C0NIME.EXE，C0NIMEO.EXE

瑞星卡卡安全论坛技术交流区 可疑文件交流 C0NIME.EXE，C0NIMEO.EXE

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第四十七次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1 / 1 页

跳转页

社区嘉宾

帖子:22020
注册: 2003-04-29
来自:pe_xscan Studio

发表于： 2008-09-07 17:33 | 显示全部 短消息资料

字号：小中大 1楼

C0NIME.EXE，C0NIMEO.EXE

附件: 您所在的用户组无法下载或查看附件

附件: 您所在的用户组无法下载或查看附件

解压密码：virus

文件说明符 : C:\WINDOWS\system32\C0NIME.EXE （数字0）

属性 : A---
数字签名:否
PE文件:是
获取文件版本信息大小失败!
创建时间 : 2008-8-19 18:4:6
修改时间 : 2008-8-19 18:4:6
大小 : 170564 字节 166.580 KB
MD5 : d6363e40553c4ad2c0339c187e84f0f3
SHA1: F8FE0DA49D7DA655561AB602E94D14CB4E2EA029
CRC32: a75055c7

文件说明符 : C:\WINDOWS\system32\C0NIMEO.EXE （数字0）
属性 : A---
数字签名:否
PE文件:是
获取文件版本信息大小失败!
创建时间 : 2008-8-20 8:40:51
修改时间 : 2008-8-20 8:40:46
大小 : 46088 字节 45.8 KB
MD5 : 6bee77700ea7fa3b90cf79b8907ece8d
SHA1: 461E7EE961CEB26FC9C4B38DF11BD2309B674B19
CRC32: 42df86dc

文件 C0NIME.EXE 接收于 2008.09.07 11:29:25 (CET)

反病毒引擎	版本	最后更新	扫描结果
AhnLab-V3	2008.9.6.0	2008.09.06	Win-Trojan/Agent.170564
AntiVir	7.8.1.28	2008.09.05	HEUR/Crypted
Authentium	5.1.0.4	2008.09.06	W32/Heuristic-210!Eldorado
Avast	4.8.1195.0	2008.09.06	Win32:Trojan-gen {Other}
AVG	8.0.0.161	2008.09.07	SHeur.BYWB
BitDefender	7.2	2008.09.07	-
CAT-QuickHeal	9.50	2008.09.06	(Suspicious) - DNAScan
ClamAV	0.93.1	2008.09.07	-
DrWeb	4.44.0.09170	2008.09.07	DLOADER.Trojan
eSafe	7.0.17.0	2008.09.03	Suspicious File
eTrust-Vet	31.6.6072	2008.09.05	Win32/Maycon.A
Ewido	4.0	2008.09.06	-
F-Prot	4.4.4.56	2008.09.06	W32/Heuristic-210!Eldorado
F-Secure	8.0.14332.0	2008.09.07	W32/Suspicious_U.gen
Fortinet	3.112.0.0	2008.09.07	-
GData	19	2008.09.07	Win32:Trojan-gen
Ikarus	T3.1.1.34.0	2008.09.07	Virus.Win32.Trojan
K7AntiVirus	7.10.443	2008.09.05	-
Kaspersky	7.0.0.125	2008.09.07	Heur.Trojan.Generic
McAfee	5378	2008.09.05	New Malware.aj
Microsoft	1.3903	2008.09.07	-
NOD32v2	3423	2008.09.06	-
Norman	5.80.02	2008.09.05	W32/Packed_Upack.A
Panda	9.0.0.4	2008.09.06	Suspicious file
PCTools	4.4.2.0	2008.09.06	Packed/Upack
Prevx1	V2	2008.09.07	Malicious Software
Rising	20.60.62.00	2008.09.07	-
Sophos	4.33.0	2008.09.07	Mal/Emogen-P
Sunbelt	3.1.1610.1	2008.09.05	VIPRE.Suspicious
Symantec	10	2008.09.07	-
TheHacker	6.3.0.8.075	2008.09.06	W32/Behav-Heuristic-060
TrendMicro	8.700.0.1004	2008.09.05	PAK_Generic.006
VBA32	3.12.8.5	2008.09.06	-
ViRobot	2008.9.5.1365	2008.09.06	-
VirusBuster	4.5.11.0	2008.09.06	Packed/Upack
Webwasher-Gateway	6.6.2	2008.09.05	Heuristic.Crypted

附加信息

File size: 170564 bytes

MD5...: d6363e40553c4ad2c0339c187e84f0f3

SHA1..: f8fe0da49d7da655561ab602e94d14cb4e2ea029

SHA256: 7974a9f8f5f198d819e215a1eb9c72514e7db2905e25af03afda5897a9f45702

SHA512: ef90505a49576987a11a8c2efd7b691268f8196a94a1a3af59a6e8d26f232f33
c4f49342f3afabad5178c557d6387e95a95856e67514ee1d308d1bead756f1a7

PEiD..: -

TrID..: File type identification
DOS Executable Generic (100.0%)

PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x801018
timedatestamp.....: 0x8011b0beL (invalid)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
PS 0x1000 0x7b000 0x1f0 5.41 f4a6b56d98913f21ac94b01490b713dc
W 0x7c000 0x31000 0x29844 7.99 df748e4d56003d30d72e249ee6542581
0xad000 0x1000 0x1f0 5.41 f4a6b56d98913f21ac94b01490b713dc

( 0 imports )

( 0 exports )

ThreatExpert info: http://www.threatexpert.com/repo ... ad2c0339c187e84f0f3

packers (Kaspersky): PE_Patch, UPack

Prevx info: http://info.prevx.com/aboutprogr ... 2FB61C7CC0055AAA4D5

packers (F-Prot): UPack

packers (Authentium): UPack

文件 C0NIMEO.EXE 接收于 2008.09.07 11:20:58 (CET)

反病毒引擎	版本	最后更新	扫描结果
AhnLab-V3	2008.9.6.0	2008.09.06	-
AntiVir	7.8.1.28	2008.09.05	TR/Hijacker.Gen
Authentium	5.1.0.4	2008.09.06	W32/Injector.A.gen!Eldorado
Avast	4.8.1195.0	2008.09.06	-
AVG	8.0.0.161	2008.09.07	-
BitDefender	7.2	2008.09.07	Trojan.Generic.654928
CAT-QuickHeal	9.50	2008.09.06	(Suspicious) - DNAScan
ClamAV	0.93.1	2008.09.07	-
DrWeb	4.44.0.09170	2008.09.07	DLOADER.Trojan
eSafe	7.0.17.0	2008.09.03	Suspicious File
eTrust-Vet	31.6.6072	2008.09.05	-
Ewido	4.0	2008.09.06	-
F-Prot	4.4.4.56	2008.09.06	W32/Injector.A.gen!Eldorado
F-Secure	8.0.14332.0	2008.09.07	W32/Suspicious_U.gen
Fortinet	3.112.0.0	2008.09.07	-
GData	19	2008.09.07	-
Ikarus	T3.1.1.34.0	2008.09.07	-
K7AntiVirus	7.10.443	2008.09.05	-
Kaspersky	7.0.0.125	2008.09.07	-
McAfee	5378	2008.09.05	New Malware.aj
Microsoft	1.3903	2008.09.07	Trojan:Win32/SystemHijack.gen
NOD32v2	3423	2008.09.06	probably unknown NewHeur_PE virus
Norman	5.80.02	2008.09.05	W32/Packed_Upack.A
Panda	9.0.0.4	2008.09.06	Suspicious file
PCTools	4.4.2.0	2008.09.06	Packed/Upack
Prevx1	V2	2008.09.07	-
Rising	20.60.62.00	2008.09.07	-
Sophos	4.33.0	2008.09.07	Mal/Delf-M
Sunbelt	3.1.1610.1	2008.09.05	VIPRE.Suspicious
Symantec	10	2008.09.07	-
TheHacker	6.3.0.8.075	2008.09.06	W32/Behav-Heuristic-060
TrendMicro	8.700.0.1004	2008.09.05	PAK_Generic.006
VBA32	3.12.8.5	2008.09.06	suspected of Win32 Shadow AutoStart Install
ViRobot	2008.9.5.1365	2008.09.06	-
VirusBuster	4.5.11.0	2008.09.06	Packed/Upack
Webwasher-Gateway	6.6.2	2008.09.05	Trojan.Hijacker.Gen

附加信息

File size: 46088 bytes

MD5...: 6bee77700ea7fa3b90cf79b8907ece8d

SHA1..: 461e7ee961ceb26fc9c4b38df11bd2309b674b19

SHA256: a52e8b2e3d31618408631f3fd5a383c5e235585c42fa1d22c1b5d7ec83d4f34d

SHA512: 69762afc41caa1605a2b8d55d0fb43ee76c7940c3150d1e3bd86bf7c2e94ebd5
f952ff0c2db7ae8a6a393adc705eacd9a4a9b6f095ac857e68fc7e8dcce87699

PEiD..: -

TrID..: File type identification
DOS Executable Generic (100.0%)

PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x801018
timedatestamp.....: 0x8011b0beL (invalid)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
PS 0x1000 0x22000 0x1f0 5.35 e265149300271c7f7661266454d7375e
0x23000 0x13000 0xb208 7.99 6f68d3b04506093b9fe57c4ab21dd049
Y_ 0x36000 0x1000 0x1f0 5.35 e265149300271c7f7661266454d7375e

( 0 imports )

( 0 exports )

packers (Kaspersky): PE_Patch, UPack

用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Maxthon)

http://blog.csdn.net/purpleendurer

宠辱不惊，笑看堂前花开花落；去留无意，漫随天外云卷云舒。

分享到：

<<上一主题|下一主题>>

1 / 1 页

跳转页