VOYCA92ZMH8CAC3TRY1CA1OFW9P.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\9WYUWFCAA3EUOWCA0SUJY6CATZ53OWCAVVIIF5CAFPIP04CARKEY2CCAXFAFUHCAB0WKCDCATWTA0XCAP2CVJICAHEL301CA2JL1ZQCAB3RBTBCAAC9VOYCA92ZMH8CAC3TRY1CA1OFW9PCAMCIVU4.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\A3EUOWCA0SUJY6CATZ53OWCAVVIIF5CAFPIP04CARKEY2CCAXFAFUHCAB0WKCDCATWTA0XCAP2CVJICAHEL301CA2JL1ZQCAB3RBTBCAAC9VOYCA92ZMH8CAC3TRY1CA1OFW9PCAMCIVU4CAOYSL52.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\0SUJY6CATZ53OWCAVVIIF5CAFPIP04CARKEY2CCAXFAFUHCAB0WKCDCATWTA0XCAP2CVJICAHEL301CA2JL1ZQCAB3RBTBCAAC9VOYCA92ZMH8CAC3TRY1CA1OFW9PCAMCIVU4CAOYSL52CAUZML13.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\TZ53OWCAVVIIF5CAFPIP04CARKEY2CCAXFAFUHCAB0WKCDCATWTA0XCAP2CVJICAHEL301CA2JL1ZQCAB3RBTBCAAC9VOYCA92ZMH8CAC3TRY1CA1OFW9PCAMCIVU4CAOYSL52CAUZML13CA6TQRUE.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\VVIIF5CAFPIP04CARKEY2CCAXFAFUHCAB0WKCDCATWTA0XCAP2CVJICAHEL301CA2JL1ZQCAB3RBTBCAAC9VOYCA92ZMH8CAC3TRY1CA1OFW9PCAMCIVU4CAOYSL52CAUZML13CA6TQRUECA1IP26Z.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\FPIP04CARKEY2CCAXFAFUHCAB0WKCDCATWTA0XCAP2CVJICAHEL301CA2JL1ZQCAB3RBTBCAAC9VOYCA92ZMH8CAC3TRY1CA1OFW9PCAMCIVU4CAOYSL52CAUZML13CA6TQRUECA1IP26ZCAPMTAVT.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\RKEY2CCAXFAFUHCAB0WKCDCATWTA0XCAP2CVJICAHEL301CA2JL1ZQCAB3RBTBCAAC9VOYCA92ZMH8CAC3TRY1CA1OFW9PCAMCIVU4CAOYSL52CAUZML13CA6TQRUECA1IP26ZCAPMTAVTCA032SH3.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\XFAFUHCAB0WKCDCATWTA0XCAP2CVJICAHEL301CA2JL1ZQCAB3RBTBCAAC9VOYCA92ZMH8CAC3TRY1CA1OFW9PCAMCIVU4CAOYSL52CAUZML13CA6TQRUECA1IP26ZCAPMTAVTCA032SH3CAF0C027.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\B0WKCDCATWTA0XCAP2CVJICAHEL301CA2JL1ZQCAB3RBTBCAAC9VOYCA92ZMH8CAC3TRY1CA1OFW9PCAMCIVU4CAOYSL52CAUZML13CA6TQRUECA1IP26ZCAPMTAVTCA032SH3CAF0C027CA8RX8J2.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\TWTA0XCAP2CVJICAHEL301CA2JL1ZQCAB3RBTBCAAC9VOYCA92ZMH8CAC3TRY1CA1OFW9PCAMCIVU4CAOYSL52CAUZML13CA6TQRUECA1IP26ZCAPMTAVTCA032SH3CAF0C027CA8RX8J2CA9SFMKR.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\P2CVJICAHEL301CA2JL1ZQCAB3RBTBCAAC9VOYCA92ZMH8CAC3TRY1CA1OFW9PCAMCIVU4CAOYSL52CAUZML13CA6TQRUECA1IP26ZCAPMTAVTCA032SH3CAF0C027CA8RX8J2CA9SFMKRCAKW8MBE.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\HEL301CA2JL1ZQCAB3RBTBCAAC9VOYCA92ZMH8CAC3TRY1CA1OFW9PCAMCIVU4CAOYSL52CAUZML13CA6TQRUECA1IP26ZCAPMTAVTCA032SH3CAF0C027CA8RX8J2CA9SFMKRCAKW8MBECAH3RSTP.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\2JL1ZQCAB3RBTBCAAC9VOYCA92ZMH8CAC3TRY1CA1OFW9PCAMCIVU4CAOYSL52CAUZML13CA6TQRUECA1IP26ZCAPMTAVTCA032SH3CAF0C027CA8RX8J2CA9SFMKRCAKW8MBECAH3RSTPCAFIO16Y.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\B3RBTBCAAC9VOYCA92ZMH8CAC3TRY1CA1OFW9PCAMCIVU4CAOYSL52CAUZML13CA6TQRUECA1IP26ZCAPMTAVTCA032SH3CAF0C027CA8RX8J2CA9SFMKRCAKW8MBECAH3RSTPCAFIO16YCAF6QYNC.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\AC9VOYCA92ZMH8CAC3TRY1CA1OFW9PCAMCIVU4CAOYSL52CAUZML13CA6TQRUECA1IP26ZCAPMTAVTCA032SH3CAF0C027CA8RX8J2CA9SFMKRCAKW8MBECAH3RSTPCAFIO16YCAF6QYNCCAGVDTJB.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\92ZMH8CAC3TRY1CA1OFW9PCAMCIVU4CAOYSL52CAUZML13CA6TQRUECA1IP26ZCAPMTAVTCA032SH3CAF0C027CA8RX8J2CA9SFMKRCAKW8MBECAH3RSTPCAFIO16YCAF6QYNCCAGVDTJBCA9V5Z83.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\C3TRY1CA1OFW9PCAMCIVU4CAOYSL52CAUZML13CA6TQRUECA1IP26ZCAPMTAVTCA032SH3CAF0C027CA8RX8J2CA9SFMKRCAKW8MBECAH3RSTPCAFIO16YCAF6QYNCCAGVDTJBCA9V5Z83CAXB2PHF.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

2010-12-24 22:18:21    创建文件    阻止
进程: d:\我的文档\viurs test\样本\qq刷会员.exe
目标: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OF5FY18J\1OFW9PCAMCIVU4CAOYSL52CAUZML13CA6TQRUECA1IP26ZCAPMTAVTCA032SH3CAF0C027CA8RX8J2CA9SFMKRCAKW8MBECAH3RSTPCAFIO16YCAF6QYNCCAGVDTJBCA9V5Z83CAXB2PHFCAJDNMR1.exe
规则: [文件组]IE Cache -> [文件]*\temporary internet files\*; *.exe

回复

举报

kinkids
发表于 2010-12-24 22:30:31 | 显示全部楼层
Kaspersky Internet Security 2011
掃瞄偵測為【HEUR:Trojan-Downloader.Win32.Generic】
已進行隔離/刪除動作。

掃瞄偵測到1個可疑檔案,--個 Kaspersky Cloud,1個啟發,--個特徵碼,一隻病毒一條特徵碼傻眼囧rz
剩餘--個文件MISS,無威脅可疑,已提交至 Kaspersky
回复

举报

猪头无双
头像被屏蔽
发表于 2010-12-24 22:42:19 | 显示全部楼层
开始在“C:\Users\Administrator\Downloads\样本.rar”中扫描
C:\Users\Administrator\Downloads\样本.rar
[0] 存档类型: RAR
  [检测]        是 TR/VB.Downloader.Gen 特洛伊木马
--> QQᅨᄁᄏ£ᅯᄆ.exe
  [检测]        是 TR/VB.Downloader.Gen 特洛伊木马

这算高启发不明明是特征码报毒吗
回复

举报

zhanghusen
发表于 2010-12-25 00:32:12 | 显示全部楼层

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

小飞侠.net
发表于 2010-12-25 07:16:18 | 显示全部楼层
本帖最后由 小飞侠.net 于 2010-12-25 07:22 编辑

To 金山毒霸

文件上报成功
上报号:1015fde006ad37e8f316c24d318c6294

样本名称:样本分析.txt
文件MD5:44dbd20cc2e31576b4cac6524700b1a5
鉴定结果:该文件不是Windows可执行文件
样本名称:QQ刷会员.exe
文件MD5:43b1d815ff997b652222bca3faeae76c
鉴定结果:安全


回复

举报

恋亿晓
发表于 2010-12-25 07:43:51 | 显示全部楼层
本帖最后由 恋亿晓 于 2010-12-25 07:44 编辑

to MSEhttps://www.microsoft.com/security/portal/Submission/SubmissionHistory.aspx?SubmissionId=4f0f1468-0cad-4b08-a1ca-58b42b94eb32&n=1
回复

举报

qq541471559
发表于 2010-12-25 07:46:27 | 显示全部楼层
to金山卫士,已上报
回复

举报

post8
头像被屏蔽
发表于 2010-12-25 11:41:49 | 显示全部楼层
回复 15楼 猪头无双 的帖子

不是高啟發也不是特徵碼
回复

举报

下一页 »
123下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-2-9 11:54 , Processed in 0.102984 second(s), 15 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表