星期一, 6月 30, 2008

今天收到的病毒信

今天收到海洋大學博士寄來的病毒信,看來他的yahoo帳號被盜:P
這隻病毒ClamAV、小紅傘與卡巴斯基、NOD32都掃不到,明顯是"經前三大掃毒軟體驗證合格",於是丟到VirusTotal掃看看:
Virus Total

VirusTotal 是一款可疑檔案分析服務, 通過各種知名反病毒引擎, 對您所上傳的檔案進行偵測, 以判斷檔案是否被病毒, 蠕蟲, 木馬, 以及各類惡意軟體感染.





反病毒引擎 版本 最後更新 掃瞄結果
AhnLab-V32008.6.27.12008.06.30-
AntiVir7.8.0.592008.06.30-
Authentium5.1.0.42008.06.29W32/Onlinegames.gen
Avast4.8.1195.02008.06.28Win32:Lmir-RH
AVG7.5.0.5162008.06.29PSW.OnlineGames.BR
BitDefender7.22008.06.30-
CAT-QuickHeal9.502008.06.28-
ClamAV0.93.12008.06.30-
DrWeb4.44.0.091702008.06.30modification of Trojan.Nsanti.Packed
eSafe7.0.17.02008.06.29Suspicious File
eTrust-Vet31.6.59112008.06.27-
Ewido4.02008.06.27-
F-Prot4.4.4.562008.06.29W32/Onlinegames.gen
F-Secure7.60.13501.02008.06.26-
Fortinet3.14.0.02008.06.30-
GData2.0.7306.10232008.06.30Win32:Lmir-RH
IkarusT3.1.1.26.02008.06.30Packer.Malware.NSAnti.AL
Kaspersky7.0.0.1252008.06.30-
McAfee53272008.06.27PWS-OnlineGames.bd
Microsoft1.37042008.06.30TrojanSpy:Win32/OnLineGames.ZDR
NOD32v232252008.06.29-
Norman5.80.022008.06.27-
Panda9.0.0.42008.06.29Suspicious file
Prevx1V22008.06.30-
Rising20.51.00.002008.06.30-
Sophos4.30.02008.06.30Mal/EncPk-CE
Sunbelt3.0.1176.12008.06.26-
Symantec102008.06.30-
TheHacker6.2.96.3642008.06.28Trojan/Agent.adv
TrendMicro8.700.0.10042008.06.30TROJ_DROPPER.IWP
VBA323.12.6.82008.06.29-
VirusBuster4.5.11.02008.06.30Trojan.Lineage.Gen!Pac.3
Webwasher-Gateway6.6.22008.06.30Win32.Malware.gen (suspicious)
附加訊息
File size: 328936 bytes
MD5...: 04fa9fb5956ee6b88ad49d94a65d49ae
SHA1..: f6ec10e2f1538e8182528676acc498234cf51e4e
SHA256: 51522b6a7a23c2b64eb31066e2108d0276b341e092767bb183a227b73d750a10
SHA512: 1f1de25888a4060b05c724e7c1825fef723943b2ba42522d21ab63a195b219d8
bb5b5a6a345cfc04a2b1f61db812467f6c4608ca3ae683b7ae6ec41ae4639b36
PEiD..: -
PEInfo: -
packers (Kaspersky): PE_Patch
packers (Authentium): RAR
packers (F-Prot): RAR

2 則留言:

日落 提到...

抓到病毒的那幾家防毒公司嫌疑很大,說不定病毒就是他們寫的 = =+

國華的Blog 提到...

有時會來看您發表的文章,非常有參考價值,希望多看到