小紅傘沒找到...GData、F-Secure、Kaspersky 報

發表時間: 2008-9-13 22:57 作者: m1224542 來源: AVPClub Security Home

小紅傘沒報
將其中一個上傳到VT
只有3家報http://www.virustotal.com/zh-tw/ ... 999a9d6ee1f93c910a8

2008/9/14 PM 10:17:37 C:\Program Files\Internet Explorer\IEXPLORE.EXE Create Process C:\Documents and Settings\Administrator\Application Data\BlehClose\01PEAKUP.exe

我把他們按允許

ThreatExpert 報告:http://www.threatexpert.com/repo ... b7367784c71907676cd

[ 本帖最後由 m1224542 於 2008-9-13 23:01 編輯 ]

virus01.rar
(2008-09-13 22:57:25, Size: 643 kB, Downloads: 27)

virus02.rar
(2008-09-13 22:59:21, Size: 652 kB, Downloads: 24)

我也來說兩句 查看全部評論相關評論

lole (2008-9-13 23:59:49)

回報給紅傘了~

kaspersky:
已偵測: 特洛伊木馬程式 Trojan.Win32.Obfuscated.gen
shisin (2008-9-14 10:46:38)

Panda Antivirus Pro With DB:2008/09/13

not found
integear (2008-9-14 11:00:14)

哦哦,之前炒得火熱的Swizzor .
m1224542 (2008-9-14 18:58:23)

我把他按執行怎麼辦呢?
sun88990 (2008-9-14 20:15:17)

好像會寫入登入表一些東西吧!!
丟到ThreatExpert看看
m1224542 (2008-9-15 17:34:06)

小紅傘回覆了...這次有點久

File ID    Filename    Size (Byte) Result
25133572    virus02.rar 652.16 KB OK

A listing of files contained inside archives alongside their results can be found below:
File ID    Filename Size (Byte) Result
25133573    01PEAKUP.exe    640.5 KB    MALWARE
25133551    amok obj option.exe    303.5 KB    MALWARE

Please find a detailed report concerning each individual sample below:
Filename Result
01PEAKUP.exe    MALWARE

The file '01PEAKUP.exe' has been determined to be 'MALWARE'. Our analysts named the threat TR/Obfuscated.655872. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.00.06.155.
Filename Result
amok obj option.exe    MALWARE

The file 'amok obj option.exe' has been determined to be 'MALWARE'. Our analysts named the threat TR/Swizzor.1.3222. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.00.06.155.

資料來源:http://analysis.avira.com/sample ... p;incidentid=202533

File ID    Filename    Size (Byte) Result
25133576    virus01.rar 642.92 KB OK

A listing of files contained inside archives alongside their results can be found below:
File ID    Filename Size (Byte) Result
25133577    balm junk hole city.exe    311 KB    MALWARE
25133578    qfnvkebs.exe    525.5 KB    MALWARE

Please find a detailed report concerning each individual sample below:
Filename Result
balm junk hole city.exe    MALWARE

The file 'balm junk hole city.exe' has been determined to be 'MALWARE'. Our analysts named the threat TR/Obfuscated.318464.2. The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.00.06.155.
Filename Result
qfnvkebs.exe    MALWARE

The file 'qfnvkebs.exe' has been determined to be 'MALWARE'. Our analysts discovered that the file is a Trojan. In general this kind of programs contains harmful functionality called payload. Detection will be added to our virus definition file (VDF) with one of the next updates.

資料來源:http://analysis.avira.com/sample ... p;incidentid=202532
juijui (2008-9-15 20:32:37)

Avira AntiVir Premium
virus01.rar.
Virus or unwanted program 'TR/Obfuscated.318464.2 [trojan]'

virus02.rar.
Virus or unwanted program 'TR/Obfuscated.655872 [trojan]'
virax (2008-9-16 20:37:40)

detected obfuscated.gen