有點假，雖然我家的小紅傘掃不到:jump2:
這檔案主要是怎麼運作的呢？想請教
http://xs223.xs.to/xs223/08052/a7957.jpg

贊助商連結

Start of the scan: 2008年1月30日 22:41

Starting the file scan:

Begin scan in 'C:\TEST\a7[1].com.rar'
C:\TEST\a7[1].com.rar
[0] Archive type: RAR
--> a7.com.vir
[1] Archive type: RAR SFX (self extracting)
--> 7.exe
[DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
[INFO] The file was moved to '47fb8cd7.qua'!


End of the scan: 2008年1月30日 22:41
Used time: 00:05 min

The scan has been done completely.

0 Scanning directories
6 Files were scanned
1 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
1 files were moved to quarantine
0 files were renamed
0 Files cannot be scanned
5 Files not concerned
3 Archives were scanned
0 Warnings
0 Notes

這個檔本來是不是腳本檔?
若是的話就需要經過解密才能知道腳本木馬
下載目標指向那裡~

MD5: 59D86232A0196CC5E42EE052AA37980B
UPX 0.89.6 - 1.02 / 1.05 - 1.22 -> Markus & Lazlo

唔，在下收到時檔名就是 a7.zip
解開後是 a7.com 我更名為 a7.com.vir 再壓成rar上傳
所以只有收到1個檔案，也不知有無另外腳本了:eye:


Start of the scan: 2008年1月30日 22:41

Starting the file scan:

Begin scan in 'C:\TEST\a7[1].com.rar'
C:\TEST\a7[1].com.rar
[0] Archive type: RAR
--> a7.com.vir
[1] Archive type: RAR SFX (self extracting)
--> 7.exe
[DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
[INFO] The file was moved to '47fb8cd7.qua'!


End of the scan: 2008年1月30日 22:41
Used time: 00:05 min

The scan has been done completely.

0 Scanning directories
6 Files were scanned
1 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
1 files were moved to quarantine
0 files were renamed
0 Files cannot be scanned
5 Files not concerned
3 Archives were scanned
0 Warnings
0 Notes

這個檔本來是不是腳本檔?
若是的話就需要經過解密才能知道腳本木馬
下載目標指向那裡~

本質是 WinRAR 自解檔。

官網回覆此檔安全