Created
October 5, 2016 18:44
-
-
Save andr6/118e348e790370991a2da811387f5ae6 to your computer and use it in GitHub Desktop.
Error malice
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| root@malice:~# malice -D scan befb88b89c2eb401900a68e9f5b78764203f2b48264fcc3f7121bf04a57fd408 | |
| DEBU[0000] Malice config loaded from: /root/.malice/config.toml | |
| DEBU[0000] Malice plugins loaded from: /root/.malice/plugins.toml | |
| DEBU[0000] Using 4 PROCS | |
| DEBU[0000] Malice Version: 0.1.0-alpha, build HEAD | |
| DEBU[0000] Running inside Docker... | |
| DEBU[0000] Connected to docker daemon client ip=localhost port=2375 | |
| DEBU[0000] Searching for container: malice-elk env=development | |
| DEBU[0000] name: malice-elk container.Name: malice-elk | |
| DEBU[0000] MATCH: true | |
| DEBU[0000] Container FOUND: malice-elk env=development | |
| DEBU[0000] ELK is running. image=blacktop/elk ip=172.17.0.2 network=default | |
| DEBU[0000] Attempting to connect to: http://localhost:9200 | |
| DEBU[0000] ElasticSearch connection successful. address=http://localhost:9200 cluster=docker-elk code=200 version=2.4.1 | |
| DEBU[0000] Index malice already exists. | |
| DEBU[0000] Searching for image: malice/virustotal env=development | |
| DEBU[0000] Image FOUND: malice/virustotal env=development | |
| DEBU[0000] Searching for image: malice/shadow-server env=development | |
| DEBU[0000] Image FOUND: malice/shadow-server env=development | |
| DEBU[0000] Searching for image: malice/fileinfo env=development | |
| DEBU[0000] Image FOUND: malice/fileinfo env=development | |
| DEBU[0000] Searching for image: malice/yara env=development | |
| DEBU[0000] Image FOUND: malice/yara env=development | |
| DEBU[0000] Searching for image: malice/avg env=development | |
| DEBU[0000] Image FOUND: malice/avg env=development | |
| DEBU[0000] Searching for image: malice/bitdefender env=development | |
| DEBU[0000] Image FOUND: malice/bitdefender env=development | |
| DEBU[0000] Searching for image: malice/clamav env=development | |
| DEBU[0000] Image FOUND: malice/clamav env=development | |
| DEBU[0000] Searching for image: malice/comodo env=development | |
| DEBU[0000] Image FOUND: malice/comodo env=development | |
| DEBU[0000] Searching for image: malice/fprot env=development | |
| DEBU[0000] Image FOUND: malice/fprot env=development | |
| DEBU[0000] Searching for image: malice/f-secure env=development | |
| DEBU[0000] Image FOUND: malice/f-secure env=development | |
| DEBU[0000] Searching for image: malice/sophos env=development | |
| DEBU[0000] Image FOUND: malice/sophos env=development | |
| DEBU[0000] Searching for image: malice/floss env=development | |
| DEBU[0000] Image FOUND: malice/floss env=development | |
| DEBU[0000] All enabled plugins are installed. | |
| #### File | |
| | Field | Value | | |
| | ------ | ---------------------------------------------------------------- | | |
| | Name | befb88b89c2eb401900a68e9f5b78764203f2b48264fcc3f7121bf04a57fd408 | | |
| | Path | befb88b89c2eb401900a68e9f5b78764203f2b48264fcc3f7121bf04a57fd408 | | |
| | Size | 40.96 kB | | |
| | MD5 | 669f87f2ec48dce3a76386eec94d7e3b | | |
| | SHA1 | 6b82f126555e7644816df5d4e4614677ee0bda5c | | |
| | SHA256 | befb88b89c2eb401900a68e9f5b78764203f2b48264fcc3f7121bf04a57fd408 | | |
| | Mime | application/x-dosexec | | |
| DEBU[0000] Searching for Network: malice env=development | |
| DEBU[0000] Network FOUND: malice env=development | |
| DEBU[0000] Searching for volume: malice env=development | |
| DEBU[0000] Volume FOUND: malice env=development | |
| DEBU[0000] Volume malice found. | |
| DEBU[0000] Searching for container: copy2volume env=development | |
| DEBU[0000] name: copy2volume container.Name: malice-elk | |
| DEBU[0000] MATCH: false | |
| DEBU[0000] Container NOT Found: copy2volume env=development | |
| DEBU[0000] Searching for image: busybox env=development | |
| DEBU[0000] Image FOUND: busybox env=development | |
| DEBU[0000] Image `busybox` already pulled. env=development exisits=true | |
| DEBU[0000] First statContainerPath call. SampledsDir=/root/.malice/samples container.Name=/copy2volume dstInfo={Path:/malice/befb88b89c2eb401900a68e9f5b78764203f2b48264fcc3f7121bf04a57fd408 Exists:false IsDir:false RebaseName:} dstStat={Name:befb88b89c2eb401900a68e9f5b78764203f2b48264fcc3f7121bf04a57fd408 Size:40960 Mode:-rwx------ Mtime:2016-10-05 19:18:21 +0100 IST LinkTarget:} file.Path=befb88b89c2eb401900a68e9f5b78764203f2b48264fcc3f7121bf04a57fd408 volSavePath=/malice/befb88b89c2eb401900a68e9f5b78764203f2b48264fcc3f7121bf04a57fd408 | |
| DEBU[0000] Sample befb88b89c2eb401900a68e9f5b78764203f2b48264fcc3f7121bf04a57fd408 already in malice volume. | |
| DEBU[0000] Removing container: e3665f296fb09412eb28366dad69941e922cc9db9ccde95c94c21698d8dd364b | |
| DEBU[0000] Attempting to connect to: http://localhost:9200 | |
| DEBU[0000] ElasticSearch connection successful. address=http://localhost:9200 cluster=docker-elk code=200 version=2.4.1 | |
| DEBU[0000] Indexed sample. id=AVeWJisiIExY4DIoCaQQ index=malice type=samples | |
| DEBU[0000] Searching for Network: malice env=development | |
| DEBU[0000] Network FOUND: malice env=development | |
| DEBU[0000] Searching for volume: malice env=development | |
| DEBU[0000] Volume FOUND: malice env=development | |
| DEBU[0000] Volume malice found. | |
| DEBU[0000] Searching for container: virustotal env=development | |
| DEBU[0000] name: virustotal container.Name: malice-elk | |
| DEBU[0000] MATCH: false | |
| DEBU[0000] Container NOT Found: virustotal env=development | |
| DEBU[0000] Searching for image: malice/virustotal env=development | |
| DEBU[0000] Searching for Network: malice env=development | |
| DEBU[0000] Network FOUND: malice env=development | |
| DEBU[0000] Searching for volume: malice env=development | |
| DEBU[0000] Volume FOUND: malice env=development | |
| DEBU[0000] Volume malice found. | |
| DEBU[0000] Searching for container: shadow-server env=development | |
| DEBU[0000] name: shadow-server container.Name: malice-elk | |
| DEBU[0000] MATCH: false | |
| DEBU[0000] Container NOT Found: shadow-server env=development | |
| DEBU[0000] Searching for image: malice/shadow-server env=development | |
| DEBU[0000] Image FOUND: malice/virustotal env=development | |
| DEBU[0000] Image `malice/virustotal` already pulled. env=development exisits=true | |
| DEBU[0000] Image FOUND: malice/shadow-server env=development | |
| DEBU[0000] Image `malice/shadow-server` already pulled. env=development exisits=true | |
| DEBU[0013] framesize: 18 | |
| #### ShadowServer | |
| DEBU[0013] framesize: 13 | |
| - Not found | |
| DEBU[0013] Corrupted prefix: [] | |
| DEBU[0013] Plugin Container Started env=development name=/shadow-server | |
| DEBU[0013] Removing container: bfedf90e68f90a25ca5f70a7ca1bb37b9fbf7b9fad909b60191ccde38ac0433a | |
| DEBU[0013] Plugin Container Removed env=development name=/shadow-server | |
| DEBU[0014] framesize: 16 | |
| #### VirusTotal | |
| DEBU[0014] framesize: 169 | |
| | Ratio | Link | API | Scanned | | |
| DEBU[0014] framesize: 169 | |
| | ----- | ----------------------------------------------------------------------------------------------------------------------------- | ------ | ------------------- | | |
| DEBU[0014] framesize: 169 | |
| | 85% | [link](https://www.virustotal.com/file/befb88b89c2eb401900a68e9f5b78764203f2b48264fcc3f7121bf04a57fd408/analysis/1455536823/) | Public | 2016-02-15 11:47:03 | | |
| DEBU[0014] Corrupted prefix: [] | |
| DEBU[0014] Plugin Container Started env=development name=/virustotal | |
| DEBU[0014] Removing container: fce2961103db0a2442aef61ecf728154a23b791a6a95e101a0ab1afd65ba6e32 | |
| DEBU[0014] Plugin Container Removed env=development name=/virustotal | |
| DEBU[0014] Looking for plugins that will run on: application/x-dosexec | |
| DEBU[0014] Found these plugins: | |
| DEBU[0014] - fileinfo | |
| DEBU[0014] - yara | |
| DEBU[0014] - avg | |
| DEBU[0014] - bitdefender | |
| DEBU[0014] - clamav | |
| DEBU[0014] - comodo | |
| DEBU[0014] - fprot | |
| DEBU[0014] - f-secure | |
| DEBU[0014] - sophos | |
| DEBU[0014] - floss | |
| DEBU[0014] >>>>> RUNNING Plugin: fileinfo >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| DEBU[0014] >>>>> RUNNING Plugin: yara >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| DEBU[0014] >>>>> RUNNING Plugin: avg >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| DEBU[0014] >>>>> RUNNING Plugin: bitdefender >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| DEBU[0014] >>>>> RUNNING Plugin: clamav >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| DEBU[0014] >>>>> RUNNING Plugin: comodo >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| DEBU[0014] >>>>> RUNNING Plugin: fprot >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| DEBU[0014] >>>>> RUNNING Plugin: f-secure >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| DEBU[0014] >>>>> RUNNING Plugin: sophos >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| DEBU[0014] >>>>> RUNNING Plugin: floss >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| DEBU[0015] Searching for Network: malice env=development | |
| DEBU[0015] Network FOUND: malice env=development | |
| DEBU[0015] Searching for volume: malice env=development | |
| DEBU[0015] Volume FOUND: malice env=development | |
| DEBU[0015] Volume malice found. | |
| DEBU[0015] Searching for container: f-secure env=development | |
| DEBU[0015] name: f-secure container.Name: malice-elk | |
| DEBU[0015] MATCH: false | |
| DEBU[0015] Container NOT Found: f-secure env=development | |
| DEBU[0015] Searching for image: malice/f-secure env=development | |
| DEBU[0015] Searching for Network: malice env=development | |
| DEBU[0015] Network FOUND: malice env=development | |
| DEBU[0015] Searching for volume: malice env=development | |
| DEBU[0015] Volume FOUND: malice env=development | |
| DEBU[0015] Volume malice found. | |
| DEBU[0015] Searching for container: fprot env=development | |
| DEBU[0015] name: fprot container.Name: malice-elk | |
| DEBU[0015] MATCH: false | |
| DEBU[0015] Container NOT Found: fprot env=development | |
| DEBU[0015] Searching for image: malice/fprot env=development | |
| DEBU[0015] Searching for Network: malice env=development | |
| DEBU[0015] Network FOUND: malice env=development | |
| DEBU[0015] Searching for volume: malice env=development | |
| DEBU[0015] Volume FOUND: malice env=development | |
| DEBU[0015] Volume malice found. | |
| DEBU[0015] Searching for container: fileinfo env=development | |
| DEBU[0015] name: fileinfo container.Name: malice-elk | |
| DEBU[0015] MATCH: false | |
| DEBU[0015] Container NOT Found: fileinfo env=development | |
| DEBU[0015] Searching for image: malice/fileinfo env=development | |
| DEBU[0015] Searching for Network: malice env=development | |
| DEBU[0015] Network FOUND: malice env=development | |
| DEBU[0015] Searching for volume: malice env=development | |
| DEBU[0015] Volume FOUND: malice env=development | |
| DEBU[0015] Volume malice found. | |
| DEBU[0015] Searching for container: floss env=development | |
| DEBU[0015] name: floss container.Name: malice-elk | |
| DEBU[0015] MATCH: false | |
| DEBU[0015] Container NOT Found: floss env=development | |
| DEBU[0015] Searching for image: malice/floss env=development | |
| DEBU[0015] Image FOUND: malice/fileinfo env=development | |
| DEBU[0015] Image `malice/fileinfo` already pulled. env=development exisits=true | |
| DEBU[0015] Searching for Network: malice env=development | |
| DEBU[0015] Network FOUND: malice env=development | |
| DEBU[0015] Searching for volume: malice env=development | |
| DEBU[0015] Volume FOUND: malice env=development | |
| DEBU[0015] Volume malice found. | |
| DEBU[0015] Searching for container: sophos env=development | |
| DEBU[0015] name: sophos container.Name: malice-elk | |
| DEBU[0015] MATCH: false | |
| DEBU[0015] Container NOT Found: sophos env=development | |
| DEBU[0015] Searching for image: malice/sophos env=development | |
| DEBU[0015] Searching for Network: malice env=development | |
| DEBU[0015] Network FOUND: malice env=development | |
| DEBU[0015] Searching for volume: malice env=development | |
| DEBU[0015] Volume FOUND: malice env=development | |
| DEBU[0015] Volume malice found. | |
| DEBU[0015] Searching for container: yara env=development | |
| DEBU[0015] name: yara container.Name: malice-elk | |
| DEBU[0015] MATCH: false | |
| DEBU[0015] Container NOT Found: yara env=development | |
| DEBU[0015] Searching for image: malice/yara env=development | |
| DEBU[0015] Searching for Network: malice env=development | |
| DEBU[0015] Network FOUND: malice env=development | |
| DEBU[0015] Searching for volume: malice env=development | |
| DEBU[0015] Volume FOUND: malice env=development | |
| DEBU[0015] Volume malice found. | |
| DEBU[0015] Searching for container: clamav env=development | |
| DEBU[0015] name: clamav container.Name: malice-elk | |
| DEBU[0015] MATCH: false | |
| DEBU[0015] Container NOT Found: clamav env=development | |
| DEBU[0015] Searching for image: malice/clamav env=development | |
| DEBU[0015] Searching for Network: malice env=development | |
| DEBU[0015] Network FOUND: malice env=development | |
| DEBU[0015] Searching for volume: malice env=development | |
| DEBU[0015] Volume FOUND: malice env=development | |
| DEBU[0015] Volume malice found. | |
| DEBU[0015] Searching for container: bitdefender env=development | |
| DEBU[0015] name: bitdefender container.Name: malice-elk | |
| DEBU[0015] MATCH: false | |
| DEBU[0015] Container NOT Found: bitdefender env=development | |
| DEBU[0015] Searching for image: malice/bitdefender env=development | |
| DEBU[0015] Searching for Network: malice env=development | |
| DEBU[0015] Network FOUND: malice env=development | |
| DEBU[0015] Searching for volume: malice env=development | |
| DEBU[0015] Volume FOUND: malice env=development | |
| DEBU[0015] Volume malice found. | |
| DEBU[0015] Searching for container: avg env=development | |
| DEBU[0015] name: avg container.Name: malice-elk | |
| DEBU[0015] MATCH: false | |
| DEBU[0015] Container NOT Found: avg env=development | |
| DEBU[0015] Searching for image: malice/avg env=development | |
| DEBU[0015] Image FOUND: malice/floss env=development | |
| DEBU[0015] Image `malice/floss` already pulled. env=development exisits=true | |
| DEBU[0015] Searching for Network: malice env=development | |
| DEBU[0015] Network FOUND: malice env=development | |
| DEBU[0015] Searching for volume: malice env=development | |
| DEBU[0015] Image FOUND: malice/sophos env=development | |
| DEBU[0015] Image `malice/sophos` already pulled. env=development exisits=true | |
| DEBU[0015] Volume FOUND: malice env=development | |
| DEBU[0015] Volume malice found. | |
| DEBU[0015] Searching for container: comodo env=development | |
| DEBU[0015] Image FOUND: malice/yara env=development | |
| DEBU[0015] Image `malice/yara` already pulled. env=development exisits=true | |
| DEBU[0015] Image FOUND: malice/bitdefender env=development | |
| DEBU[0015] Image `malice/bitdefender` already pulled. env=development exisits=true | |
| DEBU[0015] Image FOUND: malice/avg env=development | |
| DEBU[0015] Image `malice/avg` already pulled. env=development exisits=true | |
| DEBU[0015] Image FOUND: malice/f-secure env=development | |
| DEBU[0015] Image `malice/f-secure` already pulled. env=development exisits=true | |
| DEBU[0015] Image FOUND: malice/fprot env=development | |
| DEBU[0015] Image `malice/fprot` already pulled. env=development exisits=true | |
| DEBU[0015] Image FOUND: malice/clamav env=development | |
| DEBU[0015] Image `malice/clamav` already pulled. env=development exisits=true | |
| DEBU[0015] framesize: 53 | |
| panic: runtime error: index out of range [recovered] | |
| DEBU[0015] framesize: 42 | |
| panic: runtime error: index out of range | |
| DEBU[0015] framesize: 1 | |
| DEBU[0015] framesize: 23 | |
| goroutine 1 [running]: | |
| DEBU[0015] framesize: 30 | |
| panic(0x819620, 0xc420016080) | |
| DEBU[0015] framesize: 49 | |
| /usr/lib/go-1.7/src/runtime/panic.go:500 +0x1a1 | |
| DEBU[0015] name: comodo container.Name: fileinfo | |
| DEBU[0015] MATCH: false | |
| DEBU[0015] framesize: 55 | |
| github.com/urfave/cli.HandleAction.func1(0xc420049be8) | |
| DEBU[0015] framesize: 49 | |
| /go/src/github.com/urfave/cli/app.go:478 +0x247 | |
| DEBU[0015] framesize: 30 | |
| panic(0x819620, 0xc420016080) | |
| DEBU[0015] framesize: 49 | |
| /usr/lib/go-1.7/src/runtime/panic.go:458 +0x243 | |
| DEBU[0015] framesize: 52 | |
| main.ParseSsdeepOutput(0x0, 0x0, 0xc420049608, 0x1) | |
| DEBU[0015] framesize: 62 | |
| /go/src/github.com/maliceio/malice-fileinfo/scan.go:74 +0xd7 | |
| DEBU[0015] framesize: 40 | |
| main.main.func1(0xc42007e780, 0x0, 0x0) | |
| DEBU[0015] framesize: 64 | |
| /go/src/github.com/maliceio/malice-fileinfo/scan.go:192 +0x161 | |
| DEBU[0015] framesize: 109 | |
| reflect.Value.call(0x7fe0a0, 0x8d7be0, 0x13, 0x8980fd, 0x4, 0xc420049ba8, 0x1, 0x1, 0x4ca688, 0x884ba0, ...) | |
| DEBU[0015] framesize: 49 | |
| /usr/lib/go-1.7/src/reflect/value.go:434 +0x5c8 | |
| DEBU[0015] framesize: 89 | |
| reflect.Value.Call(0x7fe0a0, 0x8d7be0, 0x13, 0xc420049ba8, 0x1, 0x1, 0x8d7b28, 0x0, 0x0) | |
| DEBU[0015] framesize: 48 | |
| /usr/lib/go-1.7/src/reflect/value.go:302 +0xa4 | |
| DEBU[0015] framesize: 79 | |
| github.com/urfave/cli.HandleAction(0x7fe0a0, 0x8d7be0, 0xc42007e780, 0x0, 0x0) | |
| DEBU[0015] framesize: 49 | |
| /go/src/github.com/urfave/cli/app.go:487 +0x1e0 | |
| DEBU[0015] framesize: 81 | |
| github.com/urfave/cli.(*App).Run(0xc4200d2000, 0xc42000c3c0, 0x3, 0x3, 0x0, 0x0) | |
| DEBU[0015] framesize: 49 | |
| /go/src/github.com/urfave/cli/app.go:245 +0x59b | |
| DEBU[0015] framesize: 12 | |
| main.main() | |
| DEBU[0015] framesize: 64 | |
| /go/src/github.com/maliceio/malice-fileinfo/scan.go:227 +0x56c | |
| DEBU[0015] name: comodo container.Name: malice-elk | |
| DEBU[0015] MATCH: false | |
| DEBU[0015] Container NOT Found: comodo env=development | |
| DEBU[0015] Searching for image: malice/comodo env=development | |
| DEBU[0015] Image FOUND: malice/comodo env=development | |
| DEBU[0015] Image `malice/comodo` already pulled. env=development exisits=true | |
| DEBU[0015] Corrupted prefix: [] | |
| DEBU[0015] Plugin Container Started env=development name=/fileinfo | |
| DEBU[0015] Removing container: 116620bc1c8c743438bb102bf1f63c33ebe1601a044822432b5a14097cbfa527 | |
| DEBU[0015] Plugin Container Removed env=development name=/fileinfo | |
| DEBU[0016] framesize: 34 | |
| 2016/10/05 18:41:21 exit status 1 | |
| DEBU[0016] Corrupted prefix: [] | |
| DEBU[0016] Plugin Container Started env=development name=/floss | |
| DEBU[0016] Removing container: 775a974bf5551c283ab7299e7db65a3f0f5c42c5e416fb2753475ccd5affa813 | |
| DEBU[0016] Plugin Container Removed env=development name=/floss | |
| DEBU[0017] framesize: 40 | |
| 2016/10/05 18:41:22 could not open file | |
| DEBU[0017] Corrupted prefix: [] | |
| DEBU[0017] Plugin Container Started env=development name=/yara | |
| DEBU[0017] Removing container: 8ed39843aa7ced644316bcb202de8125af328d8110c21b58d4eb7b1e8d87b86f | |
| DEBU[0017] Plugin Container Removed env=development name=/yara | |
| DEBU[0017] framesize: 12 | |
| #### F-PROT | |
| DEBU[0017] framesize: 45 | |
| | Infected | Result | Engine | Updated | | |
| DEBU[0017] framesize: 45 | |
| | -------- | ------ | --------- | -------- | | |
| DEBU[0017] framesize: 45 | |
| | false | | 4.6.5.141 | 20161005 | | |
| DEBU[0017] Corrupted prefix: [] | |
| DEBU[0018] Plugin Container Started env=development name=/fprot | |
| DEBU[0018] Removing container: 11baa65815f3d44f3db3089d67f6f5522f9636d754f7e27f70bf12690502286a | |
| DEBU[0018] Plugin Container Removed env=development name=/fprot | |
| DEBU[0018] framesize: 12 | |
| #### Comodo | |
| DEBU[0018] framesize: 58 | |
| | Infected | Result | Engine | Updated | | |
| DEBU[0018] framesize: 58 | |
| | -------- | ----------------------- | ------ | ------- | | |
| DEBU[0018] framesize: 58 | |
| | true | Backdoor.Win32.Lecna.AB | 1.1 | | | |
| DEBU[0018] Corrupted prefix: [] | |
| DEBU[0019] Plugin Container Started env=development name=/comodo | |
| DEBU[0019] Removing container: e91a8fb96e005966e778c09cd9154f3663b8cd03c4a6da4d0ce6fafc3ae4446c | |
| DEBU[0019] Plugin Container Removed env=development name=/comodo | |
| DEBU[0022] framesize: 17 | |
| #### Bitdefender | |
| DEBU[0022] framesize: 54 | |
| | Infected | Result | Engine | Updated | | |
| DEBU[0022] framesize: 54 | |
| | -------- | ----------------- | ------- | -------- | | |
| DEBU[0022] framesize: 54 | |
| | true | Backdoor.Lecna.AB | 7.90123 | 20161005 | | |
| DEBU[0022] Corrupted prefix: [] | |
| DEBU[0022] Plugin Container Started env=development name=/bitdefender | |
| DEBU[0022] Removing container: 19459ebe1e0c2f0626d7aefb2836711a4b3ad74fe3e2384bba261d2e5b1ca553 | |
| DEBU[0022] Plugin Container Removed env=development name=/bitdefender | |
| DEBU[0026] framesize: 14 | |
| #### F-Secure | |
| DEBU[0026] framesize: 61 | |
| | Infected | Result | Engine | Updated | | |
| DEBU[0026] framesize: 61 | |
| | -------- | ----------------- | -------------- | -------- | | |
| DEBU[0026] framesize: 61 | |
| | true | Backdoor.Lecna.AB | 11.00 build 79 | 20161005 | | |
| DEBU[0026] Corrupted prefix: [] | |
| DEBU[0027] Plugin Container Started env=development name=/f-secure | |
| DEBU[0027] Removing container: 053f00ab0f7a254bbbcff60c4801b539994cfc5bad4a8914f527e80ef126f305 | |
| DEBU[0027] Plugin Container Removed env=development name=/f-secure | |
| DEBU[0031] framesize: 12 | |
| #### Sophos | |
| DEBU[0031] framesize: 48 | |
| | Infected | Result | Engine | Updated | | |
| DEBU[0031] framesize: 48 | |
| | -------- | ------------ | ------ | -------- | | |
| DEBU[0031] framesize: 48 | |
| | true | Troj/Lecna-Q | 5.27.0 | 20161005 | | |
| DEBU[0031] Corrupted prefix: [] | |
| DEBU[0031] Plugin Container Started env=development name=/sophos | |
| DEBU[0031] Removing container: 2214c30ede0b621d55e81046a14c8c45fe9971ee26f3804e0cd3ae98bdfe3659 | |
| DEBU[0031] Plugin Container Removed env=development name=/sophos | |
| DEBU[0041] framesize: 9 | |
| #### AVG | |
| DEBU[0041] framesize: 60 | |
| | Infected | Result | Engine | Updated | | |
| DEBU[0041] framesize: 60 | |
| | -------- | --------------------- | --------- | -------- | | |
| DEBU[0041] framesize: 60 | |
| | true | Found Win32/DH{YQMT?} | 13.0.3114 | 20161005 | | |
| DEBU[0041] Corrupted prefix: [] | |
| DEBU[0041] Plugin Container Started env=development name=/avg | |
| DEBU[0041] Removing container: 408deb40d5a85c457966d9a67f9f647f64ca28b1140958628158de3d371aa435 | |
| DEBU[0041] Plugin Container Removed env=development name=/avg | |
| DEBU[0042] framesize: 12 | |
| #### ClamAV | |
| DEBU[0042] framesize: 58 | |
| | Infected | Result | Engine | Updated | | |
| DEBU[0042] framesize: 58 | |
| | -------- | ---------------------- | ------ | -------- | | |
| DEBU[0042] framesize: 58 | |
| | true | Win.Trojan.Backspace-1 | 0.99.2 | 20161005 | | |
| DEBU[0042] Corrupted prefix: [] | |
| DEBU[0042] Plugin Container Started env=development name=/clamav | |
| DEBU[0042] Removing container: 306df54bbced421510f01acd86df883a93d71b80e2093a3b9f837cf94b9ed82a | |
| DEBU[0042] Plugin Container Removed env=development name=/clamav | |
| DEBU[0042] Done with plugins. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment