JerryLinLinLin/huorong-virdb-changelog
GitHub: JerryLinLinLin/huorong-virdb-changelog
自动追踪火绒杀毒软件病毒库的版本变更,生成特征项、哈希黑/白名单的增删记录。
Stars: 2 | Forks: 0
# 火绒病毒库更新日志
本仓库跟踪[火绒安全软件](https://www.huorong.cn/)病毒库的变更,通过读取`pset.db,troj.db,hwl.db,behav.db,crithash.db`自动生成与上一版本相比新增的特征项/报毒名, 黑名单哈希和白名单哈希。
## 概览
- **最新版本**: `1772965848` (2026-03-08 10:30:48 UTC)
- **特征项总数**: 67,889
- **关键哈希特征项总数**: 81,568
- **行为特征项总数**: 918
- **黑名单哈希总数**: 153,779
- **白名单哈希总数**: 123,491
- **已跟踪版本数**: 72
## 特征项分类分布
```
pie showData
title Top 10
"Trojan" : 24571
"TrojanDownloader" : 9936
"Backdoor" : 6555
"TrojanSpy" : 6136
"OMacro" : 3398
"Virus" : 2821
"TrojanDropper" : 2806
"Adware" : 2345
"VirTool" : 2299
"Ransom" : 2017
"Other" : 5005
```
## 更新日志
#### 关键哈希特征项变更 ([crithash.txt](data/1772797013.crithash.txt))
#### 行为特征项变更 ([behav.txt](data/1772797013.behav.txt))
#### 黑名单哈希变更 ([troj.txt](data/1772797013.troj.txt))
新增: 62
#### 关键哈希特征项变更 ([crithash.txt](data/1772709714.crithash.txt))
#### 行为特征项变更 ([behav.txt](data/1772709714.behav.txt))
#### 黑名单哈希变更 ([troj.txt](data/1772709714.troj.txt))
新增: 37
#### 关键哈希特征项变更 ([crithash.txt](data/1772624535.crithash.txt))
#### 行为特征项变更 ([behav.txt](data/1772624535.behav.txt))
#### 黑名单哈希变更 ([troj.txt](data/1772624535.troj.txt))
新增: 79
#### 关键哈希特征项变更 ([crithash.txt](data/1772538743.crithash.txt))
#### 黑名单哈希变更 ([troj.txt](data/1772538743.troj.txt))
新增: 42 | 移除: 2
#### 白名单哈希变更 ([hwl.txt](data/1772538743.hwl.txt))
新增: 4
#### 关键哈希特征项变更 ([crithash.txt](data/1772450949.crithash.txt))
#### 黑名单哈希变更 ([troj.txt](data/1772450949.troj.txt))
新增: 63
#### 关键哈希特征项变更 ([crithash.txt](data/1772275987.crithash.txt))
#### 黑名单哈希变更 ([troj.txt](data/1772275987.troj.txt))
新增: 43
#### 关键哈希特征项变更 ([crithash.txt](data/1772191343.crithash.txt))
#### 黑名单哈希变更 ([troj.txt](data/1772191343.troj.txt))
新增: 53
#### 关键哈希特征项变更 ([crithash.txt](data/1772105210.crithash.txt))
#### 行为特征项变更 ([behav.txt](data/1772105210.behav.txt))
#### 黑名单哈希变更 ([troj.txt](data/1772105210.troj.txt))
新增: 75
#### 关键哈希特征项变更 ([crithash.txt](data/1772011742.crithash.txt))
#### 黑名单哈希变更 ([troj.txt](data/1772011742.troj.txt))
新增: 56
#### 白名单哈希变更 ([hwl.txt](data/1772011742.hwl.txt))
新增: 1
#### 关键哈希特征项变更 ([crithash.txt](data/1771927914.crithash.txt))
#### 黑名单哈希变更 ([troj.txt](data/1771927914.troj.txt))
新增: 35
#### 白名单哈希变更 ([hwl.txt](data/1771927914.hwl.txt))
新增: 1
#### 黑名单哈希变更 ([troj.txt](data/1771753876.troj.txt))
新增: 50
#### 白名单哈希变更 ([hwl.txt](data/1771753876.hwl.txt))
新增: 3
#### 关键哈希特征项变更 ([crithash.txt](data/1771059400.crithash.txt))
#### 黑名单哈希变更 ([troj.txt](data/1771059400.troj.txt))
新增: 124 | 移除: 2
#### 关键哈希特征项变更 ([crithash.txt](data/1770894111.crithash.txt))
#### 黑名单哈希变更 ([troj.txt](data/1770894111.troj.txt))
新增: 27
#### 关键哈希特征项变更 ([crithash.txt](data/1770808315.crithash.txt))
#### 行为特征项变更 ([behav.txt](data/1770808315.behav.txt))
#### 黑名单哈希变更 ([troj.txt](data/1770808315.troj.txt))
新增: 264
#### 关键哈希特征项变更 ([crithash.txt](data/1770722512.crithash.txt))
#### 行为特征项变更 ([behav.txt](data/1770722512.behav.txt))
#### 黑名单哈希变更 ([troj.txt](data/1770722512.troj.txt))
新增: 52
#### 关键哈希特征项变更 ([crithash.txt](data/1770639101.crithash.txt))
#### 行为特征项变更 ([behav.txt](data/1770639101.behav.txt))
#### 黑名单哈希变更 ([troj.txt](data/1770639101.troj.txt))
新增: 54
#### 黑名单哈希变更 ([troj.txt](data/1770545580.troj.txt))
新增: 30
#### 白名单哈希变更 ([hwl.txt](data/1770545580.hwl.txt))
新增: 1
#### 黑名单哈希变更 ([troj.txt](data/1770466842.troj.txt))
新增: 33
#### 白名单哈希变更 ([hwl.txt](data/1770466842.hwl.txt))
新增: 1
#### 关键哈希特征项变更 ([crithash.txt](data/1770375434.crithash.txt))
#### 行为特征项变更 ([behav.txt](data/1770375434.behav.txt))
#### 黑名单哈希变更 ([troj.txt](data/1770375434.troj.txt))
新增: 129 | 移除: 24
#### 关键哈希特征项变更 ([crithash.txt](data/1770205303.crithash.txt))
#### 行为特征项变更 ([behav.txt](data/1770205303.behav.txt))
#### 黑名单哈希变更 ([troj.txt](data/1770205303.troj.txt))
新增: 85 | 移除: 4
#### 关键哈希特征项变更 ([crithash.txt](data/1770117088.crithash.txt))
#### 行为特征项变更 ([behav.txt](data/1770117088.behav.txt))
#### 黑名单哈希变更 ([troj.txt](data/1770117088.troj.txt))
新增: 45
#### 关键哈希特征项变更 ([crithash.txt](data/1770031687.crithash.txt))
#### 行为特征项变更 ([behav.txt](data/1770031687.behav.txt))
#### 黑名单哈希变更 ([troj.txt](data/1770031687.troj.txt))
新增: 54
#### 黑名单哈希变更 ([troj.txt](data/1769941672.troj.txt))
新增: 18
#### 白名单哈希变更 ([hwl.txt](data/1769941672.hwl.txt))
新增: 3
#### 关键哈希特征项变更 ([crithash.txt](data/1769775707.crithash.txt))
#### 黑名单哈希变更 ([troj.txt](data/1769775707.troj.txt))
新增: 30
#### 关键哈希特征项变更 ([crithash.txt](data/1769686468.crithash.txt))
#### 黑名单哈希变更 ([troj.txt](data/1769686468.troj.txt))
新增: 150
#### 关键哈希特征项变更 ([crithash.txt](data/1769603737.crithash.txt))
#### 行为特征项变更 ([behav.txt](data/1769603737.behav.txt))
#### 黑名单哈希变更 ([troj.txt](data/1769603737.troj.txt))
新增: 84 | 移除: 2
#### 关键哈希特征项变更 ([crithash.txt](data/1769515359.crithash.txt))
#### 黑名单哈希变更 ([troj.txt](data/1769515359.troj.txt))
新增: 71
#### 关键哈希特征项变更 ([crithash.txt](data/1769432877.crithash.txt))
#### 行为特征项变更 ([behav.txt](data/1769432877.behav.txt))
#### 黑名单哈希变更 ([troj.txt](data/1769432877.troj.txt))
新增: 80
#### 关键哈希特征项变更 ([crithash.txt](data/1769165827.crithash.txt))
#### 行为特征项变更 ([behav.txt](data/1769165827.behav.txt))
#### 黑名单哈希变更 ([troj.txt](data/1769165827.troj.txt))
新增: 83
#### 关键哈希特征项变更 ([crithash.txt](data/1769081101.crithash.txt))
#### 黑名单哈希变更 ([troj.txt](data/1769081101.troj.txt))
新增: 1,563 | 移除: 1
#### 关键哈希特征项变更 ([crithash.txt](data/1768997183.crithash.txt))
#### 黑名单哈希变更 ([troj.txt](data/1768997183.troj.txt))
新增: 31
#### 关键哈希特征项变更 ([crithash.txt](data/1768907496.crithash.txt))
#### 黑名单哈希变更 ([troj.txt](data/1768907496.troj.txt))
新增: 304 | 移除: 38,729
#### 白名单哈希变更 ([hwl.txt](data/1768907496.hwl.txt))
移除: 18,410
#### 关键哈希特征项变更 ([crithash.txt](data/1768821989.crithash.txt))
#### 黑名单哈希变更 ([troj.txt](data/1768821989.troj.txt))
新增: 63
#### 关键哈希特征项变更 ([crithash.txt](data/1768562210.crithash.txt))
#### 黑名单哈希变更 ([troj.txt](data/1768562210.troj.txt))
新增: 70
#### 关键哈希特征项变更 ([crithash.txt](data/1768481840.crithash.txt))
#### 黑名单哈希变更 ([troj.txt](data/1768481840.troj.txt))
新增: 49
#### 关键哈希特征项变更 ([crithash.txt](data/1768390311.crithash.txt))
#### 行为特征项变更 ([behav.txt](data/1768390311.behav.txt))
#### 黑名单哈希变更 ([troj.txt](data/1768390311.troj.txt))
新增 69 | 移除: 1
#### 关键哈希特征项变更 ([crithash.txt](data/1768303271.crithash.txt))
#### 行为特征项变更 ([behav.txt](data/1768303271.behav.txt))
#### 黑名单哈希变更 ([troj.txt](data/1768303271.troj.txt))
新增: 102 | 移除: 4
#### 白名单哈希变更 ([hwl.txt](data/1768303271.hwl.txt))
新增: 1
#### 关键哈希特征项变更 ([crithash.txt](data/1768217225.crithash.txt))
#### 行为特征项变更 ([behav.txt](data/1768217225.behav.txt))
#### 黑名单哈希变更 ([troj.txt](data/1768217225.troj.txt))
新增: 42
#### 白名单哈希变更 ([hwl.txt](data/1768217225.hwl.txt))
新增: 2
#### 关键哈希特征项变更 ([crithash.txt](data/1767957379.crithash.txt))
#### 行为特征项变更 ([behav.txt](data/1767957379.behav.txt))
#### 黑名单哈希变更 ([troj.txt](data/1767957379.troj.txt))
新增: 137 | 移除: 2
#### 关键哈希特征项变更 ([crithash.txt](data/1767870070.crithash.txt))
#### 行为特征项变更 ([behav.txt](data/1767870070.behav.txt))
#### 黑名单哈希变更 ([troj.txt](data/1767870070.troj.txt))
新增: 64
#### 关键哈希特征项变更 ([crithash.txt](data/1767782775.crithash.txt))
#### 行为特征项变更 ([behav.txt](data/1767782775.behav.txt))
#### 黑名单哈希变更 ([troj.txt](data/1767782775.troj.txt))
新增: 50
#### 关键哈希特征项变更 ([crithash.txt](data/1767610360.crithash.txt))
#### 黑名单哈希变更 ([troj.txt](data/1767610360.troj.txt))
新增: 78 | 移除: 2
#### 关键哈希特征项变更 ([crithash.txt](data/1767527465.crithash.txt))
#### 行为特征项变更 ([behav.txt](data/1767527465.behav.txt))
#### 黑名单哈希变更 ([troj.txt](data/1767527465.troj.txt))
新增: 20
#### 关键哈希特征项变更 ([crithash.txt](data/1767177959.crithash.txt))
#### 行为特征项变更 ([behav.txt](data/1767177959.behav.txt))
#### 黑名单哈希变更 ([troj.txt](data/1767177959.troj.txt))
新增: 30
#### 关键哈希特征项变更 ([crithash.txt](data/1767093364.crithash.txt))
#### 行为特征项变更 ([behav.txt](data/1767093364.behav.txt))
#### 黑名单哈希变更 ([troj.txt](data/1767093364.troj.txt))
新增: 77
#### 关键哈希特征项变更 ([crithash.txt](data/1767007867.crithash.txt))
#### 行为特征项变更 ([behav.txt](data/1767007867.behav.txt))
#### 黑名单哈希变更 ([troj.txt](data/1767007867.troj.txt))
新增: 81
#### 白名单哈希变更 ([hwl.txt](data/1767007867.hwl.txt))
新增: 1
#### 关键哈希特征项变更 ([crithash.txt](data/1766750454.crithash.txt))
#### 行为特征项变更 ([behav.txt](data/1766750454.behav.txt))
#### 黑名单哈希变更 ([troj.txt](data/1766750454.troj.txt))
新增: 152
## 许可协议
本更新日志仅供参考。火绒病毒库为火绒安全软件所有。
1772965848 - 2026-03-08 10:30:48 UTC
#### 黑名单哈希变更 ([troj.txt](data/1772965848.troj.txt)) 新增: 16 #### 白名单哈希变更 ([hwl.txt](data/1772965848.hwl.txt)) 新增: 51772884564 - 2026-03-07 11:56:04 UTC
#### 黑名单哈希变更 ([troj.txt](data/1772884564.troj.txt)) 新增: 388 #### 白名单哈希变更 ([hwl.txt](data/1772884564.hwl.txt)) 新增: 51772797013 - 2026-03-06 11:36:53 UTC
#### 特征项变更 ([pset.txt](data/1772797013.pset.txt))新增正式定义: 35 | 移除正式定义: 4
``` [+] Backdoor/Lotok.ot [+] HEUR:Trojan/Python.Agent.bx [+] HVM:Backdoor/Lotok.ct [+] HVM:Backdoor/Lotok.cu [+] HackTool/MSIL.AppxPotato.b [+] HackTool/RunHidden [+] OMacro/Agent.ay [+] Ransom/LockFile.ru [+] Trojan/Agent.cmk [+] Trojan/Agent.cml [+] Trojan/BAT.Disabler.f [+] Trojan/BAT.KillFiles.m [+] Trojan/BAT.KillWin.bi [+] Trojan/BypassUAC.f [+] Trojan/DDos.ag [+] Trojan/FakeApp.agj [+] Trojan/FakeApp.agm [+] Trojan/FakeApp.agn [+] Trojan/FakeApp.ago [+] Trojan/FakeApp.agp [+] Trojan/FakeApp.agq [+] Trojan/FakeApp.agr [+] Trojan/FakeApp.ags [+] Trojan/HiJack.yp [+] Trojan/KillFiles.bh [+] Trojan/KillMBR.cs [+] Trojan/KillMBR.ct [+] Trojan/KillWin.dw [+] Trojan/KillWin.dx [+] Trojan/LNK.Runner.br [+] Trojan/MSIL.DDos.f [+] Trojan/Runner.fz [+] TrojanDropper/Agent.amy [+] TrojanDropper/Agent.amz [+] TrojanDropper/Android.Agent.co [-] Adware/FackQQBrowse.a [-] Trojan/Agent.cdh [-] Trojan/MSIL.DDos.d [-] TrojanDownloader/LNK.Agent.cq ```新增遥测定义: 21 | 移除遥测定义: 33
``` [+] Exploit/Vulndriver.v!submit [+] HVM:Backdoor/Lotok.cr!submit [+] HVM:Backdoor/Lotok.cv!submit [+] HVM:Backdoor/Lotok.cw!submit [+] Trojan/Agent.cmm!submit [+] Trojan/AutoIT.Obfuscated.j!submit [+] Trojan/FakeApp.agt!submit [+] Trojan/FakeApp.agu!submit [+] Trojan/FakeApp.agv!submit [+] Trojan/FakeApp.agw!submit [+] Trojan/FakeApp.agx!submit [+] Trojan/ShellLoader.ajb!submit [+] Trojan/ShellLoader.ajo!submit [+] Trojan/ShellLoader.ajp!submit [+] Trojan/Skills.c!submit [+] Trojan/Skills.d!submit [+] TrojanDownloader/Agent.bkq!submit [+] TrojanDownloader/Maloader.bu!submit [+] TrojanDropper/Agent.ana!submit [+] TrojanDropper/Agent.anb!submit [+] TrojanDropper/Agent.anc!submit [-] Backdoor/Lotok.ot!submit [-] HEUR:Trojan/Python.Agent.bx!submit [-] HVM:Backdoor/Lotok.ct!submit [-] HVM:Backdoor/Lotok.cu!submit [-] HackTool/MSIL.AppxPotato.b!submit [-] OMacro/Agent.ay!submit [-] Trojan/Agent.cmk!submit [-] Trojan/Agent.cml!submit [-] Trojan/BAT.Disabler.f!submit [-] Trojan/BAT.KillFiles.m!submit [-] Trojan/BAT.KillWin.bi!submit [-] Trojan/BypassUAC.f!submit [-] Trojan/DDos.ag!submit [-] Trojan/FakeApp.agj!submit [-] Trojan/FakeApp.agm!submit [-] Trojan/FakeApp.agn!submit [-] Trojan/FakeApp.ago!submit [-] Trojan/FakeApp.agp!submit [-] Trojan/FakeApp.agq!submit [-] Trojan/FakeApp.agr!submit [-] Trojan/FakeApp.ags!submit [-] Trojan/HiJack.yp!submit [-] Trojan/KillFiles.bh!submit [-] Trojan/KillMBR.cs!submit [-] Trojan/KillMBR.ct!submit [-] Trojan/KillWin.dw!submit [-] Trojan/KillWin.dx!submit [-] Trojan/LNK.Runner.br!submit [-] Trojan/MSIL.DDos.f!submit [-] Trojan/Runner.fz!submit [-] TrojanDropper/Agent.amy!submit [-] TrojanDropper/Agent.amz!submit [-] TrojanDropper/Android.Agent.co!submit ```新增正式定义: 8
``` [+] Adware/Android.PornTool.s!crit [+] Adware/Android.PornTool.t!crit [+] Trojan/PS.Runner.a!crit [+] Trojan/W32.FakeApp.ab!crit [+] Trojan/W32.FakeApp.ac!crit [+] Trojan/W32.ShellLoader.ako!crit [+] TrojanDropper/W32.Agent.le!crit [+] TrojanDropper/W32.Agent.lf!crit ```新增遥测定义: 11 | 移除遥测定义: 8
``` [+] Backdoor/W64.alphatronBot.a!crit!submit [+] Trojan/SCR.Agent.gn!crit!submit [+] Trojan/SCR.Agent.go!crit!submit [+] Trojan/SCR.ShellLoader.h!crit!submit [+] Trojan/W32.Agent.ak!crit!submit [+] Trojan/W32.FakeApp.ac!crit!submit [+] Trojan/W32.HiJack.aa!crit!submit [+] Trojan/W32.HiJack.vv!crit!submit [+] Trojan/W32.Obfuscated.i!crit!submit [+] Trojan/W32.ShellLoader.akp!crit!submit [+] TrojanDropper/W32.Agent.ak!crit!submit [-] Adware/Android.PornTool.s!crit!submit [-] Adware/Android.PornTool.t!crit!submit [-] Trojan/PS.Runner.a!crit!submit [-] Trojan/W32.Agent.aj!crit!submit [-] Trojan/W32.FakeApp.ab!crit!submit [-] Trojan/W32.ShellLoader.ako!crit!submit [-] TrojanDropper/W32.Agent.le!crit!submit [-] TrojanDropper/W32.Agent.lf!crit!submit ```新增: 4 | 移除: 3
``` [+] Ransom/LockFile.AC [+] Ransom/LockFile.AL [+] Ransom/LockFile.AM [+] Trojan/MEMZ.a!submit [-] Ransom/LockFile.AC!submit [-] Ransom/LockFile.AE!submit [-] Ransom/LockFile.AF!submit ```1772709714 - 2026-03-05 11:21:54 UTC
#### 特征项变更 ([pset.txt](data/1772709714.pset.txt))新增正式定义: 12
``` [+] Backdoor/MSIL.Agent.aw [+] HVM:Trojan/ShellLoader.cu [+] HackTool/MSIL.SchTask.a [+] Trojan/FakeApp.agi [+] Trojan/FakeApp.agk [+] Trojan/FakeApp.agl [+] Trojan/JS.Agent.gt [+] Trojan/JS.Obfuscated.dv [+] Trojan/MSIL.Obfuscated.lc [+] TrojanDropper/Agent.amv [+] TrojanDropper/Agent.amw [+] TrojanDropper/Agent.amx ```新增遥测定义: 31 | 移除遥测定义: 13
``` [+] Exploit/Vulndriver!submit [+] Exploit/Vulndriver.y!submit [+] HEUR:Trojan/Python.Agent.bx!submit [+] HVM:Backdoor/Lotok.cu!submit [+] HackTool/MSIL.AppxPotato.b!submit [+] OMacro/Agent.ay!submit [+] Ransom/LockFile.ru!submit [+] Trojan/Agent.cmk!submit [+] Trojan/Agent.cml!submit [+] Trojan/BAT.Disabler.f!submit [+] Trojan/BAT.KillFiles.m!submit [+] Trojan/BAT.KillWin.bi!submit [+] Trojan/BypassUAC.f!submit [+] Trojan/DDos.ag!submit [+] Trojan/FakeApp.agm!submit [+] Trojan/FakeApp.agn!submit [+] Trojan/FakeApp.ago!submit [+] Trojan/FakeApp.agp!submit [+] Trojan/FakeApp.agq!submit [+] Trojan/FakeApp.agr!submit [+] Trojan/FakeApp.ags!submit [+] Trojan/HiJack.yp!submit [+] Trojan/KillFiles.bh!submit [+] Trojan/KillMBR.cs!submit [+] Trojan/KillMBR.ct!submit [+] Trojan/KillWin.dw!submit [+] Trojan/KillWin.dx!submit [+] Trojan/LNK.Runner.br!submit [+] Trojan/Runner.fz!submit [+] TrojanDropper/Agent.amz!submit [+] TrojanDropper/Android.Agent.co!submit [-] Backdoor/MSIL.Agent.aw!submit [-] HVM:Trojan/ShellLoader.cu!submit [-] HackTool/MSIL.SchTask.a!submit [-] Trojan/FakeApp.agi!submit [-] Trojan/FakeApp.agk!submit [-] Trojan/FakeApp.agl!submit [-] Trojan/JS.Agent.gt!submit [-] Trojan/JS.Obfuscated.dv!submit [-] Trojan/MSIL.Obfuscated.ia!submit [-] Trojan/MSIL.Obfuscated.lc!submit [-] TrojanDropper/Agent.amv!submit [-] TrojanDropper/Agent.amw!submit [-] TrojanDropper/Agent.amx!submit ```新增正式定义: 9
``` [+] Adware/Android.PornTool.q!crit [+] Adware/Android.PornTool.r!crit [+] Backdoor/Java.Webshell.b!crit [+] Exploit/W32.Vulndriver.aa!crit [+] HackTool/Linux.Frpc.a!crit [+] HackTool/W64.Frpc.b!crit [+] Trojan/SCR.Agent.gl!crit [+] Trojan/SCR.Agent.gm!crit [+] Trojan/SCR.Phishing.ba!crit ```新增遥测定义: 8 | 移除遥测定义: 9
``` [+] Adware/Android.PornTool.s!crit!submit [+] Adware/Android.PornTool.t!crit!submit [+] Trojan/PS.Runner.a!crit!submit [+] Trojan/W32.Agent.aj!crit!submit [+] Trojan/W32.FakeApp.ab!crit!submit [+] Trojan/W32.ShellLoader.ako!crit!submit [+] TrojanDropper/W32.Agent.le!crit!submit [+] TrojanDropper/W32.Agent.lf!crit!submit [-] Adware/Android.PornTool.q!crit!submit [-] Adware/Android.PornTool.r!crit!submit [-] Backdoor/Java.Webshell.b!crit!submit [-] Exploit/W32.Vulndriver.aa!crit!submit [-] HackTool/Linux.Frpc.a!crit!submit [-] HackTool/W64.Frpc.b!crit!submit [-] Trojan/SCR.Agent.gl!crit!submit [-] Trojan/SCR.Agent.gm!crit!submit [-] Trojan/SCR.Phishing.ba!crit!submit ```新增: 2
``` [+] Ransom/LockFile.AE!submit [+] Ransom/LockFile.AF!submit ```1772624535 - 2026-03-04 11:42:15 UTC
#### 特征项变更 ([pset.txt](data/1772624535.pset.txt))新增正式定义: 58 | 移除正式定义: 1
``` [+] Backdoor/Agent.rl [+] Backdoor/Lotok.os [+] Backdoor/MSIL.Agent.ap [+] HEUR:Joke/BAT.Agent.h [+] HEUR:Trojan/W64.Agent.hv [+] HVM:Trojan/W64.Loader.aw [+] HVM:TrojanSpy/W64.Stealer.am [+] Joke/BAT.Agent.h [+] Joke/BAT.Popupwindow.m [+] Trojan/Android.Agent.cm [+] Trojan/BAT.KillWin.bh [+] Trojan/BAT.Loader.aa [+] Trojan/BAT.Loader.z [+] Trojan/BAT.Obfuscated.bc [+] Trojan/FakeApp.afp [+] Trojan/FakeApp.afq [+] Trojan/FakeApp.afr [+] Trojan/FakeApp.afs [+] Trojan/FakeApp.aft [+] Trojan/FakeApp.afu [+] Trojan/FakeApp.afv [+] Trojan/FakeApp.afw [+] Trojan/FakeApp.afy [+] Trojan/FakeApp.afz [+] Trojan/FakeApp.aga [+] Trojan/FakeApp.agc [+] Trojan/FakeApp.agd [+] Trojan/FakeApp.age [+] Trojan/FakeApp.agf [+] Trojan/FakeApp.agg [+] Trojan/FakeApp.agh [+] Trojan/Injector.cmk [+] Trojan/JS.Obfuscated.du [+] Trojan/KillAV.dh [+] Trojan/KillWin.du [+] Trojan/KillWin.dv [+] Trojan/Loader.ob [+] Trojan/Loader.oc [+] Trojan/MSIL.DDos.d [+] Trojan/MSIL.Obfuscated.en [+] Trojan/MSIL.Obfuscated.lb [+] Trojan/PS.Obfuscator.h [+] Trojan/PS.Obfuscator.i [+] Trojan/Python.Injector.e [+] Trojan/ShellLoader.ajm [+] Trojan/ShellLoader.ajn [+] Trojan/Shellloader.ajm [+] Trojan/XWorm.a [+] TrojanDownloader/PS.Agent.gj [+] TrojanDownloader/PS.Netloader.lv [+] TrojanDownloader/VBS.Agent.kp [+] TrojanDropper/Agent.amm [+] TrojanDropper/Agent.amn [+] TrojanDropper/Agent.amo [+] TrojanSpy/Stealer.tu [+] TrojanSpy/Steam.ac [+] TrojanSpy/W64.Stealer.al [+] Virus/Lisp.Bursted.l@bursted_a [-] Backdoor/Agent.rj ```新增遥测定义: 19 | 移除遥测定义: 58
``` [+] Backdoor/Lotok.ot!submit [+] Backdoor/MSIL.Agent.aw!submit [+] Exploit/HTML.CVE-2025-54100.a!submit [+] HEUR:TrojanDropper/Agent.as!submit [+] HVM:Trojan/ShellLoader.cu!submit [+] HVM:TrojanDownloader/Agent.ch!submit [+] Trojan/FakeApp.agi!submit [+] Trojan/FakeApp.agj!submit [+] Trojan/FakeApp.agk!submit [+] Trojan/FakeApp.agl!submit [+] Trojan/JS.Agent.gt!submit [+] Trojan/JS.Obfuscated.dv!submit [+] Trojan/MSIL.DDos.f!submit [+] Trojan/MSIL.Obfuscated.ia!submit [+] Trojan/MSIL.Obfuscated.lc!submit [+] TrojanDropper/Agent.amv!submit [+] TrojanDropper/Agent.amw!submit [+] TrojanDropper/Agent.amx!submit [+] TrojanDropper/Agent.amy!submit [-] Backdoor/Agent.rl!submit [-] Backdoor/Lotok.os!submit [-] Backdoor/MSIL.Agent.ap!submit [-] HEUR:Joke/BAT.Agent.h!submit [-] HEUR:Trojan/W64.Agent.hv!submit [-] HVM:Trojan/W64.Loader.aw!submit [-] HVM:TrojanSpy/W64.Stealer.am!submit [-] Joke/BAT.Agent.h!submit [-] Joke/BAT.Popupwindow.m!submit [-] Trojan/Android.Agent.cm!submit [-] Trojan/BAT.KillWin.bh!submit [-] Trojan/BAT.Loader.aa!submit [-] Trojan/BAT.Loader.z!submit [-] Trojan/BAT.Obfuscated.bc!submit [-] Trojan/FakeApp.afp!submit [-] Trojan/FakeApp.afq!submit [-] Trojan/FakeApp.afr!submit [-] Trojan/FakeApp.afs!submit [-] Trojan/FakeApp.aft!submit [-] Trojan/FakeApp.afu!submit [-] Trojan/FakeApp.afv!submit [-] Trojan/FakeApp.afw!submit [-] Trojan/FakeApp.afy!submit [-] Trojan/FakeApp.afz!submit [-] Trojan/FakeApp.aga!submit [-] Trojan/FakeApp.agc!submit [-] Trojan/FakeApp.agd!submit [-] Trojan/FakeApp.age!submit [-] Trojan/FakeApp.agf!submit [-] Trojan/FakeApp.agg!submit [-] Trojan/FakeApp.agh!submit [-] Trojan/Injector.cmk!submit [-] Trojan/JS.Obfuscated.du!submit [-] Trojan/KillAV.dh!submit [-] Trojan/KillWin.du!submit [-] Trojan/KillWin.dv!submit [-] Trojan/Loader.ob!submit [-] Trojan/Loader.oc!submit [-] Trojan/MSIL.Decrypter.z!submit [-] Trojan/MSIL.Obfuscated.en!submit [-] Trojan/Obfuscated.oe!submit [-] Trojan/PS.Obfuscator.h!submit [-] Trojan/PS.Obfuscator.i!submit [-] Trojan/Python.Injector.e!submit [-] Trojan/ShellLoader.ajm!submit [-] Trojan/ShellLoader.ajn!submit [-] Trojan/Shellloader.ajm!submit [-] Trojan/XWorm.a!submit [-] TrojanDownloader/PS.Agent.gj!submit [-] TrojanDownloader/PS.Netloader.lv!submit [-] TrojanDownloader/VBS.Agent.kp!submit [-] TrojanDropper/Agent.amm!submit [-] TrojanDropper/Agent.amn!submit [-] TrojanDropper/Agent.amo!submit [-] TrojanSpy/Stealer.tu!submit [-] TrojanSpy/Steam.ac!submit [-] TrojanSpy/W64.Stealer.al!submit [-] Virus/Lisp.Bursted.l!submit ```新增正式定义: 10
``` [+] Backdoor/W32.Lotok.at!crit [+] Exploit/SCR.CVE-2026-21509.e!crit [+] Trojan/PS.Obfuscated.e!crit [+] Trojan/SCR.Loader.e!crit [+] Trojan/W32.Injector.z!crit [+] Trojan/W32.ShellLoader.akn!crit [+] TrojanDownloader/HTML.Agent.l!crit [+] TrojanDownloader/LNK.Agent.j!crit [+] TrojanDownloader/Linux.Agent.t!crit [+] TrojanSpy/W64.Stealer.ae!crit ```新增遥测定义: 10 | 移除遥测定义: 11
``` [+] Adware/Android.PornTool.q!crit!submit [+] Adware/Android.PornTool.r!crit!submit [+] Backdoor/Java.Webshell.b!crit!submit [+] HackTool/Linux.Frpc.a!crit!submit [+] HackTool/W64.Frpc.b!crit!submit [+] Trojan/SCR.Agent.gl!crit!submit [+] Trojan/SCR.Agent.gm!crit!submit [+] Trojan/SCR.Phishing.ba!crit!submit [+] Trojan/W32.FakeApp.aa!crit!submit [+] TrojanDownloader/LNK.Netloader.b!submit [-] Backdoor/W32.Lotok.at!crit!submit [-] Exploit/SCR.CVE-2026-21509.e!crit!submit [-] Trojan/PS.Obfuscated.e!crit!submit [-] Trojan/SCR.Loader.e!crit!submit [-] Trojan/W32.Agent.ai!crit!submit [-] Trojan/W32.Injector.z!crit!submit [-] Trojan/W32.ShellLoader.akn!crit!submit [-] TrojanDownloader/HTML.Agent.l!crit!submit [-] TrojanDownloader/LNK.Agent.j!crit!submit [-] TrojanDownloader/Linux.Agent.t!crit!submit [-] TrojanSpy/W64.Stealer.ae!crit!submit ```新增: 3 | 移除: 3
``` [+] Backdoor/Lotok.XX [+] Trojan/Runner.FO [+] TrojanDownloader/Agent.BLO [-] Backdoor/Lotok.XX!submit [-] Trojan/Runner.FO!submit [-] TrojanDownloader/Agent.BLO!submit ```1772538743 - 2026-03-03 11:52:23 UTC
#### 特征项变更 ([pset.txt](data/1772538743.pset.txt))新增正式定义: 47
``` [+] Backdoor/Lotok.or [+] HVM:TrojanDownloader/Agent.bmr [+] HVM:TrojanDownloader/W64.Agent.dg [+] HVM:TrojanSpy/W64.Stealer.ak [+] Rootkit/KillAV [+] Trojan/BAT.Obfuscated.bb [+] Trojan/BypassUAC.e [+] Trojan/FakeApp.agb [+] Trojan/HiJack.yo [+] Trojan/Injector.cmj [+] Trojan/JS.Obfuscated.dq [+] Trojan/JS.Obfuscated.dr [+] Trojan/JS.Obfuscated.ds [+] Trojan/JS.Obfuscated.dt [+] Trojan/Loader.oa [+] Trojan/MSIL.Obfuscated.kz [+] Trojan/MSIL.Obfuscated.la [+] Trojan/Obfuscated.og [+] Trojan/Obfuscated.oh [+] Trojan/PS.Agent.bv [+] Trojan/PS.Obfuscated.q [+] Trojan/PS.Obfuscator.f [+] Trojan/PS.Obfuscator.g [+] Trojan/ShellLoader.ajk [+] Trojan/ShellLoader.ajl [+] Trojan/W64.Agent.hq [+] Trojan/W64.Agent.hr [+] Trojan/W64.Agent.hs [+] Trojan/W64.Agent.ht [+] Trojan/W64.Agent.hu [+] Trojan/W64.Injector.cq [+] Trojan/W64.Injector.cr [+] Trojan/W64.Loader.at [+] Trojan/W64.Loader.au [+] Trojan/W64.Loader.av [+] TrojanDownloader/BAT.Agent.gl [+] TrojanDownloader/HTML.Agent.bn [+] TrojanDownloader/MSIL.Agent.ajq [+] TrojanDownloader/PS.Agent.gh [+] TrojanDownloader/PS.Agent.gi [+] TrojanDownloader/VBS.Agent.ko [+] TrojanDownloader/W64.Agent.dh [+] TrojanDropper/Agent.amr [+] TrojanDropper/Agent.ams [+] TrojanDropper/Agent.amt [+] TrojanDropper/Agent.amu [+] TrojanSpy/W64.Stealer.ak ```新增遥测定义: 41 | 移除遥测定义: 47
``` [+] Backdoor/Agent.rl!submit [+] HEUR:Joke/BAT.Agent.h!submit [+] HEUR:Trojan/W64.Agent.hv!submit [+] HVM:Backdoor/Lotok.ct!submit [+] HVM:Trojan/W64.Loader.aw!submit [+] HVM:TrojanSpy/W64.Stealer.am!submit [+] Joke/BAT.Agent.h!submit [+] Joke/BAT.Popupwindow.m!submit [+] Trojan/Android.Agent.cm!submit [+] Trojan/BAT.KillWin.bh!submit [+] Trojan/BAT.Loader.aa!submit [+] Trojan/BAT.Loader.z!submit [+] Trojan/BAT.Obfuscated.bc!submit [+] Trojan/FakeApp.agc!submit [+] Trojan/FakeApp.agd!submit [+] Trojan/FakeApp.age!submit [+] Trojan/FakeApp.agf!submit [+] Trojan/FakeApp.agg!submit [+] Trojan/FakeApp.agh!submit [+] Trojan/Injector.cmk!submit [+] Trojan/JS.Obfuscated.du!submit [+] Trojan/KillAV.dh!submit [+] Trojan/KillWin.du!submit [+] Trojan/KillWin.dv!submit [+] Trojan/Linux.Flooder.k!submit [+] Trojan/Loader.ob!submit [+] Trojan/Loader.oc!submit [+] Trojan/MSIL.Obfuscated.en!submit [+] Trojan/PS.Obfuscator.h!submit [+] Trojan/PS.Obfuscator.i!submit [+] Trojan/Python.Injector.e!submit [+] Trojan/ShellLoader.ajm!submit [+] Trojan/ShellLoader.ajn!submit [+] Trojan/Shellloader.ajm!submit [+] Trojan/XWorm.a!submit [+] TrojanDownloader/PS.Agent.gj!submit [+] TrojanDownloader/PS.Netloader.lv!submit [+] TrojanDownloader/VBS.Agent.kp!submit [+] TrojanSpy/Stealer.tu!submit [+] TrojanSpy/Steam.ac!submit [+] TrojanSpy/W64.Stealer.al!submit [-] Backdoor/Lotok.or!submit [-] Exploit/Vulndriver!submit [-] HVM:TrojanDownloader/Agent.bmr!submit [-] HVM:TrojanDownloader/W64.Agent.dg!submit [-] HVM:TrojanSpy/W64.Stealer.ak!submit [-] Trojan/BAT.Obfuscated.bb!submit [-] Trojan/BypassUAC.e!submit [-] Trojan/FakeApp.agb!submit [-] Trojan/HiJack.yo!submit [-] Trojan/Injector.cmj!submit [-] Trojan/JS.Obfuscated.dq!submit [-] Trojan/JS.Obfuscated.dr!submit [-] Trojan/JS.Obfuscated.ds!submit [-] Trojan/JS.Obfuscated.dt!submit [-] Trojan/Loader.oa!submit [-] Trojan/MSIL.Obfuscated.kz!submit [-] Trojan/MSIL.Obfuscated.la!submit [-] Trojan/Obfuscated.og!submit [-] Trojan/Obfuscated.oh!submit [-] Trojan/PS.Agent.bv!submit [-] Trojan/PS.Obfuscated.q!submit [-] Trojan/PS.Obfuscator.f!submit [-] Trojan/PS.Obfuscator.g!submit [-] Trojan/ShellLoader.ajk!submit [-] Trojan/ShellLoader.ajl!submit [-] Trojan/W64.Agent.hq!submit [-] Trojan/W64.Agent.hr!submit [-] Trojan/W64.Agent.hs!submit [-] Trojan/W64.Agent.ht!submit [-] Trojan/W64.Agent.hu!submit [-] Trojan/W64.Injector.cq!submit [-] Trojan/W64.Injector.cr!submit [-] Trojan/W64.Loader.at!submit [-] Trojan/W64.Loader.au!submit [-] Trojan/W64.Loader.av!submit [-] TrojanDownloader/BAT.Agent.gl!submit [-] TrojanDownloader/HTML.Agent.bn!submit [-] TrojanDownloader/MSIL.Agent.ajq!submit [-] TrojanDownloader/PS.Agent.gh!submit [-] TrojanDownloader/PS.Agent.gi!submit [-] TrojanDownloader/VBS.Agent.ko!submit [-] TrojanDownloader/W64.Agent.dh!submit [-] TrojanDropper/Agent.amr!submit [-] TrojanDropper/Agent.ams!submit [-] TrojanDropper/Agent.amt!submit [-] TrojanDropper/Agent.amu!submit [-] TrojanSpy/W64.Stealer.ak!submit ```新增正式定义: 21 | 移除正式定义: 1
``` [+] Backdoor/Linux.Marai.b!crit [+] Backdoor/W32.Lotok.ar!crit [+] Backdoor/W32.Lotok.as!crit [+] HackTool/Linux.Chisel.a!crit [+] Trojan/BAT.KillWin.ab!crit [+] Trojan/MSIL.Obfuscated.bn!crit [+] Trojan/Python.ShellLoader.b!crit [+] Trojan/SCR.Agent.gk!crit [+] Trojan/SCR.Loader.d!crit [+] Trojan/W32.FakeApp.x!crit [+] Trojan/W32.FakeApp.y!crit [+] Trojan/W32.FakeApp.z!crit [+] Trojan/W64.Loader.f!crit [+] Trojan/W64.Obfuscated.e!crit [+] TrojanDownloader/PS.Agent.ch!crit [+] TrojanDownloader/PS.Agent.ci!crit [+] TrojanDownloader/SCR.Agent.ab!crit [+] TrojanDownloader/VBS.Agent.e!crit [+] TrojanDropper/W32.Agent.ld!crit [+] TrojanSpy/Python.Agent.f!crit [+] TrojanSpy/W64.Stealer.ad!crit [-] Trojan/W64.Obfuscated.d!crit ```新增遥测定义: 11 | 移除遥测定义: 23
``` [+] Backdoor/W32.Lotok.at!crit!submit [+] Exploit/SCR.CVE-2026-21509.e!crit!submit [+] Trojan/PS.Obfuscated.e!crit!submit [+] Trojan/SCR.Loader.e!crit!submit [+] Trojan/W32.Agent.ai!crit!submit [+] Trojan/W32.Injector.z!crit!submit [+] Trojan/W32.ShellLoader.akn!crit!submit [+] TrojanDownloader/HTML.Agent.l!crit!submit [+] TrojanDownloader/LNK.Agent.j!crit!submit [+] TrojanDownloader/Linux.Agent.t!crit!submit [+] TrojanSpy/W64.Stealer.ae!crit!submit [-] Backdoor/Linux.Marai.b!crit!submit [-] Backdoor/W32.Lotok.ar!crit!submit [-] Backdoor/W32.Lotok.as!crit!submit [-] HackTool/Linux.Chisel.a!crit!submit [-] Trojan/BAT.KillWin.ab!crit!submit [-] Trojan/MSIL.Obfuscated.bn!crit!submit [-] Trojan/Python.ShellLoader.b!crit!submit [-] Trojan/SCR.Agent.gk!crit!submit [-] Trojan/SCR.Loader.d!crit!submit [-] Trojan/W32.FakeApp.x!crit!submit [-] Trojan/W32.FakeApp.y!crit!submit [-] Trojan/W32.FakeApp.z!crit!submit [-] Trojan/W32.HiJack.s!crit!submit [-] Trojan/W32.HiJack.t!crit!submit [-] Trojan/W64.Loader.f!crit!submit [-] Trojan/W64.Obfuscated.e!crit!submit [-] TrojanDownloader/PS.Agent.ch!crit!submit [-] TrojanDownloader/PS.Agent.ci!crit!submit [-] TrojanDownloader/SCR.Agent.ab!crit!submit [-] TrojanDownloader/VBS.Agent.e!crit!submit [-] TrojanDropper/W32.Agent.ld!crit!submit [-] TrojanSpy/Python.Agent.f!crit!submit [-] TrojanSpy/W64.Stealer.ad!crit!submit ```1772450949 - 2026-03-02 11:29:09 UTC
#### 特征项变更 ([pset.txt](data/1772450949.pset.txt))新增正式定义: 64 | 移除正式定义: 1
``` [+] Backdoor/Agent.rj [+] Exploit/CVE-2017-11882.n [+] Exploit/Ksapi.a [+] Exploit/VulnDriver.w [+] HEUR:Backdoor/Agent.rl [+] HEUR:Trojan/PS.Obfuscator.g [+] HEUR:Trojan/VBS.Agent.eo [+] HEUR:Trojan/VBS.Agent.ep [+] HVM:Trojan/AvKiller.a [+] HVM:Trojan/Baidence.b [+] HVM:Trojan/Loader.nz [+] OMacro/Agent.ax [+] Ransom/LockFile.rt [+] Rootkit/Efchkmd.a [+] Trojan/BAT.Loader.y [+] Trojan/BAT.Obfuscated.az [+] Trojan/BAT.Obfuscated.ba [+] Trojan/CoinMiner.le [+] Trojan/CoinMiner.lf [+] Trojan/DllHijack.ah [+] Trojan/FakeApp.afx [+] Trojan/Injector.bhl [+] Trojan/Java.Agent.a [+] Trojan/KillWin.ds [+] Trojan/KillWin.dt [+] Trojan/LNK.Agent.bv [+] Trojan/LNK.Agent.bw [+] Trojan/LNK.Starter.cw [+] Trojan/LNK.Starter.cx [+] Trojan/LNK.Starter.cy [+] Trojan/LNK.Starter.cz [+] Trojan/LNK.Starter.da [+] Trojan/LNK.Starter.db [+] Trojan/Linux.DDos.bq [+] Trojan/Loader.nz [+] Trojan/MSIL.Obfuscated.ky [+] Trojan/PS.Rozena.c [+] Trojan/Ramsay.c [+] Trojan/Runner.fy [+] Trojan/ShellLoader.aji [+] Trojan/ShellLoader.ajj [+] Trojan/Shellloader.ajh [+] Trojan/W64.Agent.hp [+] TrojanDownloader/Agent.bmq [+] TrojanDownloader/LNK.Agent.hh [+] TrojanDownloader/LNK.Agent.hi [+] TrojanDownloader/LNK.Agent.hj [+] TrojanDownloader/LNK.Agent.hk [+] TrojanDownloader/LNK.Obfuscated.a [+] TrojanDownloader/LNK.Starter.a [+] TrojanDownloader/LNK.Starter.b [+] TrojanDownloader/Linux.Agent.en [+] TrojanDownloader/Maloader.bt [+] TrojanDownloader/W64.Agent.de [+] TrojanDownloader/W64.Agent.df [+] TrojanDropper/Agent.amp [+] TrojanDropper/Agent.amq [+] TrojanDropper/LNK.Starter.a [+] TrojanDropper/VBS.Agent.em [+] TrojanSpy/Stealer.tt [+] TrojanSpy/W64.Stealer.aj [+] Virus/TrapPro.a [+] Virus/Zaas.a [+] Virus/Zero.b [-] HEUR:Trojan/PS.Obfuscator.f ```新增遥测定义: 51 | 移除遥测定义: 74
``` [+] Backdoor/Lotok.or!submit [+] Backdoor/Lotok.os!submit [+] HVM:TrojanDownloader/Agent.bmr!submit [+] HVM:TrojanDownloader/W64.Agent.dg!submit [+] HVM:TrojanSpy/W64.Stealer.ak!submit [+] Trojan/BAT.Obfuscated.bb!submit [+] Trojan/BypassUAC.e!submit [+] Trojan/FakeApp.afy!submit [+] Trojan/FakeApp.afz!submit [+] Trojan/FakeApp.aga!submit [+] Trojan/FakeApp.agb!submit [+] Trojan/HiJack.yo!submit [+] Trojan/Injector.cmj!submit [+] Trojan/JS.Obfuscated.dq!submit [+] Trojan/JS.Obfuscated.dr!submit [+] Trojan/JS.Obfuscated.ds!submit [+] Trojan/JS.Obfuscated.dt!submit [+] Trojan/Loader.oa!submit [+] Trojan/MSIL.Obfuscated.kz!submit [+] Trojan/MSIL.Obfuscated.la!submit [+] Trojan/Obfuscated.og!submit [+] Trojan/Obfuscated.oh!submit [+] Trojan/PS.Agent.bv!submit [+] Trojan/PS.Obfuscated.q!submit [+] Trojan/PS.Obfuscator.f!submit [+] Trojan/PS.Obfuscator.g!submit [+] Trojan/ShellLoader.ajk!submit [+] Trojan/ShellLoader.ajl!submit [+] Trojan/W64.Agent.hq!submit [+] Trojan/W64.Agent.hr!submit [+] Trojan/W64.Agent.hs!submit [+] Trojan/W64.Agent.ht!submit [+] Trojan/W64.Agent.hu!submit [+] Trojan/W64.Injector.cq!submit [+] Trojan/W64.Injector.cr!submit [+] Trojan/W64.Loader.at!submit [+] Trojan/W64.Loader.au!submit [+] Trojan/W64.Loader.av!submit [+] TrojanDownloader/BAT.Agent.gl!submit [+] TrojanDownloader/HTML.Agent.bn!submit [+] TrojanDownloader/MSIL.Agent.ajq!submit [+] TrojanDownloader/PS.Agent.gh!submit [+] TrojanDownloader/PS.Agent.gi!submit [+] TrojanDownloader/VBS.Agent.ko!submit [+] TrojanDownloader/W64.Agent.dh!submit [+] TrojanDropper/Agent.amr!submit [+] TrojanDropper/Agent.ams!submit [+] TrojanDropper/Agent.amt!submit [+] TrojanDropper/Agent.amu!submit [+] TrojanSpy/W64.Stealer.ak!submit [+] Virus/Lisp.Bursted.l!submit [-] Exploit/CVE-2017-11882.n!submit [-] Exploit/Ksapi.a!submit [-] Exploit/VulnDriver.w!submit [-] HEUR:Backdoor/Agent.rl!submit [-] HEUR:Trojan/HVM03.i!submit [-] HEUR:Trojan/PS.Obfuscator.g!submit [-] HEUR:Trojan/VBS.Agent.eo!submit [-] HEUR:Trojan/VBS.Agent.ep!submit [-] HVM:Trojan/Agent.w!submit [-] HVM:Trojan/AvKiller.a!submit [-] HVM:Trojan/Baidence.b!submit [-] HVM:Trojan/Loader.nz!submit [-] HVM:Trojan/W64.Agent.hp!submit [-] OMacro/Agent.ax!submit [-] Ransom/LockFile.rt!submit [-] Rootkit/Efchkmd.a!submit [-] Trojan/Agent.clu!submit [-] Trojan/Agent.cme!submit [-] Trojan/BAT.Loader.y!submit [-] Trojan/BAT.Obfuscated.az!submit [-] Trojan/BAT.Obfuscated.ba!submit [-] Trojan/CoinMiner.le!submit [-] Trojan/CoinMiner.lf!submit [-] Trojan/DllHijack.ah!submit [-] Trojan/FakeApp.afx!submit [-] Trojan/Hijack.nf!submit [-] Trojan/Injector.bhl!submit [-] Trojan/Injector.clw!submit [-] Trojan/Java.Agent.a!submit [-] Trojan/KillWin.ds!submit [-] Trojan/KillWin.dt!submit [-] Trojan/LNK.Agent.bv!submit [-] Trojan/LNK.Agent.bw!submit [-] Trojan/LNK.Starter.cw!submit [-] Trojan/LNK.Starter.cx!submit [-] Trojan/LNK.Starter.cy!submit [-] Trojan/LNK.Starter.cz!submit [-] Trojan/LNK.Starter.da!submit [-] Trojan/LNK.Starter.db!submit [-] Trojan/Linux.DDos.bq!submit [-] Trojan/Loader.nz!submit [-] Trojan/MSIL.Obfuscated.ky!submit [-] Trojan/PS.Injector.d!submit [-] Trojan/PS.Rozena.c!submit [-] Trojan/Ramsay.c!submit [-] Trojan/Runner.fy!submit [-] Trojan/ShellLoader.aji!submit [-] Trojan/ShellLoader.ajj!submit [-] Trojan/Shellloader.ajh!submit [-] Trojan/W64.Agent.hp!submit [-] TrojanDownloader/Agent.bmq!submit [-] TrojanDownloader/LNK.Agent.he!submit [-] TrojanDownloader/LNK.Agent.hf!submit [-] TrojanDownloader/LNK.Agent.hg!submit [-] TrojanDownloader/LNK.Agent.hh!submit [-] TrojanDownloader/LNK.Agent.hi!submit [-] TrojanDownloader/LNK.Agent.hj!submit [-] TrojanDownloader/LNK.Agent.hk!submit [-] TrojanDownloader/LNK.Obfuscated.a!submit [-] TrojanDownloader/LNK.Starter.a!submit [-] TrojanDownloader/LNK.Starter.b!submit [-] TrojanDownloader/Linux.Agent.en!submit [-] TrojanDownloader/W64.Agent.de!submit [-] TrojanDownloader/W64.Agent.df!submit [-] TrojanDropper/Agent.amp!submit [-] TrojanDropper/Agent.amq!submit [-] TrojanDropper/LNK.Starter.a!submit [-] TrojanDropper/VBS.Agent.em!submit [-] TrojanSpy/MSIL.PwStealer.cl!submit [-] TrojanSpy/Stealer.tt!submit [-] TrojanSpy/W64.Stealer.aj!submit [-] Virus/TrapPro.a!submit [-] Virus/Zaas.a!submit [-] Virus/Zero.b!submit ```新增正式定义: 27 | 移除正式定义: 3
``` [+] Backdoor/Linux.Gafgyt.e!crit [+] Backdoor/PHP.WebShell.ao!crit [+] Backdoor/PHP.WebShell.ap!crit [+] Exploit/Linux.CVE-2022-2602.a!crit [+] Exploit/Linux.CVE-2023-2598.a!crit [+] Exploit/Linux.CVE-2024-0582.a!crit [+] Exploit/Python.FnOS-RCE.a!crit [+] Exploit/W32.CVE-2021-1732.a!crit [+] HackTool/W64.PwStealer.b!crit [+] Trojan/HTML.Injector.b!crit [+] Trojan/JS.Obfuscated.aa!crit [+] Trojan/JS.Obfuscated.ab!crit [+] Trojan/JS.Obfuscated.w!crit [+] Trojan/JS.Obfuscated.x!crit [+] Trojan/JS.Obfuscated.y!crit [+] Trojan/Linux.DDos.d!crit [+] Trojan/MSIL.Obfuscated.bl!crit [+] Trojan/MSIL.Obfuscated.bm!crit [+] Trojan/SCR.Agent.gj!crit [+] Trojan/W32.Agent.cugg!crit [+] Trojan/W32.Agent.cugh!crit [+] Trojan/W32.Agent.cugi!crit [+] Trojan/W32.Agent.cugj!crit [+] Trojan/W32.CoinMiner.aa!crit [+] Trojan/W32.KillAV.ab!crit [+] Trojan/W64.Obfuscated.c!crit [+] Trojan/W64.Obfuscated.d!crit [-] Backdoor/.WebShell.ey!crit [-] Backdoor/.WebShell.fj!crit [-] Trojan/.JS.Obfuscated.a!crit ```新增遥测定义: 23 | 移除遥测定义: 24
``` [+] Backdoor/Linux.Marai.b!crit!submit [+] Backdoor/W32.Lotok.ar!crit!submit [+] Backdoor/W32.Lotok.as!crit!submit [+] HackTool/Linux.Chisel.a!crit!submit [+] Trojan/BAT.KillWin.ab!crit!submit [+] Trojan/MSIL.Obfuscated.bn!crit!submit [+] Trojan/Python.ShellLoader.b!crit!submit [+] Trojan/SCR.Agent.gk!crit!submit [+] Trojan/SCR.Loader.d!crit!submit [+] Trojan/W32.FakeApp.x!crit!submit [+] Trojan/W32.FakeApp.y!crit!submit [+] Trojan/W32.FakeApp.z!crit!submit [+] Trojan/W32.HiJack.s!crit!submit [+] Trojan/W32.HiJack.t!crit!submit [+] Trojan/W64.Loader.f!crit!submit [+] Trojan/W64.Obfuscated.e!crit!submit [+] TrojanDownloader/PS.Agent.ch!crit!submit [+] TrojanDownloader/PS.Agent.ci!crit!submit [+] TrojanDownloader/SCR.Agent.ab!crit!submit [+] TrojanDownloader/VBS.Agent.e!crit!submit [+] TrojanDropper/W32.Agent.ld!crit!submit [+] TrojanSpy/Python.Agent.f!crit!submit [+] TrojanSpy/W64.Stealer.ad!crit!submit [-] Backdoor/Linux.Gafgyt.e!crit!submit [-] Exploit/Linux.CVE-2022-2602.a!crit!submit [-] Exploit/Linux.CVE-2023-2598.a!crit!submit [-] Exploit/Linux.CVE-2024-0582.a!crit!submit [-] Exploit/Python.FnOS-RCE.a!crit!submit [-] Exploit/W32.CVE-2021-1732.a!crit!submit [-] HackTool/W64.PwStealer.b!crit!submit [-] Trojan/HTML.Injector.b!crit!submit [-] Trojan/JS.Obfuscated.aa!crit!submit [-] Trojan/JS.Obfuscated.ab!crit!submit [-] Trojan/JS.Obfuscated.w!crit!submit [-] Trojan/JS.Obfuscated.x!crit!submit [-] Trojan/JS.Obfuscated.y!crit!submit [-] Trojan/Linux.DDos.d!crit!submit [-] Trojan/MSIL.Obfuscated.bl!crit!submit [-] Trojan/MSIL.Obfuscated.bm!crit!submit [-] Trojan/SCR.Agent.gj!crit!submit [-] Trojan/W32.Agent.cugg!crit!submit [-] Trojan/W32.Agent.cugh!crit!submit [-] Trojan/W32.Agent.cugi!crit!submit [-] Trojan/W32.Agent.cugj!crit!submit [-] Trojan/W32.CoinMiner.aa!crit!submit [-] Trojan/W64.Obfuscated.c!crit!submit [-] Trojan/W64.Obfuscated.d!crit!submit ```1772359890 - 2026-03-01 10:11:30 UTC
#### 黑名单哈希变更 ([troj.txt](data/1772359890.troj.txt)) 新增: 431772275987 - 2026-02-28 10:53:07 UTC
#### 特征项变更 ([pset.txt](data/1772275987.pset.txt))新增正式定义: 28
``` [+] Exploit/CVE-2021-1732 [+] Exploit/CVE-2022-2602 [+] Exploit/CVE-2023-2598 [+] Exploit/CVE-2024-0582 [+] HEUR:Trojan/PS.Obfuscator.f [+] HEUR:Trojan/PS.Runner.aa [+] HVM:Trojan/W64.Agent.hp [+] HackTool/Avred.a [+] Ransom/LockFile.rs [+] Trojan/Agent.cmi [+] Trojan/Agent.cmj [+] Trojan/BAT.Obfuscated.ay [+] Trojan/HTML.Phishing.hf [+] Trojan/Injector.cmi [+] Trojan/JS.Obfuscated.do [+] Trojan/KillMBR.cr [+] Trojan/MSIL.Obfuscated.kx [+] Trojan/W64.Agent.hn [+] Trojan/W64.Agent.ho [+] TrojanDownloader/Agent.bmp [+] TrojanDownloader/OSX.Agent.i [+] TrojanDownloader/PS.Agent.gg [+] TrojanDropper/BAT.Agent.bv [+] TrojanDropper/VBS.Agent.ek [+] TrojanDropper/VBS.Agent.el [+] TrojanSpy/Stealer.tr [+] TrojanSpy/Stealer.ts [+] TrojanSpy/Steam.ab ```新增遥测定义: 34 | 移除遥测定义: 25
``` [+] Exploit/VulnDriver.w!submit [+] HEUR:Backdoor/Agent.rl!submit [+] HEUR:Trojan/PS.Obfuscator.g!submit [+] HEUR:Trojan/VBS.Agent.eo!submit [+] HEUR:Trojan/VBS.Agent.ep!submit [+] HVM:Backdoor/Lotok.cs!submit [+] HVM:Trojan/Loader.nz!submit [+] OMacro/Agent.ax!submit [+] Ransom/LockFile.rt!submit [+] Trojan/BAT.Loader.y!submit [+] Trojan/BAT.Obfuscated.az!submit [+] Trojan/BAT.Obfuscated.ba!submit [+] Trojan/DllHijack.ah!submit [+] Trojan/Java.Agent.a!submit [+] Trojan/KillWin.ds!submit [+] Trojan/KillWin.dt!submit [+] Trojan/Linux.DDos.bq!submit [+] Trojan/Loader.nz!submit [+] Trojan/MSIL.Obfuscated.ky!submit [+] Trojan/Runner.fy!submit [+] Trojan/ShellLoader.aji!submit [+] Trojan/ShellLoader.ajj!submit [+] Trojan/Shellloader.ajh!submit [+] Trojan/W64.Agent.hp!submit [+] TrojanDownloader/Agent.bmq!submit [+] TrojanDownloader/LNK.Agent.hk!submit [+] TrojanDownloader/Linux.Agent.en!submit [+] TrojanDownloader/W64.Agent.de!submit [+] TrojanDownloader/W64.Agent.df!submit [+] TrojanDropper/Agent.amp!submit [+] TrojanDropper/Agent.amq!submit [+] TrojanDropper/VBS.Agent.em!submit [+] TrojanSpy/Stealer.tt!submit [+] TrojanSpy/W64.Stealer.aj!submit [-] Backdoor/Farfli.ac!submit [-] HEUR:Trojan/PS.Obfuscator.f!submit [-] HEUR:Trojan/PS.Runner.aa!submit [-] HackTool/Avred.a!submit [-] Ransom/LockFile.rs!submit [-] Trojan/Agent.cmj!submit [-] Trojan/BAT.Obfuscated.ay!submit [-] Trojan/HTML.Phishing.hf!submit [-] Trojan/Injector.cmi!submit [-] Trojan/JS.Obfuscated.do!submit [-] Trojan/KillMBR.cr!submit [-] Trojan/MSIL.Obfuscated.kx!submit [-] Trojan/W64.Agent.hn!submit [-] Trojan/W64.Agent.ho!submit [-] TrojanDownloader/Agent.blg!submit [-] TrojanDownloader/Agent.bmp!submit [-] TrojanDownloader/OSX.Agent.i!submit [-] TrojanDownloader/PS.Agent.gg!submit [-] TrojanDropper/Agent.ami!submit [-] TrojanDropper/BAT.Agent.bv!submit [-] TrojanDropper/VBS.Agent.ek!submit [-] TrojanDropper/VBS.Agent.el!submit [-] TrojanSpy/Stealer.tr!submit [-] TrojanSpy/Stealer.ts!submit [-] TrojanSpy/Steam.ab!submit ```新增正式定义: 16 | 移除正式定义: 1
``` [+] Adware/Android.PornTool.n!crit [+] Adware/Android.PornTool.o!crit [+] Adware/Android.PornTool.p!crit [+] HackTool/W64.Resocks.a!crit [+] Trojan/BAT.Obfuscated.arj!crit [+] Trojan/JS.Agent.a!crit [+] Trojan/JS.Agent.d!crit [+] Trojan/JS.Agent.e!crit [+] Trojan/LUA.Agent.a!crit [+] Trojan/Linux.CoinMiner.b!crit [+] Trojan/MSIL.Obfuscated.bk!crit [+] Trojan/SCR.Loader.c!crit [+] Trojan/W32.Agent.cugf!crit [+] Trojan/W64.Agent.n!crit [+] TrojanDownloader/HTML.Agent.k!crit [+] TrojanSpy/JS.Stealer.a!crit [-] Trojan/W32.Agent.alty!crit ```新增遥测定义: 23 | 移除遥测定义: 17
``` [+] Backdoor/Linux.Gafgyt.e!crit!submit [+] Exploit/Linux.CVE-2022-2602.a!crit!submit [+] Exploit/Linux.CVE-2023-2598.a!crit!submit [+] Exploit/Linux.CVE-2024-0582.a!crit!submit [+] Exploit/Python.FnOS-RCE.a!crit!submit [+] Exploit/W32.CVE-2021-1732.a!crit!submit [+] HackTool/W64.PwStealer.b!crit!submit [+] Trojan/HTML.Injector.b!crit!submit [+] Trojan/JS.Obfuscated.aa!crit!submit [+] Trojan/JS.Obfuscated.ab!crit!submit [+] Trojan/JS.Obfuscated.w!crit!submit [+] Trojan/JS.Obfuscated.x!crit!submit [+] Trojan/JS.Obfuscated.y!crit!submit [+] Trojan/JS.Obfuscated.z!crit!submit [+] Trojan/Linux.DDos.d!crit!submit [+] Trojan/MSIL.Obfuscated.bl!crit!submit [+] Trojan/MSIL.Obfuscated.bm!crit!submit [+] Trojan/W32.Agent.cugg!crit!submit [+] Trojan/W32.Agent.cugh!crit!submit [+] Trojan/W32.Agent.cugi!crit!submit [+] Trojan/W32.Agent.cugj!crit!submit [+] Trojan/W64.Obfuscated.c!crit!submit [+] Trojan/W64.Obfuscated.d!crit!submit [-] Adware/Android.PornTool.n!crit!submit [-] Adware/Android.PornTool.o!crit!submit [-] Adware/Android.PornTool.p!crit!submit [-] HackTool/W64.Resocks.a!crit!submit [-] Trojan/BAT.Obfuscated.arj!crit!submit [-] Trojan/JS.Agent.a!crit!submit [-] Trojan/JS.Agent.d!crit!submit [-] Trojan/JS.Agent.e!crit!submit [-] Trojan/LUA.Agent.a!crit!submit [-] Trojan/Linux.CoinMiner.b!crit!submit [-] Trojan/MSIL.Obfuscated.bk!crit!submit [-] Trojan/SCR.Loader.c!crit!submit [-] Trojan/W32.Agent.cugf!crit!submit [-] Trojan/W64.Agent.n!crit!submit [-] TrojanDownloader/HTML.Agent.k!crit!submit [-] TrojanDownloader/SCR.Agent.b!crit!submit [-] TrojanSpy/JS.Stealer.a!crit!submit ```1772191343 - 2026-02-27 11:22:23 UTC
#### 特征项变更 ([pset.txt](data/1772191343.pset.txt))新增正式定义: 61 | 移除正式定义: 4
``` [+] Adware/Android.PornTool.n [+] Backdoor/Agent.rk [+] Backdoor/W64.Agent.p [+] Exploit/Linux.CVE-2003-0352.b [+] HEUR:Trojan/BAT.Loader.x [+] HEUR:Trojan/PS.Loader.y [+] HEUR:Trojan/Runner.fy [+] HEUR:TrojanDownloader/Agent.dn [+] HEUR:TrojanDownloader/LNK.Agent.hk [+] HEUR:TrojanDownloader/VBS.Agent.ko [+] HEUR:TrojanDropper/BAT.Agent.bv [+] HVM:Backdoor/Lotok.cq [+] HVM:Trojan/CoinMiner.g [+] HVM:Trojan/Loader.ny [+] Joke/CrazyScreen.ba [+] Trojan/Agent.cmh [+] Trojan/Android.FakeApp.q [+] Trojan/BAT.KillWin.bf [+] Trojan/BAT.KillWin.bg [+] Trojan/BAT.Loader.x [+] Trojan/BAT.Obfuscated.aw [+] Trojan/BAT.Obfuscated.ax [+] Trojan/KillAv.dg [+] Trojan/KillWin.dq [+] Trojan/KillWin.dr [+] Trojan/Linux.DDos.bp [+] Trojan/Linux.Mirai.hj [+] Trojan/Loader.ny [+] Trojan/MSIL.KillFiles.a [+] Trojan/MSIL.Obfuscated.kw [+] Trojan/PS.Injector.e [+] Trojan/PS.Injector.f [+] Trojan/Runner.fx [+] Trojan/ShellLoader.ajf [+] Trojan/ShellLoader.ajg [+] Trojan/W64.Agent.hk [+] Trojan/W64.Agent.hl [+] Trojan/W64.Agent.hm [+] Trojan/W64.Injector.co [+] Trojan/W64.Injector.cp [+] TrojanDownloader/Agent.bmo [+] TrojanDownloader/BAT.Agent.gj [+] TrojanDownloader/JS.Agent.ip [+] TrojanDownloader/Linux.Agent.ek [+] TrojanDownloader/Linux.Agent.el [+] TrojanDownloader/Linux.Agent.em [+] TrojanDownloader/PS.Agent.gc [+] TrojanDownloader/PS.Agent.gd [+] TrojanDownloader/PS.Agent.ge [+] TrojanDownloader/PS.Agent.gf [+] TrojanDownloader/VBS.Agent.km [+] TrojanDownloader/VBS.Agent.kn [+] TrojanDropper/Agent.ami [+] TrojanDropper/Agent.amj [+] TrojanDropper/Agent.amk [+] TrojanDropper/Agent.aml [+] TrojanDropper/VBS.Agent.ej [+] TrojanSpy/Stealer.to [+] TrojanSpy/Stealer.tp [+] TrojanSpy/Stealer.tq [+] TrojanSpy/W64.Stealer.ai [-] Trojan/MSIL.Obfuscated.ia [-] Trojan/Mediyes.c [-] TrojanDownloader/Agent.bkq [-] TrojanSpy/MSIL.Stealer.ko ```新增遥测定义: 38 | 移除遥测定义: 66
``` [+] HEUR:Trojan/PS.Obfuscator.f!submit [+] HEUR:Trojan/PS.Runner.aa!submit [+] HVM:Trojan/W64.Agent.hp!submit [+] HackTool/Avred.a!submit [+] Ransom/LockFile.rs!submit [+] Rootkit/Efchkmd.a!submit [+] Trojan/Agent.cmj!submit [+] Trojan/BAT.Obfuscated.ay!submit [+] Trojan/CoinMiner.le!submit [+] Trojan/CoinMiner.lf!submit [+] Trojan/FakeApp.afp!submit [+] Trojan/FakeApp.afq!submit [+] Trojan/FakeApp.afr!submit [+] Trojan/FakeApp.afs!submit [+] Trojan/FakeApp.aft!submit [+] Trojan/FakeApp.afu!submit [+] Trojan/FakeApp.afv!submit [+] Trojan/FakeApp.afw!submit [+] Trojan/FakeApp.afx!submit [+] Trojan/HTML.Phishing.hf!submit [+] Trojan/Injector.cmi!submit [+] Trojan/JS.Obfuscated.do!submit [+] Trojan/KillMBR.cr!submit [+] Trojan/MSIL.Obfuscated.kx!submit [+] Trojan/W64.Agent.hn!submit [+] Trojan/W64.Agent.ho!submit [+] TrojanDownloader/Agent.bmp!submit [+] TrojanDownloader/OSX.Agent.i!submit [+] TrojanDownloader/PS.Agent.gg!submit [+] TrojanDropper/Agent.amm!submit [+] TrojanDropper/Agent.amn!submit [+] TrojanDropper/Agent.amo!submit [+] TrojanDropper/BAT.Agent.bv!submit [+] TrojanDropper/VBS.Agent.ek!submit [+] TrojanDropper/VBS.Agent.el!submit [+] TrojanSpy/Stealer.tr!submit [+] TrojanSpy/Stealer.ts!submit [+] TrojanSpy/Steam.ab!submit [-] Adware/Android.PornTool.n!submit [-] Backdoor/Agent.rj!submit [-] Backdoor/Agent.rk!submit [-] Backdoor/W64.Agent.p!submit [-] Exploit/Linux.CVE-2003-0352.b!submit [-] HEUR:Trojan/BAT.Loader.x!submit [-] HEUR:Trojan/PS.Loader.y!submit [-] HEUR:Trojan/Runner.fy!submit [-] HEUR:TrojanDownloader/Agent.dn!submit [-] HEUR:TrojanDownloader/LNK.Agent.hk!submit [-] HEUR:TrojanDownloader/VBS.Agent.ko!submit [-] HEUR:TrojanDropper/BAT.Agent.bv!submit [-] HVM:Backdoor/Lotok.cq!submit [-] HVM:Trojan/Agent.clu!submit [-] HVM:Trojan/CoinMiner.g!submit [-] HVM:Trojan/Loader.ny!submit [-] HVM:TrojanDownloader/W64.Agent.de!submit [-] Joke/CrazyScreen.ba!submit [-] Trojan/Agent.cmh!submit [-] Trojan/Android.FakeApp.q!submit [-] Trojan/BAT.KillWin.bf!submit [-] Trojan/BAT.KillWin.bg!submit [-] Trojan/BAT.Loader.x!submit [-] Trojan/BAT.Obfuscated.aw!submit [-] Trojan/BAT.Obfuscated.ax!submit [-] Trojan/KillAv.dg!submit [-] Trojan/KillWin.dq!submit [-] Trojan/KillWin.dr!submit [-] Trojan/Linux.DDos.bp!submit [-] Trojan/Linux.Mirai.hj!submit [-] Trojan/Loader.ny!submit [-] Trojan/MSIL.KillFiles.a!submit [-] Trojan/MSIL.Obfuscated.kw!submit [-] Trojan/PS.Injector.e!submit [-] Trojan/PS.Injector.f!submit [-] Trojan/Runner.fx!submit [-] Trojan/ShellLoader.ajc!submit [-] Trojan/ShellLoader.aje!submit [-] Trojan/ShellLoader.ajf!submit [-] Trojan/ShellLoader.ajg!submit [-] Trojan/W64.Agent.hk!submit [-] Trojan/W64.Agent.hl!submit [-] Trojan/W64.Agent.hm!submit [-] Trojan/W64.Injector.co!submit [-] Trojan/W64.Injector.cp!submit [-] TrojanDownloader/Agent.bmo!submit [-] TrojanDownloader/BAT.Agent.gj!submit [-] TrojanDownloader/JS.Agent.ip!submit [-] TrojanDownloader/Linux.Agent.ek!submit [-] TrojanDownloader/Linux.Agent.el!submit [-] TrojanDownloader/Linux.Agent.em!submit [-] TrojanDownloader/Maloader.bt!submit [-] TrojanDownloader/PS.Agent.gc!submit [-] TrojanDownloader/PS.Agent.gd!submit [-] TrojanDownloader/PS.Agent.ge!submit [-] TrojanDownloader/PS.Agent.gf!submit [-] TrojanDownloader/VBS.Agent.km!submit [-] TrojanDownloader/VBS.Agent.kn!submit [-] TrojanDropper/Agent.amj!submit [-] TrojanDropper/Agent.amk!submit [-] TrojanDropper/Agent.aml!submit [-] TrojanDropper/VBS.Agent.ej!submit [-] TrojanSpy/Stealer.to!submit [-] TrojanSpy/Stealer.tp!submit [-] TrojanSpy/Stealer.tq!submit [-] TrojanSpy/W64.Stealer.ai!submit ```新增正式定义: 208 | 移除正式定义: 5
``` [+] Adware/Android.PornTool.k!crit [+] Adware/Android.PornTool.l!crit [+] Adware/Android.PornTool.m!crit [+] Backdoor/.WebShell.ey!crit [+] Backdoor/.WebShell.fj!crit [+] Backdoor/BAT.WebShell.ez!crit [+] Backdoor/HTML.WebShell.a!crit [+] Backdoor/HTML.WebShell.b!crit [+] Backdoor/HTML.WebShell.bz!crit [+] Backdoor/HTML.WebShell.c!crit [+] Backdoor/HTML.WebShell.cb!crit [+] Backdoor/HTML.WebShell.cc!crit [+] Backdoor/HTML.WebShell.cf!crit [+] Backdoor/HTML.WebShell.cg!crit [+] Backdoor/HTML.WebShell.ch!crit [+] Backdoor/HTML.WebShell.ci!crit [+] Backdoor/HTML.WebShell.cj!crit [+] Backdoor/HTML.WebShell.cl!crit [+] Backdoor/HTML.WebShell.cn!crit [+] Backdoor/HTML.WebShell.cq!crit [+] Backdoor/HTML.WebShell.cs!crit [+] Backdoor/HTML.WebShell.ct!crit [+] Backdoor/HTML.WebShell.cu!crit [+] Backdoor/HTML.WebShell.cw!crit [+] Backdoor/HTML.WebShell.cy!crit [+] Backdoor/HTML.WebShell.cz!crit [+] Backdoor/HTML.WebShell.d!crit [+] Backdoor/HTML.WebShell.db!crit [+] Backdoor/HTML.WebShell.dc!crit [+] Backdoor/HTML.WebShell.dd!crit [+] Backdoor/HTML.WebShell.de!crit [+] Backdoor/HTML.WebShell.dh!crit [+] Backdoor/HTML.WebShell.di!crit [+] Backdoor/HTML.WebShell.dj!crit [+] Backdoor/HTML.WebShell.dl!crit [+] Backdoor/HTML.WebShell.dn!crit [+] Backdoor/HTML.WebShell.do!crit [+] Backdoor/HTML.WebShell.dt!crit [+] Backdoor/HTML.WebShell.du!crit [+] Backdoor/HTML.WebShell.dx!crit [+] Backdoor/HTML.WebShell.dy!crit [+] Backdoor/HTML.WebShell.dz!crit [+] Backdoor/HTML.WebShell.e!crit [+] Backdoor/HTML.WebShell.ea!crit [+] Backdoor/HTML.WebShell.eb!crit [+] Backdoor/HTML.WebShell.ec!crit [+] Backdoor/HTML.WebShell.ed!crit [+] Backdoor/HTML.WebShell.ee!crit [+] Backdoor/HTML.WebShell.eh!crit [+] Backdoor/HTML.WebShell.en!crit [+] Backdoor/HTML.WebShell.ep!crit [+] Backdoor/HTML.WebShell.eq!crit [+] Backdoor/HTML.WebShell.er!crit [+] Backdoor/HTML.WebShell.et!crit [+] Backdoor/HTML.WebShell.eu!crit [+] Backdoor/HTML.WebShell.ev!crit [+] Backdoor/HTML.WebShell.ew!crit [+] Backdoor/HTML.WebShell.ex!crit [+] Backdoor/HTML.WebShell.f!crit [+] Backdoor/HTML.WebShell.fa!crit [+] Backdoor/HTML.WebShell.fc!crit [+] Backdoor/HTML.WebShell.fd!crit [+] Backdoor/HTML.WebShell.fe!crit [+] Backdoor/HTML.WebShell.ff!crit [+] Backdoor/HTML.WebShell.fg!crit [+] Backdoor/HTML.WebShell.fh!crit [+] Backdoor/HTML.WebShell.fi!crit [+] Backdoor/HTML.WebShell.fk!crit [+] Backdoor/HTML.WebShell.fl!crit [+] Backdoor/HTML.WebShell.fm!crit [+] Backdoor/HTML.WebShell.g!crit [+] Backdoor/HTML.WebShell.h!crit [+] Backdoor/HTML.WebShell.i!crit [+] Backdoor/JS.WebShell.a!crit [+] Backdoor/JS.WebShell.bw!crit [+] Backdoor/JS.WebShell.bx!crit [+] Backdoor/JS.WebShell.by!crit [+] Backdoor/JS.WebShell.ca!crit [+] Backdoor/JS.WebShell.cd!crit [+] Backdoor/JS.WebShell.ce!crit [+] Backdoor/JS.WebShell.ck!crit [+] Backdoor/JS.WebShell.cm!crit [+] Backdoor/JS.WebShell.co!crit [+] Backdoor/JS.WebShell.cp!crit [+] Backdoor/JS.WebShell.cr!crit [+] Backdoor/JS.WebShell.cv!crit [+] Backdoor/JS.WebShell.cx!crit [+] Backdoor/JS.WebShell.da!crit [+] Backdoor/JS.WebShell.df!crit [+] Backdoor/JS.WebShell.dg!crit [+] Backdoor/JS.WebShell.dk!crit [+] Backdoor/JS.WebShell.dm!crit [+] Backdoor/JS.WebShell.dp!crit [+] Backdoor/JS.WebShell.dq!crit [+] Backdoor/JS.WebShell.dr!crit [+] Backdoor/JS.WebShell.ds!crit [+] Backdoor/JS.WebShell.dv!crit [+] Backdoor/JS.WebShell.dw!crit [+] Backdoor/JS.WebShell.dx!crit [+] Backdoor/JS.WebShell.dy!crit [+] Backdoor/JS.WebShell.dz!crit [+] Backdoor/JS.WebShell.eb!crit [+] Backdoor/JS.WebShell.ec!crit [+] Backdoor/JS.WebShell.ed!crit [+] Backdoor/JS.WebShell.ee!crit [+] Backdoor/JS.WebShell.ef!crit [+] Backdoor/JS.WebShell.eg!crit [+] Backdoor/JS.WebShell.ei!crit [+] Backdoor/JS.WebShell.ej!crit [+] Backdoor/JS.WebShell.ek!crit [+] Backdoor/JS.WebShell.el!crit [+] Backdoor/JS.WebShell.em!crit [+] Backdoor/JS.WebShell.eo!crit [+] Backdoor/JS.WebShell.ep!crit [+] Backdoor/JS.WebShell.eq!crit [+] Backdoor/JS.WebShell.es!crit [+] Backdoor/JS.WebShell.et!crit [+] Backdoor/JS.WebShell.ev!crit [+] Backdoor/JS.WebShell.ew!crit [+] Backdoor/JS.WebShell.ex!crit [+] Backdoor/JS.WebShell.ey!crit [+] Backdoor/JS.WebShell.ez!crit [+] Backdoor/JS.WebShell.fa!crit [+] Backdoor/JS.WebShell.fb!crit [+] Backdoor/JS.WebShell.fc!crit [+] Backdoor/JS.WebShell.fd!crit [+] Backdoor/JS.WebShell.ff!crit [+] Backdoor/JS.WebShell.fg!crit [+] Backdoor/JS.WebShell.fn!crit [+] Backdoor/JS.WebShell.fp!crit [+] Backdoor/JS.WebShell.fr!crit [+] Backdoor/PHP.WebShell.ak!crit [+] Backdoor/PHP.WebShell.al!crit [+] Backdoor/PHP.WebShell.am!crit [+] Backdoor/PHP.WebShell.an!crit [+] Backdoor/PHP.WebShell.er!crit [+] Backdoor/PHP.WebShell.eu!crit [+] Backdoor/PHP.WebShell.fe!crit [+] Backdoor/PHP.WebShell.fh!crit [+] Backdoor/VBS.WebShell.b!crit [+] Backdoor/VBS.WebShell.c!crit [+] Backdoor/VBS.WebShell.d!crit [+] Backdoor/VBS.WebShell.e!crit [+] Backdoor/VBS.WebShell.es!crit [+] Backdoor/VBS.WebShell.f!crit [+] Backdoor/VBS.WebShell.fb!crit [+] Backdoor/VBS.WebShell.fn!crit [+] Backdoor/VBS.WebShell.fq!crit [+] Backdoor/VBS.WebShell.g!crit [+] Backdoor/VBS.WebShell.h!crit [+] Backdoor/VBS.WebShell.i!crit [+] Backdoor/VBS.WebShell.j!crit [+] Backdoor/VBS.WebShell.k!crit [+] Backdoor/VBS.WebShell.l!crit [+] Backdoor/VBS.WebShell.m!crit [+] Backdoor/VBS.WebShell.n!crit [+] Backdoor/VBS.WebShell.o!crit [+] Backdoor/VBS.WebShell.p!crit [+] Backdoor/VBS.WebShell.q!crit [+] Backdoor/VBS.WebShell.r!crit [+] Backdoor/VBS.WebShell.s!crit [+] Backdoor/VBS.WebShell.t!crit [+] Backdoor/VBS.WebShell.u!crit [+] Backdoor/W32.Lotok.ap!crit [+] Backdoor/W32.Lotok.aq!crit [+] Exploit/SCR.CVE-2026-21509.d!crit [+] Joke/W64.CrazyScreen.a!crit [+] OMacro/SCR.Loader.a!crit [+] Ransom/W32.Babuk.a!crit [+] Ransom/W64.Zetarink.a!crit [+] Trojan/BAT.Loader.a!crit [+] Trojan/BAT.Runner.c!crit [+] Trojan/JS.Obfuscated.s!crit [+] Trojan/JS.Obfuscated.t!crit [+] Trojan/JS.Obfuscated.u!crit [+] Trojan/JS.Obfuscated.v!crit [+] Trojan/Linux.Agent.gvk!crit [+] Trojan/Linux.Mirai.r!crit [+] Trojan/MSIL.Obfuscated.bi!crit [+] Trojan/MSIL.Obfuscated.bj!crit [+] Trojan/PS.ReverseShell.b!crit [+] Trojan/PS.ReverseShell.c!crit [+] Trojan/Python.Agent.d!crit [+] Trojan/SCR.Agent.gg!crit [+] Trojan/SCR.Agent.gh!crit [+] Trojan/SCR.Agent.gi!crit [+] Trojan/SCR.FakeApp.dd!crit [+] Trojan/SCR.Loader.b!crit [+] Trojan/SCR.Phishing.b!crit [+] Trojan/SCR.ShellCode.u!crit [+] Trojan/W32.0KBAttack.a!crit [+] Trojan/W32.KillWin.d!crit [+] Trojan/W32.Loader.q!crit [+] Trojan/W32.ShellLoader.akm!crit [+] Trojan/W64.Agent.m!crit [+] Trojan/W64.CoinMiner.c!crit [+] Trojan/W64.Injector.m!crit [+] Trojan/W64.KillWin.e!crit [+] TrojanDownloader/BAT.Agent.m!crit [+] TrojanDownloader/JS.Agent.e!crit [+] TrojanDownloader/Linux.Agent.r!crit [+] TrojanDownloader/Linux.Agent.s!crit [+] TrojanDownloader/PS.Agent.cf!crit [+] TrojanDownloader/PS.Agent.cg!crit [+] TrojanDownloader/SCR.Agent.b!crit [+] TrojanDownloader/SCR.Agent.c!crit [+] TrojanDownloader/VBS.Agent.d!crit [+] TrojanDownloader/W32.Agent.p!crit [-] OMacro/SRC.Loader.a!crit [-] Rootkit/W32.Efchkmd.a!crit [-] TrojanDownloader/SRC.Agent.a!crit [-] TrojanDownloader/SRC.Agent.b!crit [-] TrojanDownloader/SRC.Agent.c!crit ```新增遥测定义: 19 | 移除遥测定义: 206
``` [+] Adware/Android.PornTool.n!crit!submit [+] Adware/Android.PornTool.o!crit!submit [+] Adware/Android.PornTool.p!crit!submit [+] HackTool/W64.Resocks.a!crit!submit [+] Trojan/BAT.Obfuscated.arj!crit!submit [+] Trojan/JS.Agent.a!crit!submit [+] Trojan/JS.Agent.d!crit!submit [+] Trojan/JS.Agent.e!crit!submit [+] Trojan/LUA.Agent.a!crit!submit [+] Trojan/Linux.CoinMiner.b!crit!submit [+] Trojan/MSIL.Obfuscated.bk!crit!submit [+] Trojan/SCR.Agent.gj!crit!submit [+] Trojan/SCR.Loader.c!crit!submit [+] Trojan/W32.Agent.cugf!crit!submit [+] Trojan/W32.CoinMiner.aa!crit!submit [+] Trojan/W64.Agent.n!crit!submit [+] TrojanDownloader/HTML.Agent.k!crit!submit [+] TrojanDownloader/SCR.Agent.b!crit!submit [+] TrojanSpy/JS.Stealer.a!crit!submit [-] Adware/Android.PornTool.k!crit!submit [-] Adware/Android.PornTool.l!crit!submit [-] Adware/Android.PornTool.m!crit!submit [-] Backdoor/.WebShell.ey!crit!submit [-] Backdoor/.WebShell.fj!crit!submit [-] Backdoor/BAT.WebShell.ez!crit!submit [-] Backdoor/HTML.WebShell.a!crit!submit [-] Backdoor/HTML.WebShell.b!crit!submit [-] Backdoor/HTML.WebShell.bz!crit!submit [-] Backdoor/HTML.WebShell.c!crit!submit [-] Backdoor/HTML.WebShell.cb!crit!submit [-] Backdoor/HTML.WebShell.cc!crit!submit [-] Backdoor/HTML.WebShell.cf!crit!submit [-] Backdoor/HTML.WebShell.cg!crit!submit [-] Backdoor/HTML.WebShell.ch!crit!submit [-] Backdoor/HTML.WebShell.ci!crit!submit [-] Backdoor/HTML.WebShell.cj!crit!submit [-] Backdoor/HTML.WebShell.cl!crit!submit [-] Backdoor/HTML.WebShell.cn!crit!submit [-] Backdoor/HTML.WebShell.cq!crit!submit [-] Backdoor/HTML.WebShell.cs!crit!submit [-] Backdoor/HTML.WebShell.ct!crit!submit [-] Backdoor/HTML.WebShell.cu!crit!submit [-] Backdoor/HTML.WebShell.cw!crit!submit [-] Backdoor/HTML.WebShell.cy!crit!submit [-] Backdoor/HTML.WebShell.cz!crit!submit [-] Backdoor/HTML.WebShell.d!crit!submit [-] Backdoor/HTML.WebShell.db!crit!submit [-] Backdoor/HTML.WebShell.dc!crit!submit [-] Backdoor/HTML.WebShell.dd!crit!submit [-] Backdoor/HTML.WebShell.de!crit!submit [-] Backdoor/HTML.WebShell.dh!crit!submit [-] Backdoor/HTML.WebShell.di!crit!submit [-] Backdoor/HTML.WebShell.dj!crit!submit [-] Backdoor/HTML.WebShell.dl!crit!submit [-] Backdoor/HTML.WebShell.dn!crit!submit [-] Backdoor/HTML.WebShell.do!crit!submit [-] Backdoor/HTML.WebShell.dt!crit!submit [-] Backdoor/HTML.WebShell.du!crit!submit [-] Backdoor/HTML.WebShell.dx!crit!submit [-] Backdoor/HTML.WebShell.dy!crit!submit [-] Backdoor/HTML.WebShell.dz!crit!submit [-] Backdoor/HTML.WebShell.e!crit!submit [-] Backdoor/HTML.WebShell.ea!crit!submit [-] Backdoor/HTML.WebShell.eb!crit!submit [-] Backdoor/HTML.WebShell.ec!crit!submit [-] Backdoor/HTML.WebShell.ed!crit!submit [-] Backdoor/HTML.WebShell.ee!crit!submit [-] Backdoor/HTML.WebShell.eh!crit!submit [-] Backdoor/HTML.WebShell.en!crit!submit [-] Backdoor/HTML.WebShell.ep!crit!submit [-] Backdoor/HTML.WebShell.eq!crit!submit [-] Backdoor/HTML.WebShell.er!crit!submit [-] Backdoor/HTML.WebShell.et!crit!submit [-] Backdoor/HTML.WebShell.eu!crit!submit [-] Backdoor/HTML.WebShell.ev!crit!submit [-] Backdoor/HTML.WebShell.ew!crit!submit [-] Backdoor/HTML.WebShell.ex!crit!submit [-] Backdoor/HTML.WebShell.f!crit!submit [-] Backdoor/HTML.WebShell.fa!crit!submit [-] Backdoor/HTML.WebShell.fc!crit!submit [-] Backdoor/HTML.WebShell.fd!crit!submit [-] Backdoor/HTML.WebShell.fe!crit!submit [-] Backdoor/HTML.WebShell.ff!crit!submit [-] Backdoor/HTML.WebShell.fg!crit!submit [-] Backdoor/HTML.WebShell.fh!crit!submit [-] Backdoor/HTML.WebShell.fi!crit!submit [-] Backdoor/HTML.WebShell.fk!crit!submit [-] Backdoor/HTML.WebShell.fl!crit!submit [-] Backdoor/HTML.WebShell.fm!crit!submit [-] Backdoor/HTML.WebShell.g!crit!submit [-] Backdoor/HTML.WebShell.h!crit!submit [-] Backdoor/HTML.WebShell.i!crit!submit [-] Backdoor/JS.WebShell.a!crit!submit [-] Backdoor/JS.WebShell.bw!crit!submit [-] Backdoor/JS.WebShell.bx!crit!submit [-] Backdoor/JS.WebShell.by!crit!submit [-] Backdoor/JS.WebShell.ca!crit!submit [-] Backdoor/JS.WebShell.cd!crit!submit [-] Backdoor/JS.WebShell.ce!crit!submit [-] Backdoor/JS.WebShell.ck!crit!submit [-] Backdoor/JS.WebShell.cm!crit!submit [-] Backdoor/JS.WebShell.co!crit!submit [-] Backdoor/JS.WebShell.cp!crit!submit [-] Backdoor/JS.WebShell.cr!crit!submit [-] Backdoor/JS.WebShell.cv!crit!submit [-] Backdoor/JS.WebShell.cx!crit!submit [-] Backdoor/JS.WebShell.da!crit!submit [-] Backdoor/JS.WebShell.df!crit!submit [-] Backdoor/JS.WebShell.dg!crit!submit [-] Backdoor/JS.WebShell.dk!crit!submit [-] Backdoor/JS.WebShell.dm!crit!submit [-] Backdoor/JS.WebShell.dp!crit!submit [-] Backdoor/JS.WebShell.dq!crit!submit [-] Backdoor/JS.WebShell.dr!crit!submit [-] Backdoor/JS.WebShell.ds!crit!submit [-] Backdoor/JS.WebShell.dv!crit!submit [-] Backdoor/JS.WebShell.dw!crit!submit [-] Backdoor/JS.WebShell.dx!crit!submit [-] Backdoor/JS.WebShell.dy!crit!submit [-] Backdoor/JS.WebShell.dz!crit!submit [-] Backdoor/JS.WebShell.eb!crit!submit [-] Backdoor/JS.WebShell.ec!crit!submit [-] Backdoor/JS.WebShell.ed!crit!submit [-] Backdoor/JS.WebShell.ee!crit!submit [-] Backdoor/JS.WebShell.ef!crit!submit [-] Backdoor/JS.WebShell.eg!crit!submit [-] Backdoor/JS.WebShell.ei!crit!submit [-] Backdoor/JS.WebShell.ej!crit!submit [-] Backdoor/JS.WebShell.ek!crit!submit [-] Backdoor/JS.WebShell.el!crit!submit [-] Backdoor/JS.WebShell.em!crit!submit [-] Backdoor/JS.WebShell.eo!crit!submit [-] Backdoor/JS.WebShell.ep!crit!submit [-] Backdoor/JS.WebShell.eq!crit!submit [-] Backdoor/JS.WebShell.es!crit!submit [-] Backdoor/JS.WebShell.et!crit!submit [-] Backdoor/JS.WebShell.ev!crit!submit [-] Backdoor/JS.WebShell.ew!crit!submit [-] Backdoor/JS.WebShell.ex!crit!submit [-] Backdoor/JS.WebShell.ey!crit!submit [-] Backdoor/JS.WebShell.ez!crit!submit [-] Backdoor/JS.WebShell.fa!crit!submit [-] Backdoor/JS.WebShell.fb!crit!submit [-] Backdoor/JS.WebShell.fc!crit!submit [-] Backdoor/JS.WebShell.fd!crit!submit [-] Backdoor/JS.WebShell.ff!crit!submit [-] Backdoor/JS.WebShell.fg!crit!submit [-] Backdoor/JS.WebShell.fn!crit!submit [-] Backdoor/JS.WebShell.fp!crit!submit [-] Backdoor/JS.WebShell.fr!crit!submit [-] Backdoor/PHP.WebShell.ak!crit!submit [-] Backdoor/PHP.WebShell.al!crit!submit [-] Backdoor/PHP.WebShell.am!crit!submit [-] Backdoor/PHP.WebShell.an!crit!submit [-] Backdoor/PHP.WebShell.er!crit!submit [-] Backdoor/PHP.WebShell.eu!crit!submit [-] Backdoor/PHP.WebShell.fe!crit!submit [-] Backdoor/PHP.WebShell.fh!crit!submit [-] Backdoor/VBS.WebShell.b!crit!submit [-] Backdoor/VBS.WebShell.c!crit!submit [-] Backdoor/VBS.WebShell.d!crit!submit [-] Backdoor/VBS.WebShell.e!crit!submit [-] Backdoor/VBS.WebShell.es!crit!submit [-] Backdoor/VBS.WebShell.f!crit!submit [-] Backdoor/VBS.WebShell.fb!crit!submit [-] Backdoor/VBS.WebShell.fn!crit!submit [-] Backdoor/VBS.WebShell.fq!crit!submit [-] Backdoor/VBS.WebShell.g!crit!submit [-] Backdoor/VBS.WebShell.h!crit!submit [-] Backdoor/VBS.WebShell.i!crit!submit [-] Backdoor/VBS.WebShell.j!crit!submit [-] Backdoor/VBS.WebShell.k!crit!submit [-] Backdoor/VBS.WebShell.l!crit!submit [-] Backdoor/VBS.WebShell.m!crit!submit [-] Backdoor/VBS.WebShell.n!crit!submit [-] Backdoor/VBS.WebShell.o!crit!submit [-] Backdoor/VBS.WebShell.p!crit!submit [-] Backdoor/VBS.WebShell.q!crit!submit [-] Backdoor/VBS.WebShell.r!crit!submit [-] Backdoor/VBS.WebShell.s!crit!submit [-] Backdoor/VBS.WebShell.t!crit!submit [-] Backdoor/VBS.WebShell.u!crit!submit [-] Backdoor/W32.Lotok.ap!crit!submit [-] Backdoor/W32.Lotok.aq!crit!submit [-] Exploit/SCR.CVE-2026-21509.d!crit!submit [-] Joke/W64.CrazyScreen.a!crit!submit [-] Ransom/Python.LockFile.c!crit!submit [-] Ransom/W32.Babuk.a!crit!submit [-] Ransom/W64.Zetarink.a!crit!submit [-] Trojan/BAT.Loader.a!crit!submit [-] Trojan/BAT.Runner.c!crit!submit [-] Trojan/JS.Obfuscated.s!crit!submit [-] Trojan/JS.Obfuscated.t!crit!submit [-] Trojan/JS.Obfuscated.u!crit!submit [-] Trojan/JS.Obfuscated.v!crit!submit [-] Trojan/Linux.Agent.gvk!crit!submit [-] Trojan/Linux.Mirai.r!crit!submit [-] Trojan/MSIL.Obfuscated.bi!crit!submit [-] Trojan/MSIL.Obfuscated.bj!crit!submit [-] Trojan/PS.ReverseShell.b!crit!submit [-] Trojan/PS.ReverseShell.c!crit!submit [-] Trojan/Python.Agent.d!crit!submit [-] Trojan/SCR.Agent.gg!crit!submit [-] Trojan/SCR.Agent.gh!crit!submit [-] Trojan/SCR.Agent.gi!crit!submit [-] Trojan/SCR.FakeApp.dd!crit!submit [-] Trojan/SCR.Phishing.b!crit!submit [-] Trojan/SCR.ShellCode.u!crit!submit [-] Trojan/SRC.Loader.a!crit!submit [-] Trojan/W32.0KBAttack.a!crit!submit [-] Trojan/W32.KillWin.d!crit!submit [-] Trojan/W32.Loader.q!crit!submit [-] Trojan/W32.ShellLoader.akm!crit!submit [-] Trojan/W64.Agent.m!crit!submit [-] Trojan/W64.CoinMiner.c!crit!submit [-] Trojan/W64.Injector.m!crit!submit [-] Trojan/W64.KillWin.e!crit!submit [-] TrojanDownloader/BAT.Agent.m!crit!submit [-] TrojanDownloader/JS.Agent.e!crit!submit [-] TrojanDownloader/Linux.Agent.r!crit!submit [-] TrojanDownloader/Linux.Agent.s!crit!submit [-] TrojanDownloader/PS.Agent.cf!crit!submit [-] TrojanDownloader/PS.Agent.cg!crit!submit [-] TrojanDownloader/VBS.Agent.d!crit!submit [-] TrojanDownloader/W32.Agent.p!crit!submit ```1772105210 - 2026-02-26 11:26:50 UTC
#### 特征项变更 ([pset.txt](data/1772105210.pset.txt))新增正式定义: 35 | 移除正式定义: 1
``` [+] Exploit/CVE-2003-0352 [+] HEUR:TrojanDownloader/Linux.Agent.ek [+] HVM:TrojanDownloader/Agent.cg [+] Joke/BAT.Popupwindow.j [+] Joke/BlueScreen.b [+] Trojan/BAT.KillWin.be [+] Trojan/BAT.Loader.u [+] Trojan/BAT.Loader.v [+] Trojan/BAT.Loader.w [+] Trojan/FakeApp.afk [+] Trojan/FakeApp.afl [+] Trojan/FakeApp.afm [+] Trojan/FakeApp.afn [+] Trojan/FakeApp.afo [+] Trojan/HTML.Redirector.bz [+] Trojan/KillMBR.cq [+] Trojan/Linux.DDos.bo [+] Trojan/Obfuscated.oe [+] Trojan/Obfuscated.of [+] Trojan/SelfDel.a [+] Trojan/ShellLoader.aje [+] Trojan/W64.Agent.hi [+] Trojan/W64.Agent.hj [+] TrojanDownloader/Agent.bmn [+] TrojanDownloader/JS.Agent.io [+] TrojanDownloader/Linux.Agent.ej [+] TrojanDownloader/Maloader.bs [+] TrojanDownloader/PS.Netloader.lu [+] TrojanDropper/Agent.amh [+] TrojanDropper/BAT.Agent.bs [+] TrojanDropper/BAT.Agent.bt [+] TrojanDropper/BAT.Agent.bu [+] TrojanDropper/VBS.Agent.ei [+] TrojanSpy/W64.Stealer.ag [+] TrojanSpy/W64.Stealer.ah [-] HVM:Backdoor/Lotok.cq ```新增遥测定义: 64 | 移除遥测定义: 38
``` [+] Adware/Android.PornTool.n!submit [+] Backdoor/Agent.rj!submit [+] Backdoor/Agent.rk!submit [+] Backdoor/W64.Agent.p!submit [+] Exploit/Linux.CVE-2003-0352.b!submit [+] HEUR:Trojan/BAT.Loader.x!submit [+] HEUR:Trojan/PS.Loader.y!submit [+] HEUR:Trojan/Runner.fy!submit [+] HEUR:TrojanDownloader/Agent.dn!submit [+] HEUR:TrojanDownloader/LNK.Agent.hk!submit [+] HEUR:TrojanDownloader/VBS.Agent.ko!submit [+] HEUR:TrojanDropper/BAT.Agent.bv!submit [+] HVM:Backdoor/Lotok.cq!submit [+] HVM:Trojan/CoinMiner.g!submit [+] HVM:Trojan/Loader.ny!submit [+] HVM:TrojanDownloader/W64.Agent.de!submit [+] Joke/CrazyScreen.ba!submit [+] Trojan/Agent.cmh!submit [+] Trojan/Agent.cmi!submit [+] Trojan/Android.FakeApp.q!submit [+] Trojan/BAT.KillWin.bf!submit [+] Trojan/BAT.KillWin.bg!submit [+] Trojan/BAT.Loader.x!submit [+] Trojan/BAT.Obfuscated.aw!submit [+] Trojan/BAT.Obfuscated.ax!submit [+] Trojan/KillAv.dg!submit [+] Trojan/KillWin.dq!submit [+] Trojan/KillWin.dr!submit [+] Trojan/Linux.DDos.bp!submit [+] Trojan/Linux.Mirai.hj!submit [+] Trojan/Loader.ny!submit [+] Trojan/MSIL.KillFiles.a!submit [+] Trojan/MSIL.Obfuscated.kw!submit [+] Trojan/PS.Injector.e!submit [+] Trojan/PS.Injector.f!submit [+] Trojan/Runner.fx!submit [+] Trojan/ShellLoader.ajg!submit [+] Trojan/W64.Agent.hk!submit [+] Trojan/W64.Agent.hl!submit [+] Trojan/W64.Agent.hm!submit [+] Trojan/W64.Injector.co!submit [+] Trojan/W64.Injector.cp!submit [+] TrojanDownloader/Agent.bmo!submit [+] TrojanDownloader/BAT.Agent.gj!submit [+] TrojanDownloader/JS.Agent.ip!submit [+] TrojanDownloader/Linux.Agent.ek!submit [+] TrojanDownloader/Linux.Agent.el!submit [+] TrojanDownloader/Linux.Agent.em!submit [+] TrojanDownloader/Maloader.bt!submit [+] TrojanDownloader/PS.Agent.gc!submit [+] TrojanDownloader/PS.Agent.gd!submit [+] TrojanDownloader/PS.Agent.ge!submit [+] TrojanDownloader/PS.Agent.gf!submit [+] TrojanDownloader/VBS.Agent.km!submit [+] TrojanDownloader/VBS.Agent.kn!submit [+] TrojanDropper/Agent.ami!submit [+] TrojanDropper/Agent.amj!submit [+] TrojanDropper/Agent.amk!submit [+] TrojanDropper/Agent.aml!submit [+] TrojanDropper/VBS.Agent.ej!submit [+] TrojanSpy/Stealer.to!submit [+] TrojanSpy/Stealer.tp!submit [+] TrojanSpy/Stealer.tq!submit [+] TrojanSpy/W64.Stealer.ai!submit [-] HEUR:Trojan/KillWin.dq!submit [-] HEUR:TrojanDownloader/Linux.Agent.ek!submit [-] HVM:TrojanDownloader/Agent.cg!submit [-] Joke/BAT.Popupwindow.j!submit [-] Joke/BlueScreen.b!submit [-] Trojan/Agent.cmg!submit [-] Trojan/BAT.KillWin.be!submit [-] Trojan/BAT.Loader.u!submit [-] Trojan/BAT.Loader.v!submit [-] Trojan/BAT.Loader.w!submit [-] Trojan/FakeApp.afk!submit [-] Trojan/FakeApp.afl!submit [-] Trojan/FakeApp.afm!submit [-] Trojan/FakeApp.afn!submit [-] Trojan/FakeApp.afo!submit [-] Trojan/HTML.Redirector.bz!submit [-] Trojan/KillMBR.cq!submit [-] Trojan/KillWin.do!submit [-] Trojan/KillWin.dp!submit [-] Trojan/Linux.DDos.bo!submit [-] Trojan/Obfuscated.of!submit [-] Trojan/Runner.fr!submit [-] Trojan/SelfDel.a!submit [-] Trojan/ShellLoader.ajd!submit [-] Trojan/W64.Agent.hi!submit [-] Trojan/W64.Agent.hj!submit [-] TrojanDownloader/Agent.bmn!submit [-] TrojanDownloader/JS.Agent.io!submit [-] TrojanDownloader/Linux.Agent.ej!submit [-] TrojanDownloader/Maloader.bs!submit [-] TrojanDownloader/PS.Netloader.lu!submit [-] TrojanDropper/Agent.amh!submit [-] TrojanDropper/BAT.Agent.bs!submit [-] TrojanDropper/BAT.Agent.bt!submit [-] TrojanDropper/BAT.Agent.bu!submit [-] TrojanDropper/VBS.Agent.ei!submit [-] TrojanSpy/W64.Stealer.ag!submit [-] TrojanSpy/W64.Stealer.ah!submit ```新增正式定义: 46
``` [+] Adware/Android.PornTool.j!crit [+] Backdoor/HTML.WebShell.bm!crit [+] Backdoor/HTML.WebShell.bn!crit [+] Backdoor/JS.WebShell.ba!crit [+] Backdoor/JS.WebShell.bb!crit [+] Backdoor/JS.WebShell.bc!crit [+] Backdoor/JS.WebShell.bd!crit [+] Backdoor/JS.WebShell.be!crit [+] Backdoor/JS.WebShell.bf!crit [+] Backdoor/JS.WebShell.bg!crit [+] Backdoor/JS.WebShell.bh!crit [+] Backdoor/JS.WebShell.bi!crit [+] Backdoor/JS.WebShell.bj!crit [+] Backdoor/JS.WebShell.bk!crit [+] Backdoor/JS.WebShell.bl!crit [+] Backdoor/JS.WebShell.bo!crit [+] Backdoor/JS.WebShell.bp!crit [+] Backdoor/JS.WebShell.bq!crit [+] Backdoor/JS.WebShell.br!crit [+] Backdoor/JS.WebShell.bs!crit [+] Backdoor/JS.WebShell.bt!crit [+] Backdoor/JS.WebShell.bu!crit [+] Backdoor/JS.WebShell.bv!crit [+] Backdoor/JS.WebShell.r!crit [+] Backdoor/JS.WebShell.s!crit [+] Backdoor/JS.WebShell.t!crit [+] Backdoor/JS.WebShell.u!crit [+] Backdoor/JS.WebShell.v!crit [+] Backdoor/JS.WebShell.w!crit [+] Backdoor/JS.WebShell.x!crit [+] Backdoor/JS.WebShell.y!crit [+] Backdoor/JS.WebShell.z!crit [+] Backdoor/W32.Lotok.an!crit [+] Backdoor/W32.Lotok.ao!crit [+] Trojan/HTML.Refresh.a!crit [+] Trojan/JS.Obfuscated.q!crit [+] Trojan/JS.Obfuscated.r!crit [+] Trojan/Linux.DDos.c!crit [+] Trojan/Linux.Mirai.p!crit [+] Trojan/Linux.Mirai.q!crit [+] Trojan/MSIL.Obfuscated.bh!crit [+] Trojan/W32.Obfuscated.h!crit [+] Trojan/W32.ShellLoader.akl!crit [+] TrojanDownloader/JS.Agent.d!crit [+] TrojanDownloader/Linux.Agent.q!crit [+] TrojanDropper/W32.Agent.aj!crit ```新增遥测定义: 47 | 移除遥测定义: 47
``` [+] Adware/Android.PornTool.k!crit!submit [+] Adware/Android.PornTool.l!crit!submit [+] Adware/Android.PornTool.m!crit!submit [+] Backdoor/W32.Lotok.ap!crit!submit [+] Backdoor/W32.Lotok.aq!crit!submit [+] Exploit/SCR.CVE-2026-21509.d!crit!submit [+] Exploit/W32.Vulndriver.aa!crit!submit [+] Joke/W64.CrazyScreen.a!crit!submit [+] Ransom/Python.LockFile.c!crit!submit [+] Ransom/W32.Babuk.a!crit!submit [+] Ransom/W64.Zetarink.a!crit!submit [+] Trojan/BAT.Loader.a!crit!submit [+] Trojan/BAT.Runner.c!crit!submit [+] Trojan/JS.Obfuscated.s!crit!submit [+] Trojan/JS.Obfuscated.t!crit!submit [+] Trojan/JS.Obfuscated.u!crit!submit [+] Trojan/JS.Obfuscated.v!crit!submit [+] Trojan/Linux.Agent.gvk!crit!submit [+] Trojan/Linux.Mirai.r!crit!submit [+] Trojan/MSIL.Obfuscated.bi!crit!submit [+] Trojan/MSIL.Obfuscated.bj!crit!submit [+] Trojan/PS.ReverseShell.b!crit!submit [+] Trojan/PS.ReverseShell.c!crit!submit [+] Trojan/Python.Agent.d!crit!submit [+] Trojan/SCR.Agent.gg!crit!submit [+] Trojan/SCR.Agent.gh!crit!submit [+] Trojan/SCR.Agent.gi!crit!submit [+] Trojan/SCR.FakeApp.dd!crit!submit [+] Trojan/SCR.Phishing.b!crit!submit [+] Trojan/SCR.ShellCode.u!crit!submit [+] Trojan/SRC.Loader.a!crit!submit [+] Trojan/W32.0KBAttack.a!crit!submit [+] Trojan/W32.KillWin.d!crit!submit [+] Trojan/W32.Loader.q!crit!submit [+] Trojan/W32.ShellLoader.akm!crit!submit [+] Trojan/W64.Agent.m!crit!submit [+] Trojan/W64.CoinMiner.c!crit!submit [+] Trojan/W64.Injector.m!crit!submit [+] Trojan/W64.KillWin.e!crit!submit [+] TrojanDownloader/BAT.Agent.m!crit!submit [+] TrojanDownloader/JS.Agent.e!crit!submit [+] TrojanDownloader/Linux.Agent.r!crit!submit [+] TrojanDownloader/Linux.Agent.s!crit!submit [+] TrojanDownloader/PS.Agent.cf!crit!submit [+] TrojanDownloader/PS.Agent.cg!crit!submit [+] TrojanDownloader/VBS.Agent.d!crit!submit [+] TrojanDownloader/W32.Agent.p!crit!submit [-] Adware/Android.PornTool.j!crit!submit [-] Backdoor/HTML.WebShell.bm!crit!submit [-] Backdoor/HTML.WebShell.bn!crit!submit [-] Backdoor/JS.WebShell.ba!crit!submit [-] Backdoor/JS.WebShell.bb!crit!submit [-] Backdoor/JS.WebShell.bc!crit!submit [-] Backdoor/JS.WebShell.bd!crit!submit [-] Backdoor/JS.WebShell.be!crit!submit [-] Backdoor/JS.WebShell.bf!crit!submit [-] Backdoor/JS.WebShell.bg!crit!submit [-] Backdoor/JS.WebShell.bh!crit!submit [-] Backdoor/JS.WebShell.bi!crit!submit [-] Backdoor/JS.WebShell.bj!crit!submit [-] Backdoor/JS.WebShell.bk!crit!submit [-] Backdoor/JS.WebShell.bl!crit!submit [-] Backdoor/JS.WebShell.bo!crit!submit [-] Backdoor/JS.WebShell.bp!crit!submit [-] Backdoor/JS.WebShell.bq!crit!submit [-] Backdoor/JS.WebShell.br!crit!submit [-] Backdoor/JS.WebShell.bs!crit!submit [-] Backdoor/JS.WebShell.bt!crit!submit [-] Backdoor/JS.WebShell.bu!crit!submit [-] Backdoor/JS.WebShell.bv!crit!submit [-] Backdoor/JS.WebShell.r!crit!submit [-] Backdoor/JS.WebShell.s!crit!submit [-] Backdoor/JS.WebShell.t!crit!submit [-] Backdoor/JS.WebShell.u!crit!submit [-] Backdoor/JS.WebShell.v!crit!submit [-] Backdoor/JS.WebShell.w!crit!submit [-] Backdoor/JS.WebShell.x!crit!submit [-] Backdoor/JS.WebShell.y!crit!submit [-] Backdoor/JS.WebShell.z!crit!submit [-] Backdoor/W32.Lotok.am!crit!submit [-] Backdoor/W32.Lotok.an!crit!submit [-] Backdoor/W32.Lotok.ao!crit!submit [-] Trojan/HTML.Refresh.a!crit!submit [-] Trojan/JS.Obfuscated.q!crit!submit [-] Trojan/JS.Obfuscated.r!crit!submit [-] Trojan/Linux.DDos.c!crit!submit [-] Trojan/Linux.Mirai.p!crit!submit [-] Trojan/Linux.Mirai.q!crit!submit [-] Trojan/MSIL.Obfuscated.bh!crit!submit [-] Trojan/W32.Obfuscated.h!crit!submit [-] Trojan/W32.ShellLoader.akl!crit!submit [-] TrojanDownloader/JS.Agent.d!crit!submit [-] TrojanDownloader/Linux.Agent.q!crit!submit [-] TrojanDropper/W32.Agent.aj!crit!submit ```移除: 1
``` [-] Trojan/Injector.AF ```1772011742 - 2026-02-25 09:29:02 UTC
#### 特征项变更 ([pset.txt](data/1772011742.pset.txt))新增正式定义: 44 | 移除正式定义: 1
``` [+] HEUR:Trojan/FakeApp.ax [+] HVM:Backdoor/Lotok.cr [+] HVM:TrojanDownloader/W64.Agent.de [+] HackTool/Python.StealerBuilder.b [+] Joke/Popupwindow.a [+] Ransom/LockScreen.dc [+] Ransom/MSIL.LockFile.dv [+] Trojan/FakeApp.aex [+] Trojan/FakeApp.aey [+] Trojan/FakeApp.aez [+] Trojan/FakeApp.afa [+] Trojan/FakeApp.afb [+] Trojan/FakeApp.afc [+] Trojan/FakeApp.afd [+] Trojan/FakeApp.afe [+] Trojan/FakeApp.aff [+] Trojan/FakeApp.afg [+] Trojan/FakeApp.afh [+] Trojan/FakeApp.afi [+] Trojan/FakeApp.afj [+] Trojan/Injector.cmh [+] Trojan/LNK.Runner.bl [+] Trojan/Linux.DDos.f [+] Trojan/Loader.nw [+] Trojan/Loader.nx [+] Trojan/MSIL.Obfuscated.kv [+] Trojan/PS.Agent.bu [+] Trojan/PS.Loader.x [+] Trojan/Runner.fr [+] Trojan/Runner.fs [+] Trojan/Runner.ft [+] Trojan/Runner.fu [+] Trojan/Runner.fv [+] Trojan/Runner.fw [+] Trojan/ShellLoader.ajc [+] Trojan/ShellLoader.ajd [+] TrojanDownloader/HTML.Agent.bm [+] TrojanDownloader/JS.Agent.in [+] TrojanDownloader/PS.Agent.ga [+] TrojanDownloader/PS.Agent.gb [+] TrojanDropper/Agent.amf [+] TrojanDropper/Agent.amg [+] TrojanDropper/BAT.Agent.br [+] TrojanDropper/JS.Agent.ch [-] Trojan/HTML.Redirector.bz ```新增遥测定义: 32 | 移除遥测定义: 41
``` [+] HEUR:Trojan/KillWin.dq!submit [+] HEUR:TrojanDownloader/Linux.Agent.ek!submit [+] HVM:TrojanDownloader/Agent.cg!submit [+] Joke/BAT.Popupwindow.j!submit [+] Joke/BlueScreen.b!submit [+] Trojan/BAT.KillWin.be!submit [+] Trojan/BAT.Loader.u!submit [+] Trojan/BAT.Loader.v!submit [+] Trojan/BAT.Loader.w!submit [+] Trojan/FakeApp.afk!submit [+] Trojan/FakeApp.afl!submit [+] Trojan/FakeApp.afm!submit [+] Trojan/FakeApp.afn!submit [+] Trojan/FakeApp.afo!submit [+] Trojan/HTML.Redirector.bz!submit [+] Trojan/KillMBR.cq!submit [+] Trojan/Linux.DDos.bo!submit [+] Trojan/SelfDel.a!submit [+] Trojan/ShellLoader.aje!submit [+] Trojan/ShellLoader.ajf!submit [+] Trojan/W64.Agent.hi!submit [+] Trojan/W64.Agent.hj!submit [+] TrojanDownloader/Agent.bmn!submit [+] TrojanDownloader/JS.Agent.io!submit [+] TrojanDownloader/Linux.Agent.ej!submit [+] TrojanDropper/Agent.amh!submit [+] TrojanDropper/BAT.Agent.bs!submit [+] TrojanDropper/BAT.Agent.bt!submit [+] TrojanDropper/BAT.Agent.bu!submit [+] TrojanDropper/VBS.Agent.ei!submit [+] TrojanSpy/W64.Stealer.ag!submit [+] TrojanSpy/W64.Stealer.ah!submit [-] HEUR:Trojan/FakeApp.ax!submit [-] HVM:Backdoor/Lotok.cr!submit [-] HVM:TrojanDownloader/W64.Agent.de!submit [-] HackTool/Python.StealerBuilder.b!submit [-] Joke/Popupwindow.a!submit [-] Ransom/LockScreen.dc!submit [-] Ransom/MSIL.LockFile.dv!submit [-] Trojan/FakeApp.aex!submit [-] Trojan/FakeApp.aey!submit [-] Trojan/FakeApp.aez!submit [-] Trojan/FakeApp.afa!submit [-] Trojan/FakeApp.afb!submit [-] Trojan/FakeApp.afc!submit [-] Trojan/FakeApp.afd!submit [-] Trojan/FakeApp.afe!submit [-] Trojan/FakeApp.aff!submit [-] Trojan/FakeApp.afg!submit [-] Trojan/FakeApp.afh!submit [-] Trojan/FakeApp.afi!submit [-] Trojan/FakeApp.afj!submit [-] Trojan/Injector.cmh!submit [-] Trojan/LNK.Runner.bl!submit [-] Trojan/Linux.DDos.f!submit [-] Trojan/Loader.nw!submit [-] Trojan/Loader.nx!submit [-] Trojan/MSIL.Obfuscated.kv!submit [-] Trojan/PS.Agent.bu!submit [-] Trojan/PS.Loader.x!submit [-] Trojan/Runner.fs!submit [-] Trojan/Runner.ft!submit [-] Trojan/Runner.fu!submit [-] Trojan/Runner.fv!submit [-] Trojan/Runner.fw!submit [-] TrojanDownloader/HTML.Agent.bm!submit [-] TrojanDownloader/JS.Agent.in!submit [-] TrojanDownloader/PS.Agent.ga!submit [-] TrojanDownloader/PS.Agent.gb!submit [-] TrojanDropper/Agent.amf!submit [-] TrojanDropper/Agent.amg!submit [-] TrojanDropper/BAT.Agent.br!submit [-] TrojanDropper/JS.Agent.ch!submit ```新增正式定义: 20
``` [+] Backdoor/Linux.Gafgyt.d!crit [+] Backdoor/Linux.Mirai.g!crit [+] Exploit/W32.CVE-2026-21508.a!crit [+] Ransom/Python.LockFile.c!crit [+] Trojan/JS.Obfuscated.o!crit [+] Trojan/JS.Obfuscated.p!crit [+] Trojan/MSIL.Obfuscated.bg!crit [+] Trojan/W32.FakeApp.v!crit [+] Trojan/W32.FakeApp.w!crit [+] Trojan/W32.ShellLoader.aki!crit [+] Trojan/W32.ShellLoader.akj!crit [+] Trojan/W32.ShellLoader.akk!crit [+] Trojan/W64.Injector.l!crit [+] Trojan/W64.KillWin.c!crit [+] TrojanDownloader/PS.Agent.cc!crit [+] TrojanDownloader/PS.Agent.cd!crit [+] TrojanDownloader/Ps.Agent.ce!crit [+] TrojanDownloader/SRC.Agent.c!crit [+] TrojanDownloader/VBS.Agent.c!crit [+] TrojanSpy/Python.Clipper.a!crit ```新增遥测定义: 15 | 移除遥测定义: 21
``` [+] Adware/Android.PornTool.j!crit!submit [+] Backdoor/W32.Lotok.am!crit!submit [+] Backdoor/W32.Lotok.an!crit!submit [+] Backdoor/W32.Lotok.ao!crit!submit [+] Trojan/HTML.Refresh.a!crit!submit [+] Trojan/JS.Obfuscated.q!crit!submit [+] Trojan/JS.Obfuscated.r!crit!submit [+] Trojan/Linux.DDos.c!crit!submit [+] Trojan/Linux.Mirai.p!crit!submit [+] Trojan/Linux.Mirai.q!crit!submit [+] Trojan/MSIL.Obfuscated.bh!crit!submit [+] Trojan/W32.ShellLoader.akl!crit!submit [+] TrojanDownloader/JS.Agent.d!crit!submit [+] TrojanDownloader/Linux.Agent.q!crit!submit [+] TrojanDropper/W32.Agent.aj!crit!submit [-] Backdoor/Linux.Gafgyt.d!crit!submit [-] Backdoor/Linux.Mirai.g!crit!submit [-] Exploit/W32.CVE-2026-21508.a!crit!submit [-] Ransom/Python.LockFile.c!crit!submit [-] Trojan/JS.Obfuscated.o!crit!submit [-] Trojan/JS.Obfuscated.p!crit!submit [-] Trojan/MSIL.Obfuscated.bg!crit!submit [-] Trojan/W32.FakeApp.v!crit!submit [-] Trojan/W32.FakeApp.w!crit!submit [-] Trojan/W32.KillAV.a!crit!submit [-] Trojan/W32.ShellLoader.aki!crit!submit [-] Trojan/W32.ShellLoader.akj!crit!submit [-] Trojan/W32.ShellLoader.akk!crit!submit [-] Trojan/W64.Injector.l!crit!submit [-] Trojan/W64.KillWin.c!crit!submit [-] TrojanDownloader/PS.Agent.cc!crit!submit [-] TrojanDownloader/PS.Agent.cd!crit!submit [-] TrojanDownloader/Ps.Agent.ce!crit!submit [-] TrojanDownloader/SRC.Agent.c!crit!submit [-] TrojanDownloader/VBS.Agent.c!crit!submit [-] TrojanSpy/Python.Clipper.a!crit!submit ```1771927914 - 2026-02-24 10:11:54 UTC
#### 特征项变更 ([pset.txt](data/1771927914.pset.txt))新增正式定义: 21
``` [+] Backdoor/Lotok.oq [+] HVM:Backdoor/Lotok.cq [+] Trojan/Agent.cmg [+] Trojan/FakeApp.aev [+] Trojan/FakeApp.aew [+] Trojan/KillWin.do [+] Trojan/KillWin.dp [+] Trojan/LNK.Starter.dc [+] Trojan/Skills.a [+] Trojan/Skills.b [+] TrojanDownloader/Agent.bmi [+] TrojanDownloader/Agent.bmj [+] TrojanDownloader/Agent.bmk [+] TrojanDownloader/Agent.bml [+] TrojanDownloader/Agent.bmm [+] TrojanDropper/Agent.ajs [+] TrojanDropper/Agent.amd [+] TrojanDropper/Agent.ame [+] TrojanSpy/AutoIT.Stealer.l [+] TrojanSpy/AutoIT.Stealer.m [+] TrojanSpy/AutoIT.Stealer.n ```新增遥测定义: 50 | 移除遥测定义: 21
``` [+] HEUR:Trojan/FakeApp.ax!submit [+] HVM:Backdoor/Lotok.cr!submit [+] HVM:Trojan/Agent.w!submit [+] HVM:TrojanDownloader/W64.Agent.de!submit [+] HackTool/Python.StealerBuilder.b!submit [+] Joke/Popupwindow.a!submit [+] Ransom/LockScreen.dc!submit [+] Ransom/MSIL.LockFile.dv!submit [+] Trojan/FakeApp.aex!submit [+] Trojan/FakeApp.aey!submit [+] Trojan/FakeApp.aez!submit [+] Trojan/FakeApp.afa!submit [+] Trojan/FakeApp.afb!submit [+] Trojan/FakeApp.afc!submit [+] Trojan/FakeApp.afd!submit [+] Trojan/FakeApp.afe!submit [+] Trojan/FakeApp.aff!submit [+] Trojan/FakeApp.afg!submit [+] Trojan/FakeApp.afh!submit [+] Trojan/FakeApp.afi!submit [+] Trojan/FakeApp.afj!submit [+] Trojan/Injector.cmh!submit [+] Trojan/LNK.Runner.bl!submit [+] Trojan/Linux.DDos.f!submit [+] Trojan/Linux.Mirai.hg!submit [+] Trojan/Linux.Mirai.hh!submit [+] Trojan/Linux.Mirai.hi!submit [+] Trojan/Loader.nw!submit [+] Trojan/Loader.nx!submit [+] Trojan/MSIL.Obfuscated.kv!submit [+] Trojan/Obfuscated.of!submit [+] Trojan/PS.Agent.bu!submit [+] Trojan/PS.Loader.x!submit [+] Trojan/Ramsay.c!submit [+] Trojan/Runner.fr!submit [+] Trojan/Runner.fs!submit [+] Trojan/Runner.ft!submit [+] Trojan/Runner.fu!submit [+] Trojan/Runner.fv!submit [+] Trojan/Runner.fw!submit [+] Trojan/ShellLoader.ajc!submit [+] Trojan/ShellLoader.ajd!submit [+] TrojanDownloader/HTML.Agent.bm!submit [+] TrojanDownloader/JS.Agent.in!submit [+] TrojanDownloader/PS.Agent.ga!submit [+] TrojanDownloader/PS.Agent.gb!submit [+] TrojanDropper/Agent.amf!submit [+] TrojanDropper/Agent.amg!submit [+] TrojanDropper/BAT.Agent.br!submit [+] TrojanDropper/JS.Agent.ch!submit [-] Backdoor/Lotok.oq!submit [-] HVM:Backdoor/Lotok.cq!submit [-] Trojan/FakeApp.aev!submit [-] Trojan/FakeApp.aew!submit [-] Trojan/FakeApp.kn!submit [-] Trojan/LNK.Starter.dc!submit [-] Trojan/Skills.a!submit [-] Trojan/Skills.b!submit [-] TrojanDownloader/Agent.bmi!submit [-] TrojanDownloader/Agent.bmj!submit [-] TrojanDownloader/Agent.bmk!submit [-] TrojanDownloader/Agent.bml!submit [-] TrojanDownloader/Agent.bmm!submit [-] TrojanDropper/Agent.abv!submit [-] TrojanDropper/Agent.ajs!submit [-] TrojanDropper/Agent.amd!submit [-] TrojanDropper/Agent.ame!submit [-] TrojanDropper/Agent.zn!submit [-] TrojanSpy/AutoIT.Stealer.l!submit [-] TrojanSpy/AutoIT.Stealer.m!submit [-] TrojanSpy/AutoIT.Stealer.n!submit ```新增正式定义: 10
``` [+] Rootkit/W32.Zdriver.a!crit [+] Rootkit/W64.Zdriver.a!crit [+] Trojan/SCR.ShellCode.t!crit [+] Trojan/W32.FakeApp.t!crit [+] Trojan/W32.FakeApp.u!crit [+] Trojan/W32.ShellLoader.akh!crit [+] Trojan/W64.DLLHijack.c!crit [+] Trojan/W64.Loader.e!crit [+] TrojanDownloader/SRC.Agent.a!crit [+] TrojanDownloader/SRC.Agent.b!crit ```新增遥测定义: 21 | 移除遥测定义: 11
``` [+] Backdoor/Linux.Gafgyt.d!crit!submit [+] Backdoor/Linux.Mirai.g!crit!submit [+] Ransom/Python.LockFile.c!crit!submit [+] Trojan/JS.Obfuscated.o!crit!submit [+] Trojan/JS.Obfuscated.p!crit!submit [+] Trojan/MSIL.Obfuscated.bg!crit!submit [+] Trojan/W32.FakeApp.v!crit!submit [+] Trojan/W32.FakeApp.w!crit!submit [+] Trojan/W32.Obfuscated.h!crit!submit [+] Trojan/W32.ShellLoader.aki!crit!submit [+] Trojan/W32.ShellLoader.akj!crit!submit [+] Trojan/W32.ShellLoader.akk!crit!submit [+] Trojan/W64.Agent.l!crit!submit [+] Trojan/W64.Injector.l!crit!submit [+] Trojan/W64.KillWin.c!crit!submit [+] TrojanDownloader/PS.Agent.cc!crit!submit [+] TrojanDownloader/PS.Agent.cd!crit!submit [+] TrojanDownloader/Ps.Agent.ce!crit!submit [+] TrojanDownloader/SRC.Agent.c!crit!submit [+] TrojanDownloader/VBS.Agent.c!crit!submit [+] TrojanSpy/Python.Clipper.a!crit!submit [-] Backdoor/W32.Lotok.al!crit!submit [-] Rootkit/W32.Zdriver.a!crit!submit [-] Rootkit/W64.Zdriver.a!crit!submit [-] Trojan/SCR.ShellCode.t!crit!submit [-] Trojan/W32.FakeApp.t!crit!submit [-] Trojan/W32.FakeApp.u!crit!submit [-] Trojan/W32.ShellLoader.akh!crit!submit [-] Trojan/W64.DLLHijack.c!crit!submit [-] Trojan/W64.Loader.e!crit!submit [-] TrojanDownloader/SRC.Agent.a!crit!submit [-] TrojanDownloader/SRC.Agent.b!crit!submit ```1771839344 - 2026-02-23 09:35:44 UTC
#### 黑名单哈希变更 ([troj.txt](data/1771839344.troj.txt)) 新增: 151771753876 - 2026-02-22 09:51:16 UTC
#### 特征项变更 ([pset.txt](data/1771753876.pset.txt))新增正式定义: 1
``` [+] Exploit/FnOS ```1771668871 - 2026-02-21 10:14:31 UTC
#### 黑名单哈希变更 ([troj.txt](data/1771668871.troj.txt)) 新增: 108 #### 白名单哈希变更 ([hwl.txt](data/1771668871.hwl.txt)) 新增: 11771582765 - 2026-02-20 10:1925 UTC
#### 黑名单哈希变更 ([troj.txt](data/1771582765.troj.txt)) 新增: 811771482509 - 2026-02-19 06:28:29 UTC
#### 黑名单哈希变更 ([troj.txt](data/1771482509.troj.txt)) 新增: 21771395776 - 2026-02-18 06:22:56 UTC
#### 黑名单哈希变更 ([troj.txt](data/1771395776.troj.txt)) 新增: 21771313503 - 2026-02-17 07:31:43 UTC
#### 黑名单哈希变更 ([troj.txt](data/1771313503.troj.txt)) 新增: 21771227353 - 2026-02-16 07:35:53 UTC
#### 黑名单哈希变更 ([troj.txt](data/1771227353.troj.txt)) 新增: 21771133957 - 2026-02-15 05:39:17 UTC
#### 黑名单哈希变更 ([troj.txt](data/1771133957.troj.txt)) 新增: 81771059400 - 2026-02-14 08:56:40 UTC
#### 特征项变更 ([pset.txt](data/1771059400.pset.txt))新增正式定义: 39
``` [+] Backdoor/JS.WebShell.m [+] Backdoor/JS.WebShell.n [+] Backdoor/JS.WebShell.o [+] HEUR:OMacro/Downloader.eh [+] HEUR:Trojan/JS.Runner.t [+] HVM:Ransom/W64.LockFile.n [+] HVM:TrojanSpy/W64.Stealer.ag [+] HackTool/AmsiBypass [+] Trojan/Agent.cjy [+] Trojan/BAT.Obfuscator.a [+] Trojan/BAT.Obfuscator.b [+] Trojan/BAT.Runner.bk [+] Trojan/BAT.Shutdown.f [+] Trojan/FakeApp.aer [+] Trojan/FakeApp.aes [+] Trojan/FakeApp.aet [+] Trojan/FakeApp.aeu [+] Trojan/HiJack.yn [+] Trojan/Injector.cmg [+] Trojan/JS.Agent.gn [+] Trojan/Loader.nv [+] Trojan/MSIL.Obfuscated.ku [+] Trojan/NSIS.Injector.g [+] Trojan/PS.Loader.w [+] Trojan/PS.Obfuscator.e [+] Trojan/W64.Agent.hf [+] Trojan/W64.Agent.hh [+] TrojanDownloader/Agent.bmg [+] TrojanDownloader/Agent.bmh [+] TrojanDownloader/BAT.Agent.gi [+] TrojanDownloader/LNK.Agent.hg [+] TrojanDownloader/PS.Agent.fy [+] TrojanDropper/Agent.amc [+] TrojanDropper/JS.Agent.cg [+] TrojanDropper/MSIL.Agent.kb [+] TrojanDropper/Maloader.p [+] TrojanDropper/PS.Agent.aa [+] TrojanSpy/MSIL.Stealer.kw [+] TrojanSpy/Stealer.tn ```新增遥测定义: 27 | 移除遥测定义: 44
``` [+] Backdoor/Lotok.oq!submit [+] HVM:Backdoor/Lotok.cq!submit [+] Trojan/Agent.cmg!submit [+] Trojan/FakeApp.aev!submit [+] Trojan/FakeApp.aew!submit [+] Trojan/FakeApp.kn!submit [+] Trojan/HiJack.yn!submit [+] Trojan/KillWin.do!submit [+] Trojan/KillWin.dp!submit [+] Trojan/LNK.Starter.dc!submit [+] Trojan/Obfuscated.oe!submit [+] Trojan/Skills.a!submit [+] Trojan/Skills.b!submit [+] TrojanDownloader/Agent.bmi!submit [+] TrojanDownloader/Agent.bmj!submit [+] TrojanDownloader/Agent.bmk!submit [+] TrojanDownloader/Agent.bml!submit [+] TrojanDownloader/Agent.bmm!submit [+] TrojanDownloader/PS.Netloader.lu!submit [+] TrojanDropper/Agent.abv!submit [+] TrojanDropper/Agent.ajs!submit [+] TrojanDropper/Agent.amd!submit [+] TrojanDropper/Agent.ame!submit [+] TrojanDropper/Agent.zn!submit [+] TrojanSpy/AutoIT.Stealer.l!submit [+] TrojanSpy/AutoIT.Stealer.m!submit [+] TrojanSpy/AutoIT.Stealer.n!submit [-] Backdoor/JS.WebShell.m!submit [-] HEUR:OMacro/Downloader.eh!submit [-] HEUR:Trojan/JS.Runner.t!submit [-] HEUR:Trojan/Obfuscated.i!submit [-] HVM:Ransom/W64.LockFile.n!submit [-] HVM:TrojanSpy/W64.Stealer.ag!submit [-] Trojan/Agent.cjy!submit [-] Trojan/BAT.Obfuscator.a!submit [-] Trojan/BAT.Obfuscator.b!submit [-] Trojan/BAT.Runner.bk!submit [-] Trojan/BAT.Runner.bw!submit [-] Trojan/BAT.Shutdown.f!submit [-] Trojan/FakeApp.aai!submit [-] Trojan/FakeApp.aer!submit [-] Trojan/FakeApp.aes!submit [-] Trojan/FakeApp.aet!submit [-] Trojan/FakeApp.aeu!submit [-] Trojan/FakeApp.yl!submit [-] Trojan/HiJack.ud!submit [-] Trojan/Injector.cmg!submit [-] Trojan/JS.Agent.gn!submit [-] Trojan/LNK.Runner.bl!submit [-] Trojan/Loader.nv!submit [-] Trojan/MSIL.Obfuscated.ku!submit [-] Trojan/NSIS.Injector.g!submit [-] Trojan/PS.Loader.w!submit [-] Trojan/PS.Obfuscator.e!submit [-] Trojan/W64.Agent.hf!submit [-] Trojan/W64.Agent.hh!submit [-] TrojanDownloader/Agent.bmg!submit [-] TrojanDownloader/Agent.bmh!submit [-] TrojanDownloader/BAT.Agent.gi!submit [-] TrojanDownloader/PS.Agent.fy!submit [-] TrojanDropper/Agent.ajy!submit [-] TrojanDropper/Agent.akw!submit [-] TrojanDropper/Agent.alf!submit [-] TrojanDropper/Agent.alq!submit [-] TrojanDropper/Agent.amc!submit [-] TrojanDropper/JS.Agent.cg!submit [-] TrojanDropper/MSIL.Agent.kb!submit [-] TrojanDropper/Maloader.p!submit [-] TrojanDropper/PS.Agent.aa!submit [-] TrojanSpy/MSIL.Stealer.kw!submit [-] TrojanSpy/Stealer.tn!submit ```新增正式定义: 36
``` [+] Backdoor/JS.WebShell.b!crit [+] Backdoor/JS.WebShell.c!crit [+] Backdoor/JS.WebShell.d!crit [+] Backdoor/JS.WebShell.e!crit [+] Backdoor/JS.WebShell.f!crit [+] Backdoor/JS.WebShell.g!crit [+] Backdoor/JS.WebShell.h!crit [+] Backdoor/JS.WebShell.i!crit [+] Backdoor/JS.WebShell.j!crit [+] Backdoor/JS.WebShell.k!crit [+] Backdoor/JS.WebShell.l!crit [+] Backdoor/JS.WebShell.m!crit [+] Backdoor/JS.WebShell.n!crit [+] Backdoor/JS.WebShell.o!crit [+] Backdoor/JS.WebShell.p!crit [+] Backdoor/JS.WebShell.q!crit [+] Backdoor/W32.Lotok.ak!crit [+] Backdoor/W32.Lotok.al!crit [+] Backdoor/W32.Lotok.am!crit [+] Joke/SCR.Agent.a!crit [+] OMacro/SRC.Loader.a!crit [+] Trojan/HTML.Injector.a!crit [+] Trojan/Linux.Dknife.a!crit [+] Trojan/Linux.Mirai.aa!crit [+] Trojan/Linux.Mirai.ab!crit [+] Trojan/MSIL.Injector.o!crit [+] Trojan/MSIL.Obfuscated.bf!crit [+] Trojan/PS.Loader.h!crit [+] Trojan/SCR.Agent.a!crit [+] Trojan/SCR.ShellLoader.a!crit [+] Trojan/W32.ShellLoader.am!crit [+] TrojanDownloader/JS.Netloader.g!crit [+] TrojanDownloader/Linux.Agent.aa!crit [+] TrojanDownloader/Linux.Agent.ab!crit [+] TrojanDownloader/PS.Agent.ca!crit [+] TrojanDownloader/PS.Agent.cb!crit ```新增遥测定义: 120 | 移除遥测定义: 37
``` [+] Backdoor/.WebShell.ey!crit!submit [+] Backdoor/.WebShell.fj!crit!submit [+] Backdoor/BAT.WebShell.ez!crit!submit [+] Backdoor/HTML.WebShell.b!crit!submit [+] Backdoor/HTML.WebShell.c!crit!submit [+] Backdoor/HTML.WebShell.d!crit!submit [+] Backdoor/HTML.WebShell.dx!crit!submit [+] Backdoor/HTML.WebShell.dy!crit!submit [+] Backdoor/HTML.WebShell.dz!crit!submit [+] Backdoor/HTML.WebShell.e!crit!submit [+] Backdoor/HTML.WebShell.ea!crit!submit [+] Backdoor/HTML.WebShell.eb!crit!submit [+] Backdoor/HTML.WebShell.ec!crit!submit [+] Backdoor/HTML.WebShell.ed!crit!submit [+] Backdoor/HTML.WebShell.ee!crit!submit [+] Backdoor/HTML.WebShell.eh!crit!submit [+] Backdoor/HTML.WebShell.en!crit!submit [+] Backdoor/HTML.WebShell.ep!crit!submit [+] Backdoor/HTML.WebShell.eq!crit!submit [+] Backdoor/HTML.WebShell.er!crit!submit [+] Backdoor/HTML.WebShell.et!crit!submit [+] Backdoor/HTML.WebShell.eu!crit!submit [+] Backdoor/HTML.WebShell.ev!crit!submit [+] Backdoor/HTML.WebShell.ew!crit!submit [+] Backdoor/HTML.WebShell.ex!crit!submit [+] Backdoor/HTML.WebShell.f!crit!submit [+] Backdoor/HTML.WebShell.fa!crit!submit [+] Backdoor/HTML.WebShell.fc!crit!submit [+] Backdoor/HTML.WebShell.fd!crit!submit [+] Backdoor/HTML.WebShell.fe!crit!submit [+] Backdoor/HTML.WebShell.ff!crit!submit [+] Backdoor/HTML.WebShell.fg!crit!submit [+] Backdoor/HTML.WebShell.fh!crit!submit [+] Backdoor/HTML.WebShell.fi!crit!submit [+] Backdoor/HTML.WebShell.fk!crit!submit [+] Backdoor/HTML.WebShell.fl!crit!submit [+] Backdoor/HTML.WebShell.fm!crit!submit [+] Backdoor/HTML.WebShell.g!crit!submit [+] Backdoor/HTML.WebShell.h!crit!submit [+] Backdoor/HTML.WebShell.i!crit!submit [+] Backdoor/JS.WebShell.a!crit!submit [+] Backdoor/JS.WebShell.dx!crit!submit [+] Backdoor/JS.WebShell.dy!crit!submit [+] Backdoor/JS.WebShell.dz!crit!submit [+] Backdoor/JS.WebShell.eb!crit!submit [+] Backdoor/JS.WebShell.ec!crit!submit [+] Backdoor/JS.WebShell.ed!crit!submit [+] Backdoor/JS.WebShell.ee!crit!submit [+] Backdoor/JS.WebShell.ef!crit!submit [+] Backdoor/JS.WebShell.eg!crit!submit [+] Backdoor/JS.WebShell.ei!crit!submit [+] Backdoor/JS.WebShell.ej!crit!submit [+] Backdoor/JS.WebShell.ek!crit!submit [+] Backdoor/JS.WebShell.el!crit!submit [+] Backdoor/JS.WebShell.em!crit!submit [+] Backdoor/JS.WebShell.eo!crit!submit [+] Backdoor/JS.WebShell.ep!crit!submit [+] Backdoor/JS.WebShell.eq!crit!submit [+] Backdoor/JS.WebShell.es!crit!submit [+] Backdoor/JS.WebShell.et!crit!submit [+] Backdoor/JS.WebShell.ev!crit!submit [+] Backdoor/JS.WebShell.ew!crit!submit [+] Backdoor/JS.WebShell.ex!crit!submit [+] Backdoor/JS.WebShell.ey!crit!submit [+] Backdoor/JS.WebShell.ez!crit!submit [+] Backdoor/JS.WebShell.fa!crit!submit [+] Backdoor/JS.WebShell.fb!crit!submit [+] Backdoor/JS.WebShell.fc!crit!submit [+] Backdoor/JS.WebShell.fd!crit!submit [+] Backdoor/JS.WebShell.ff!crit!submit [+] Backdoor/JS.WebShell.fg!crit!submit [+] Backdoor/JS.WebShell.fn!crit!submit [+] Backdoor/JS.WebShell.fp!crit!submit [+] Backdoor/JS.WebShell.fr!crit!submit [+] Backdoor/PHP.WebShell.ak!crit!submit [+] Backdoor/PHP.WebShell.al!crit!submit [+] Backdoor/PHP.WebShell.am!crit!submit [+] Backdoor/PHP.WebShell.an!crit!submit [+] Backdoor/PHP.WebShell.er!crit!submit [+] Backdoor/PHP.WebShell.eu!crit!submit [+] Backdoor/PHP.WebShell.fe!crit!submit [+] Backdoor/PHP.WebShell.fh!crit!submit [+] Backdoor/VBS.WebShell.b!crit!submit [+] Backdoor/VBS.WebShell.c!crit!submit [+] Backdoor/VBS.WebShell.d!crit!submit [+] Backdoor/VBS.WebShell.e!crit!submit [+] Backdoor/VBS.WebShell.es!crit!submit [+] Backdoor/VBS.WebShell.f!crit!submit [+] Backdoor/VBS.WebShell.fb!crit!submit [+] Backdoor/VBS.WebShell.fn!crit!submit [+] Backdoor/VBS.WebShell.fq!crit!submit [+] Backdoor/VBS.WebShell.g!crit!submit [+] Backdoor/VBS.WebShell.h!crit!submit [+] Backdoor/VBS.WebShell.i!crit!submit [+] Backdoor/VBS.WebShell.j!crit!submit [+] Backdoor/VBS.WebShell.k!crit!submit [+] Backdoor/VBS.WebShell.l!crit!submit [+] Backdoor/VBS.WebShell.m!crit!submit [+] Backdoor/VBS.WebShell.n!crit!submit [+] Backdoor/VBS.WebShell.o!crit!submit [+] Backdoor/VBS.WebShell.p!crit!submit [+] Backdoor/VBS.WebShell.q!crit!submit [+] Backdoor/VBS.WebShell.r!crit!submit [+] Backdoor/VBS.WebShell.s!crit!submit [+] Backdoor/VBS.WebShell.t!crit!submit [+] Backdoor/VBS.WebShell.u!crit!submit [+] Exploit/W32.CVE-2026-21508.a!crit!submit [+] HEUR:Trojan/W32.HiJack.b!crit!submit [+] Rootkit/W32.Zdriver.a!crit!submit [+] Rootkit/W64.Zdriver.a!crit!submit [+] Trojan/SCR.ShellCode.t!crit!submit [+] Trojan/W32.DDOS.b!crit!submit [+] Trojan/W32.FakeApp.t!crit!submit [+] Trojan/W32.FakeApp.u!crit!submit [+] Trojan/W32.KillAV.a!crit!submit [+] Trojan/W32.ShellLoader.akh!crit!submit [+] Trojan/W64.DLLHijack.c!crit!submit [+] Trojan/W64.Loader.e!crit!submit [+] TrojanDownloader/SRC.Agent.a!crit!submit [+] TrojanDownloader/SRC.Agent.b!crit!submit [-] Backdoor/JS.WebShell.b!crit!submit [-] Backdoor/JS.WebShell.c!crit!submit [-] Backdoor/JS.WebShell.d!crit!submit [-] Backdoor/JS.WebShell.e!crit!submit [-] Backdoor/JS.WebShell.f!crit!submit [-] Backdoor/JS.WebShell.g!crit!submit [-] Backdoor/JS.WebShell.h!crit!submit [-] Backdoor/JS.WebShell.i!crit!submit [-] Backdoor/JS.WebShell.j!crit!submit [-] Backdoor/JS.WebShell.k!crit!submit [-] Backdoor/JS.WebShell.l!crit!submit [-] Backdoor/JS.WebShell.m!crit!submit [-] Backdoor/JS.WebShell.n!crit!submit [-] Backdoor/JS.WebShell.o!crit!submit [-] Backdoor/JS.WebShell.p!crit!submit [-] Backdoor/JS.WebShell.q!crit!submit [-] Backdoor/W32.Lotok.aj!crit!submit [-] Backdoor/W32.Lotok.ak!crit!submit [-] Backdoor/W32.Lotok.am!crit!submit [-] HEUR:Trojan/SCR.FakeApp.c!crit!submit [-] OMacro/SRC.Loader.a!crit!submit [-] Trojan/HTML.Injector.a!crit!submit [-] Trojan/Linux.Dknife.a!crit!submit [-] Trojan/Linux.Mirai.aa!crit!submit [-] Trojan/Linux.Mirai.ab!crit!submit [-] Trojan/MSIL.Injector.o!crit!submit [-] Trojan/MSIL.Obfuscated.bf!crit!submit [-] Trojan/PS.Loader.h!crit!submit [-] Trojan/SCR.Agent.a!crit!submit [-] Trojan/SCR.Runner.b!crit!submit [-] Trojan/SCR.ShellLoader.a!crit!submit [-] Trojan/W32.ShellLoader.am!crit!submit [-] TrojanDownloader/JS.Netloader.g!crit!submit [-] TrojanDownloader/Linux.Agent.aa!crit!submit [-] TrojanDownloader/Linux.Agent.ab!crit!submit [-] TrojanDownloader/PS.Agent.ca!crit!submit [-] TrojanDownloader/PS.Agent.cb!crit!submit ```1770894111 - 2026-02-12 11:01:51 UTC
#### 特征项变更 ([pset.txt](data/1770894111.pset.txt))新增正式定义: 35 | 移除正式定义: 2
``` [+] Backdoor/Agent.ri [+] Backdoor/CoolClient.a [+] HVM:Trojan/ShellLoader.ct [+] HVM:TrojanDownloader/W64.Agent.dd [+] HVM:TrojanSpy/W64.Stealer.af [+] HackTool/Linux.Frpc.a [+] Trojan/Agent.cmf [+] Trojan/CoinMiner.ld [+] Trojan/FakeApp.aej [+] Trojan/FakeApp.aeo [+] Trojan/FakeApp.aep [+] Trojan/FakeApp.aeq [+] Trojan/JS.Obfuscated.dm [+] Trojan/KillAV.df [+] Trojan/KillWin.dn [+] Trojan/Linux.Agent.dp [+] Trojan/Linux.Flooder.j [+] Trojan/Linux.Mirai.hf [+] Trojan/Loader.nu [+] Trojan/MSIL.Agent.aan [+] Trojan/MSIL.Obfuscated.kt [+] Trojan/PS.Injector.d [+] TrojanDownloader/Agent.bme [+] TrojanDownloader/Agent.bmf [+] TrojanDownloader/MSIL.Agent.ajp [+] TrojanDownloader/PS.Agent.ft [+] TrojanDownloader/PS.Agent.fu [+] TrojanDownloader/PS.Agent.fw [+] TrojanDownloader/PS.Agent.fx [+] TrojanDownloader/W64.Agent.db [+] TrojanDownloader/W64.Agent.dc [+] TrojanDownloader/W64.Agent.dd [+] TrojanDropper/MSIL.Agent.ka [+] TrojanSpy/MSIL.Keylogger.r [+] TrojanSpy/W64.Stealer.af [-] Trojan/HTML.Injector.k [-] TrojanDropper/Agent.ajs ```新增遥测定义: 64 | 移除遥测定义: 36
``` [+] Backdoor/Farfli.ac!submit [+] Backdoor/JS.WebShell.m!submit [+] HEUR:OMacro/Downloader.eh!submit [+] HEUR:Trojan/JS.Runner.t!submit [+] HVM:Ransom/W64.LockFile.n!submit [+] HVM:Trojan/AvKiller.a!submit [+] HVM:Trojan/Baidence.b!submit [+] HVM:TrojanSpy/W64.Stealer.ag!submit [+] Trojan/Agent.cjy!submit [+] Trojan/Agent.clu!submit [+] Trojan/Agent.cme!submit [+] Trojan/BAT.Obfuscator.a!submit [+] Trojan/BAT.Obfuscator.b!submit [+] Trojan/BAT.Shutdown.f!submit [+] Trojan/FakeApp.aai!submit [+] Trojan/FakeApp.aer!submit [+] Trojan/FakeApp.aes!submit [+] Trojan/FakeApp.aet!submit [+] Trojan/FakeApp.aeu!submit [+] Trojan/FakeApp.yl!submit [+] Trojan/HTML.Injector.k!submit [+] Trojan/Injector.clw!submit [+] Trojan/Injector.cmg!submit [+] Trojan/LNK.Agent.bv!submit [+] Trojan/LNK.Agent.bw!submit [+] Trojan/LNK.Starter.cw!submit [+] Trojan/LNK.Starter.cx!submit [+] Trojan/LNK.Starter.cy!submit [+] Trojan/LNK.Starter.cz!submit [+] Trojan/LNK.Starter.da!submit [+] Trojan/LNK.Starter.db!submit [+] Trojan/Loader.nv!submit [+] Trojan/MSIL.Obfuscated.ku!submit [+] Trojan/NSIS.Injector.g!submit [+] Trojan/PS.Loader.w!submit [+] Trojan/PS.Obfuscator.e!submit [+] Trojan/PS.Rozena.c!submit [+] Trojan/W64.Agent.hf!submit [+] Trojan/W64.Agent.hh!submit [+] TrojanDownloader/Agent.bmg!submit [+] TrojanDownloader/Agent.bmh!submit [+] TrojanDownloader/LNK.Agent.he!submit [+] TrojanDownloader/LNK.Agent.hf!submit [+] TrojanDownloader/LNK.Agent.hg!submit [+] TrojanDownloader/LNK.Agent.hh!submit [+] TrojanDownloader/LNK.Agent.hi!submit [+] TrojanDownloader/LNK.Agent.hj!submit [+] TrojanDownloader/LNK.Obfuscated.a!submit [+] TrojanDownloader/LNK.Starter.a!submit [+] TrojanDownloader/LNK.Starter.b!submit [+] TrojanDownloader/Maloader.bs!submit [+] TrojanDownloader/PS.Agent.fy!submit [+] TrojanDropper/Agent.ajy!submit [+] TrojanDropper/Agent.akw!submit [+] TrojanDropper/Agent.alf!submit [+] TrojanDropper/Agent.alq!submit [+] TrojanDropper/Agent.amc!submit [+] TrojanDropper/JS.Agent.cg!submit [+] TrojanDropper/LNK.Starter.a!submit [+] TrojanDropper/MSIL.Agent.kb!submit [+] TrojanDropper/Maloader.p!submit [+] TrojanDropper/PS.Agent.aa!submit [+] TrojanSpy/MSIL.Stealer.kw!submit [+] TrojanSpy/Stealer.tn!submit [-] Backdoor/Agent.ri!submit [-] Backdoor/CoolClient.a!submit [-] HVM:Trojan/ShellLoader.ct!submit [-] HVM:TrojanDownloader/W64.Agent.dd!submit [-] HVM:TrojanSpy/W64.Stealer.af!submit [-] HackTool/Linux.Frpc.a!submit [-] Trojan/Agent.cmf!submit [-] Trojan/CoinMiner.ld!submit [-] Trojan/FakeApp.aej!submit [-] Trojan/FakeApp.aeo!submit [-] Trojan/FakeApp.aep!submit [-] Trojan/FakeApp.aeq!submit [-] Trojan/JS.Obfuscated.dm!submit [-] Trojan/KillAV.df!submit [-] Trojan/KillWin.dn!submit [-] Trojan/Linux.Agent.dp!submit [-] Trojan/Linux.Flooder.j!submit [-] Trojan/Linux.Mirai.hf!submit [-] Trojan/Loader.nu!submit [-] Trojan/MSIL.Agent.aan!submit [-] Trojan/MSIL.Obfuscated.kt!submit [-] Trojan/W64.Injector.cn!submit [-] TrojanDownloader/Agent.bme!submit [-] TrojanDownloader/Agent.bmf!submit [-] TrojanDownloader/MSIL.Agent.ajp!submit [-] TrojanDownloader/PS.Agent.ft!submit [-] TrojanDownloader/PS.Agent.fu!submit [-] TrojanDownloader/PS.Agent.fw!submit [-] TrojanDownloader/PS.Agent.fx!submit [-] TrojanDownloader/W64.Agent.db!submit [-] TrojanDownloader/W64.Agent.dc!submit [-] TrojanDownloader/W64.Agent.dd!submit [-] TrojanDropper/Agent.amb!submit [-] TrojanDropper/MSIL.Agent.ka!submit [-] TrojanSpy/MSIL.Keylogger.r!submit [-] TrojanSpy/W64.Stealer.af!submit ```新增正式定义: 20
``` [+] Backdoor/W32.Lotok.aj!crit [+] HackTool/Linux.CoinMiner.c!crit [+] Trojan/BAT.Disabler.a!crit [+] Trojan/Linux.Mirai.o!crit [+] Trojan/MSIL.Obfuscated.bd!crit [+] Trojan/MSIL.Obfuscated.be!crit [+] Trojan/SCR.Agent.f!crit [+] Trojan/SCR.Agent.g!crit [+] Trojan/SCR.FakeApp.c!crit [+] Trojan/SCR.Runner.f!crit [+] Trojan/SCR.ShellLoader.g!crit [+] Trojan/W32.BypassUAC.b!crit [+] Trojan/W32.BypassUAC.c!crit [+] Trojan/W32.FakeApp.s!crit [+] Trojan/W64.Agent.hh!crit [+] TrojanDownloader/LNK.Agent.i!crit [+] TrojanDownloader/Linux.Agent.p!crit [+] TrojanDropper/W32.Agent.lc!crit [+] TrojanSpy/OSX.Amos.a!crit [+] TrojanSpy/W32.Stealer.an!crit ```新增遥测定义: 80 | 移除遥测定义: 21
``` [+] Backdoor/HTML.WebShell.a!crit!submit [+] Backdoor/HTML.WebShell.bm!crit!submit [+] Backdoor/HTML.WebShell.bn!crit!submit [+] Backdoor/HTML.WebShell.bz!crit!submit [+] Backdoor/HTML.WebShell.cb!crit!submit [+] Backdoor/HTML.WebShell.cc!crit!submit [+] Backdoor/HTML.WebShell.cf!crit!submit [+] Backdoor/HTML.WebShell.cg!crit!submit [+] Backdoor/HTML.WebShell.ch!crit!submit [+] Backdoor/HTML.WebShell.ci!crit!submit [+] Backdoor/HTML.WebShell.cj!crit!submit [+] Backdoor/HTML.WebShell.cl!crit!submit [+] Backdoor/HTML.WebShell.cn!crit!submit [+] Backdoor/HTML.WebShell.cq!crit!submit [+] Backdoor/HTML.WebShell.cs!crit!submit [+] Backdoor/HTML.WebShell.ct!crit!submit [+] Backdoor/HTML.WebShell.cu!crit!submit [+] Backdoor/HTML.WebShell.cw!crit!submit [+] Backdoor/HTML.WebShell.cy!crit!submit [+] Backdoor/HTML.WebShell.cz!crit!submit [+] Backdoor/HTML.WebShell.db!crit!submit [+] Backdoor/HTML.WebShell.dc!crit!submit [+] Backdoor/HTML.WebShell.dd!crit!submit [+] Backdoor/HTML.WebShell.de!crit!submit [+] Backdoor/HTML.WebShell.dh!crit!submit [+] Backdoor/HTML.WebShell.di!crit!submit [+] Backdoor/HTML.WebShell.dj!crit!submit [+] Backdoor/HTML.WebShell.dl!crit!submit [+] Backdoor/HTML.WebShell.dn!crit!submit [+] Backdoor/HTML.WebShell.do!crit!submit [+] Backdoor/HTML.WebShell.dt!crit!submit [+] Backdoor/HTML.WebShell.du!crit!submit [+] Backdoor/JS.WebShell.bk!crit!submit [+] Backdoor/JS.WebShell.bl!crit!submit [+] Backdoor/JS.WebShell.bo!crit!submit [+] Backdoor/JS.WebShell.bp!crit!submit [+] Backdoor/JS.WebShell.bq!crit!submit [+] Backdoor/JS.WebShell.br!crit!submit [+] Backdoor/JS.WebShell.bs!crit!submit [+] Backdoor/JS.WebShell.bt!crit!submit [+] Backdoor/JS.WebShell.bu!crit!submit [+] Backdoor/JS.WebShell.bv!crit!submit [+] Backdoor/JS.WebShell.bw!crit!submit [+] Backdoor/JS.WebShell.bx!crit!submit [+] Backdoor/JS.WebShell.by!crit!submit [+] Backdoor/JS.WebShell.ca!crit!submit [+] Backdoor/JS.WebShell.cd!crit!submit [+] Backdoor/JS.WebShell.ce!crit!submit [+] Backdoor/JS.WebShell.ck!crit!submit [+] Backdoor/JS.WebShell.cm!crit!submit [+] Backdoor/JS.WebShell.co!crit!submit [+] Backdoor/JS.WebShell.cp!crit!submit [+] Backdoor/JS.WebShell.cr!crit!submit [+] Backdoor/JS.WebShell.cv!crit!submit [+] Backdoor/JS.WebShell.cx!crit!submit [+] Backdoor/JS.WebShell.da!crit!submit [+] Backdoor/JS.WebShell.df!crit!submit [+] Backdoor/JS.WebShell.dg!crit!submit [+] Backdoor/JS.WebShell.dk!crit!submit [+] Backdoor/JS.WebShell.dm!crit!submit [+] Backdoor/JS.WebShell.dp!crit!submit [+] Backdoor/JS.WebShell.dq!crit!submit [+] Backdoor/JS.WebShell.dr!crit!submit [+] Backdoor/JS.WebShell.ds!crit!submit [+] Backdoor/JS.WebShell.dv!crit!submit [+] Backdoor/JS.WebShell.dw!crit!submit [+] Backdoor/W32.Lotok.ak!crit!submit [+] Backdoor/W32.Lotok.al!crit!submit [+] Backdoor/W32.Lotok.am!crit!submit [+] HEUR:Trojan/SCR.FakeApp.c!crit!submit [+] OMacro/SRC.Loader.a!crit!submit [+] Trojan/HTML.Injector.a!crit!submit [+] Trojan/Linux.Dknife.a!crit!submit [+] Trojan/MSIL.Injector.o!crit!submit [+] Trojan/MSIL.Obfuscated.bf!crit!submit [+] Trojan/PS.Loader.h!crit!submit [+] Trojan/W32.ShellLoader.am!crit!submit [+] TrojanDownloader/JS.Netloader.g!crit!submit [+] TrojanDownloader/PS.Agent.ca!crit!submit [+] TrojanDownloader/PS.Agent.cb!crit!submit [-] Backdoor/W32.Lotok.ah!crit!submit [-] HackTool/Linux.CoinMiner.c!crit!submit [-] Trojan/BAT.Disabler.a!crit!submit [-] Trojan/Linux.Mirai.o!crit!submit [-] Trojan/MSIL.Obfuscated.bd!crit!submit [-] Trojan/MSIL.Obfuscated.be!crit!submit [-] Trojan/SCR.Agent.f!crit!submit [-] Trojan/SCR.Agent.g!crit!submit [-] Trojan/SCR.FakeApp.c!crit!submit [-] Trojan/SCR.Runner.f!crit!submit [-] Trojan/SCR.ShellLoader.g!crit!submit [-] Trojan/VBS.Loader.e!crit!submit [-] Trojan/W32.BypassUAC.b!crit!submit [-] Trojan/W32.BypassUAC.c!crit!submit [-] Trojan/W32.FakeApp.s!crit!submit [-] Trojan/W64.Agent.hh!crit!submit [-] TrojanDownloader/LNK.Agent.i!crit!submit [-] TrojanDownloader/Linux.Agent.p!crit!submit [-] TrojanDropper/W32.Agent.lc!crit!submit [-] TrojanSpy/OSX.Amos.a!crit!submit [-] TrojanSpy/W32.Stealer.an!crit!submit ```1770808315 - 2026-02-11 11:11:55 UTC
#### 特征项变更 ([pset.txt](data/1770808315.pset.txt))新增正式定义: 35
``` [+] HEUR:Trojan/Loader.nt [+] HVM:HackTool/W64.PSWDump.a [+] HVM:Ransom/LockFile.m [+] HVM:Trojan/W64.Agent.hf [+] HVM:TrojanSpy/Stealer.tn [+] HackTool/Agent.n [+] HackTool/Linux.CoinMiner.s [+] Joke/Python.Agent.b [+] Ransom/LockFile.rq [+] Ransom/LockFile.rr [+] Rootkit/Msproxy [+] Trojan/Agent.cme [+] Trojan/BAT.Obfuscated.av [+] Trojan/FakeApp.aek [+] Trojan/FakeApp.ael [+] Trojan/FakeApp.aem [+] Trojan/FakeApp.aen [+] Trojan/Korplug.am [+] Trojan/Linux.Mirai.he [+] Trojan/MSIL.Obfuscated.ks [+] Trojan/Obfuscated.od [+] Trojan/PS.Loader.v [+] Trojan/ShellLoader.ajb [+] Trojan/W64.Injector.cl [+] Trojan/W64.Injector.cm [+] Trojan/W64.Loader.ar [+] Trojan/W64.Loader.as [+] TrojanDownloader/JS.Netloader.dd [+] TrojanDownloader/PS.Agent.fs [+] TrojanDownloader/PS.Netloader.lt [+] TrojanDownloader/W64.Agent.da [+] TrojanDropper/Agent.amb [+] TrojanSpy/Steam.aa [+] TrojanSpy/W64.Stealer.ae [+] Worm/DorkBot.ab ```新增遥测定义: 35 | 移除遥测定义: 40
``` [+] Backdoor/Agent.ri!submit [+] Backdoor/CoolClient.a!submit [+] HVM:Trojan/ShellLoader.ct!submit [+] HVM:TrojanDownloader/W64.Agent.dd!submit [+] HVM:TrojanSpy/W64.Stealer.af!submit [+] Trojan/Agent.cmf!submit [+] Trojan/CoinMiner.ld!submit [+] Trojan/FakeApp.aej!submit [+] Trojan/FakeApp.aeo!submit [+] Trojan/FakeApp.aep!submit [+] Trojan/FakeApp.aeq!submit [+] Trojan/JS.Obfuscated.dm!submit [+] Trojan/KillAV.df!submit [+] Trojan/KillWin.dn!submit [+] Trojan/Linux.Agent.dp!submit [+] Trojan/Linux.Flooder.j!submit [+] Trojan/Linux.Mirai.hf!submit [+] Trojan/Loader.nu!submit [+] Trojan/MSIL.Agent.aan!submit [+] Trojan/MSIL.Obfuscated.kt!submit [+] Trojan/PS.Injector.d!submit [+] Trojan/W64.Injector.cn!submit [+] TrojanDownloader/Agent.bme!submit [+] TrojanDownloader/Agent.bmf!submit [+] TrojanDownloader/MSIL.Agent.ajp!submit [+] TrojanDownloader/PS.Agent.ft!submit [+] TrojanDownloader/PS.Agent.fu!submit [+] TrojanDownloader/PS.Agent.fw!submit [+] TrojanDownloader/PS.Agent.fx!submit [+] TrojanDownloader/W64.Agent.db!submit [+] TrojanDownloader/W64.Agent.dc!submit [+] TrojanDownloader/W64.Agent.dd!submit [+] TrojanDropper/MSIL.Agent.ka!submit [+] TrojanSpy/MSIL.Keylogger.r!submit [+] TrojanSpy/W64.Stealer.af!submit [-] HEUR:Trojan/Loader.nt!submit [-] HVM:HackTool/W64.PSWDump.a!submit [-] HVM:Trojan/W64.Agent.hf!submit [-] HVM:TrojanSpy/Stealer.tn!submit [-] HackTool/Agent.n!submit [-] HackTool/Linux.CoinMiner.s!submit [-] Joke/Python.Agent.b!submit [-] Ransom/LockFile.rq!submit [-] Ransom/LockFile.rr!submit [-] Rootkit/Msproxy!submit [-] Trojan/Agent.cjy!submit [-] Trojan/Agent.cme!submit [-] Trojan/BAT.Obfuscated.av!submit [-] Trojan/FakeApp.ady!submit [-] Trojan/FakeApp.aek!submit [-] Trojan/FakeApp.ael!submit [-] Trojan/FakeApp.aem!submit [-] Trojan/FakeApp.aen!submit [-] Trojan/Korplug.am!submit [-] Trojan/Linux.Mirai.he!submit [-] Trojan/Loader.nt!submit [-] Trojan/MSIL.Obfuscated.ks!submit [-] Trojan/Obfuscated.od!submit [-] Trojan/PS.Loader.v!submit [-] Trojan/ShellLoader.ajb!submit [-] Trojan/W64.Injector.cl!submit [-] Trojan/W64.Injector.cm!submit [-] Trojan/W64.Loader.ar!submit [-] Trojan/W64.Loader.as!submit [-] TrojanDownloader/JS.Netloader.dd!submit [-] TrojanDownloader/PS.Agent.fs!submit [-] TrojanDownloader/PS.Netloader.lt!submit [-] TrojanDownloader/W64.Agent.da!submit [-] TrojanDropper/Agent.alo!submit [-] TrojanDropper/Agent.alp!submit [-] TrojanDropper/Agent.alt!submit [-] TrojanDropper/Agent.alz!submit [-] TrojanSpy/Steam.aa!submit [-] TrojanSpy/W64.Stealer.ae!submit [-] Worm/DorkBot.ab!submit ```新增正式定义: 15
``` [+] Backdoor/Linux.Mirai.f!crit [+] Backdoor/W32.Lotok.ai!crit [+] Exploit/SCR.CVE-2026-21509.c!crit [+] HackTool/W32.Frpc.b!crit [+] HackTool/W64.Frpc.a!crit [+] Ransom/Python.LockFile.b!crit [+] Trojan/JS.Agent.b!crit [+] Trojan/JS.Agent.c!crit [+] Trojan/MSIL.Obfuscated.bc!crit [+] Trojan/W32.FakeApp.r!crit [+] Trojan/W32.ShellLoader.akg!crit [+] Trojan/W64.Loader.d!crit [+] TrojanDownloader/BAT.Agent.l!crit [+] TrojanDropper/VBS.Agent.a!crit [+] TrojanSpy/W64.Stealer.ac!crit ```新增遥测定义: 56 | 移除遥测定义: 18
``` [+] Backdoor/JS.WebShell.b!crit!submit [+] Backdoor/JS.WebShell.ba!crit!submit [+] Backdoor/JS.WebShell.bb!crit!submit [+] Backdoor/JS.WebShell.bc!crit!submit [+] Backdoor/JS.WebShell.bd!crit!submit [+] Backdoor/JS.WebShell.be!crit!submit [+] Backdoor/JS.WebShell.bf!crit!submit [+] Backdoor/JS.WebShell.bg!crit!submit [+] Backdoor/JS.WebShell.bh!crit!submit [+] Backdoor/JS.WebShell.bi!crit!submit [+] Backdoor/JS.WebShell.bj!crit!submit [+] Backdoor/JS.WebShell.c!crit!submit [+] Backdoor/JS.WebShell.d!crit!submit [+] Backdoor/JS.WebShell.e!crit!submit [+] Backdoor/JS.WebShell.f!crit!submit [+] Backdoor/JS.WebShell.g!crit!submit [+] Backdoor/JS.WebShell.h!crit!submit [+] Backdoor/JS.WebShell.i!crit!submit [+] Backdoor/JS.WebShell.j!crit!submit [+] Backdoor/JS.WebShell.k!crit!submit [+] Backdoor/JS.WebShell.l!crit!submit [+] Backdoor/JS.WebShell.m!crit!submit [+] Backdoor/JS.WebShell.n!crit!submit [+] Backdoor/JS.WebShell.o!crit!submit [+] Backdoor/JS.WebShell.p!crit!submit [+] Backdoor/JS.WebShell.q!crit!submit [+] Backdoor/JS.WebShell.r!crit!submit [+] Backdoor/JS.WebShell.s!crit!submit [+] Backdoor/JS.WebShell.t!crit!submit [+] Backdoor/JS.WebShell.u!crit!submit [+] Backdoor/JS.WebShell.v!crit!submit [+] Backdoor/JS.WebShell.w!crit!submit [+] Backdoor/JS.WebShell.x!crit!submit [+] Backdoor/JS.WebShell.y!crit!submit [+] Backdoor/JS.WebShell.z!crit!submit [+] Backdoor/W32.Lotok.ah!crit!submit [+] Backdoor/W32.Lotok.aj!crit!submit [+] HackTool/Linux.CoinMiner.c!crit!submit [+] Trojan/BAT.Disabler.a!crit!submit [+] Trojan/Linux.Mirai.o!crit!submit [+] Trojan/MSIL.Obfuscated.bd!crit!submit [+] Trojan/MSIL.Obfuscated.be!crit!submit [+] Trojan/SCR.Agent.f!crit!submit [+] Trojan/SCR.Agent.g!crit!submit [+] Trojan/SCR.Runner.f!crit!submit [+] Trojan/SCR.ShellLoader.g!crit!submit [+] Trojan/W32.BypassUAC.b!crit!submit [+] Trojan/W32.BypassUAC.c!crit!submit [+] Trojan/W32.FakeApp.s!crit!submit [+] Trojan/W32.ShellLoader.al!crit!submit [+] Trojan/W64.Agent.hh!crit!submit [+] TrojanDownloader/LNK.Agent.i!crit!submit [+] TrojanDownloader/Linux.Agent.p!crit!submit [+] TrojanDropper/W32.Agent.lc!crit!submit [+] TrojanSpy/OSX.Amos.a!crit!submit [+] TrojanSpy/W32.Stealer.an!crit!submit [-] Backdoor/Linux.Mirai.f!crit!submit [-] Backdoor/W32.Lotok.ai!crit!submit [-] Exploit/SCR.CVE-2026-21509.c!crit!submit [-] HackTool/W32.Frpc.b!crit!submit [-] HackTool/W64.Frpc.a!crit!submit [-] Ransom/Python.LockFile.b!crit!submit [-] Trojan/JS.Agent.b!crit!submit [-] Trojan/JS.Agent.c!crit!submit [-] Trojan/JS.Obfuscated.b!crit!submit [-] Trojan/MSIL.Obfuscated.bb!crit!submit [-] Trojan/MSIL.Obfuscated.bc!crit!submit [-] Trojan/W32.FakeApp.q!crit!submit [-] Trojan/W32.FakeApp.r!crit!submit [-] Trojan/W32.ShellLoader.akg!crit!submit [-] Trojan/W64.Loader.d!crit!submit [-] TrojanDownloader/BAT.Agent.l!crit!submit [-] TrojanDropper/VBS.Agent.a!crit!submit [-] TrojanSpy/W64.Stealer.ac!crit!submit ```新增: 1
``` [+] Ransom/LockFile.AC!submit ```1770722512 - 2026-02-10 11:21:52 UTC
#### 特征项变更 ([pset.txt](data/1770722512.pset.txt))新增正式定义: 43
``` [+] Backdoor/Agent.rh [+] Backdoor/Linux.Marai.b [+] OMacro/Downloader.bow [+] Trojan/BAT.Obfuscated.au [+] Trojan/BAT.Runner.bw [+] Trojan/CoinMiner.lc [+] Trojan/DDoS.af [+] Trojan/FakeApp.aeg [+] Trojan/FakeApp.aeh [+] Trojan/FakeApp.aei [+] Trojan/Injector.cmf [+] Trojan/KillMBR.cp [+] Trojan/KillWin.dm [+] Trojan/Linux.Agent.do [+] Trojan/Linux.Flooder.i [+] Trojan/Linux.Mirai.gy [+] Trojan/Linux.Mirai.gz [+] Trojan/Linux.Mirai.ha [+] Trojan/Linux.Mirai.hb [+] Trojan/Linux.Mirai.hc [+] Trojan/Linux.Mirai.hd [+] Trojan/Loader.ns [+] Trojan/Loader.nt [+] Trojan/MSIL.Agent.aam [+] Trojan/MSIL.Obfuscated.kq [+] Trojan/MSIL.Obfuscated.kr [+] Trojan/PS.Obfuscated.p [+] Trojan/Python.Loader.s [+] Trojan/Python.ShellLoader.df [+] Trojan/ShellLoader.aio [+] Trojan/ShellLoader.aja [+] Trojan/Turla.g [+] Trojan/W64.Agent.he [+] Trojan/W64.Agent.hg [+] Trojan/W64.Loader.ap [+] Trojan/W64.Loader.aq [+] TrojanDownloader/Linux.Agent.ei [+] TrojanDownloader/W64.Agent.cy [+] TrojanDownloader/W64.Agent.cz [+] TrojanDropper/Agent.alz [+] TrojanDropper/Agent.ama [+] TrojanDropper/CoinMiner.i [+] TrojanSpy/Stealer.tm ```新增遥测定义: 40 | 移除遥测定义: 40
``` [+] HEUR:Trojan/Loader.nt!submit [+] HVM:HackTool/W64.PSWDump.a!submit [+] HVM:Trojan/W64.Agent.hf!submit [+] HVM:TrojanSpy/Stealer.tn!submit [+] HackTool/Agent.n!submit [+] HackTool/Linux.CoinMiner.s!submit [+] HackTool/Linux.Frpc.a!submit [+] Joke/Python.Agent.b!submit [+] Ransom/LockFile.rq!submit [+] Ransom/LockFile.rr!submit [+] Rootkit/Msproxy!submit [+] Trojan/Agent.cme!submit [+] Trojan/BAT.Obfuscated.av!submit [+] Trojan/FakeApp.ady!submit [+] Trojan/FakeApp.aek!submit [+] Trojan/FakeApp.ael!submit [+] Trojan/FakeApp.aem!submit [+] Trojan/FakeApp.aen!submit [+] Trojan/Korplug.am!submit [+] Trojan/Linux.Mirai.he!submit [+] Trojan/Loader.nt!submit [+] Trojan/MSIL.Obfuscated.ks!submit [+] Trojan/Obfuscated.od!submit [+] Trojan/PS.Loader.v!submit [+] Trojan/ShellLoader.ajb!submit [+] Trojan/W64.Injector.cl!submit [+] Trojan/W64.Injector.cm!submit [+] Trojan/W64.Loader.ar!submit [+] Trojan/W64.Loader.as!submit [+] TrojanDownloader/JS.Netloader.dd!submit [+] TrojanDownloader/PS.Agent.fs!submit [+] TrojanDownloader/PS.Netloader.lt!submit [+] TrojanDownloader/W64.Agent.da!submit [+] TrojanDropper/Agent.alo!submit [+] TrojanDropper/Agent.alp!submit [+] TrojanDropper/Agent.alt!submit [+] TrojanDropper/Agent.amb!submit [+] TrojanSpy/Steam.aa!submit [+] TrojanSpy/W64.Stealer.ae!submit [+] Worm/DorkBot.ab!submit [-] Backdoor/Agent.rh!submit [-] Backdoor/Linux.Marai.b!submit [-] HVM:TrojanDropper/W64.Agent.cd!submit [-] OMacro/Downloader.bow!submit [-] Trojan/BAT.Obfuscated.au!submit [-] Trojan/CoinMiner.lc!submit [-] Trojan/FakeApp.aeg!submit [-] Trojan/FakeApp.aeh!submit [-] Trojan/FakeApp.aei!submit [-] Trojan/Injector.cmf!submit [-] Trojan/KillMBR.cp!submit [-] Trojan/KillWin.dm!submit [-] Trojan/Linux.Agent.do!submit [-] Trojan/Linux.Flooder.i!submit [-] Trojan/Linux.Mirai.gy!submit [-] Trojan/Linux.Mirai.gz!submit [-] Trojan/Linux.Mirai.ha!submit [-] Trojan/Linux.Mirai.hb!submit [-] Trojan/Linux.Mirai.hc!submit [-] Trojan/Linux.Mirai.hd!submit [-] Trojan/Loader.ns!submit [-] Trojan/MSIL.Agent.aam!submit [-] Trojan/MSIL.Obfuscated.kq!submit [-] Trojan/MSIL.Obfuscated.kr!submit [-] Trojan/PS.Obfuscated.p!submit [-] Trojan/Python.Loader.s!submit [-] Trojan/Python.ShellLoader.df!submit [-] Trojan/ShellLoader.aio!submit [-] Trojan/ShellLoader.aja!submit [-] Trojan/Turla.g!submit [-] Trojan/W64.Agent.he!submit [-] Trojan/W64.Agent.hg!submit [-] Trojan/W64.Loader.ap!submit [-] Trojan/W64.Loader.aq!submit [-] TrojanDownloader/Linux.Agent.ei!submit [-] TrojanDownloader/W64.Agent.cy!submit [-] TrojanDownloader/W64.Agent.cz!submit [-] TrojanDropper/Agent.ama!submit [-] TrojanDropper/CoinMiner.i!submit [-] TrojanSpy/Stealer.tm!submit ```新增正式定义: 34
``` [+] Backdoor/Android.ShellLoader.b!crit [+] Exploit/Linux.CVE-2025-21756.a!crit [+] Exploit/SCR.CVE-2017-0199.c!crit [+] Trojan/JS.Obfuscated.n!crit [+] Trojan/Linux.Agent.gvj!crit [+] Trojan/Linux.Mirai.l!crit [+] Trojan/Linux.Mirai.m!crit [+] Trojan/Linux.Mirai.n!crit [+] Trojan/MSIL.Obfuscated.az!crit [+] Trojan/MSIL.Obfuscated.ba!crit [+] Trojan/MSIL.Obfuscated.bb!crit [+] Trojan/NSIS.Injector.ao!crit [+] Trojan/PS.Loader.f!crit [+] Trojan/PS.Obfuscator.fu!crit [+] Trojan/Python.KillMBR.cp!crit [+] Trojan/Python.KillMBR.cq!crit [+] Trojan/Python.KillMBR.cr!crit [+] Trojan/Python.KillMBR.cs!crit [+] Trojan/SCR.ShellCode.q!crit [+] Trojan/SCR.ShellCode.r!crit [+] Trojan/SCR.ShellCode.s!crit [+] Trojan/SCR.ShellLoader.c!crit [+] Trojan/W32.FakeApp.n!crit [+] Trojan/W32.FakeApp.o!crit [+] Trojan/W32.FakeApp.p!crit [+] Trojan/W32.Loader.o!crit [+] Trojan/W32.Loader.p!crit [+] Trojan/W32.Obfuscated.g!crit [+] Trojan/W32.ShellLoader.akf!crit [+] TrojanDownloader/Android.Agent.a!crit [+] TrojanDownloader/JAVA.Agent.a!crit [+] TrojanDownloader/PS.Agent.bz!crit [+] TrojanSpy/Android.Banker.c!crit [+] TrojanSpy/Android.Banker.d!crit ```新增遥测定义: 30 | 移除遥测定义: 36
``` [+] Backdoor/Linux.Mirai.f!crit!submit [+] Backdoor/W32.Farfli.a!crit!submit [+] Backdoor/W32.Farfli.b!crit!submit [+] Backdoor/W32.Lotok.ai!crit!submit [+] Exploit/SCR.CVE-2026-21509.c!crit!submit [+] HackTool/Linux.GsNetcat.a!crit!submit [+] HackTool/W32.Frpc.b!crit!submit [+] HackTool/W64.Frpc.a!crit!submit [+] Ransom/Python.LockFile.b!crit!submit [+] Trojan/JS.Agent.b!crit!submit [+] Trojan/JS.Agent.c!crit!submit [+] Trojan/JS.Obfuscated.b!crit!submit [+] Trojan/MSIL.Obfuscated.bc!crit!submit [+] Trojan/SCR.FakeApp.c!crit!submit [+] Trojan/W32.FakeApp.r!crit!submit [+] Trojan/W32.GregCent.a!crit!submit [+] Trojan/W32.Protux.a!crit!submit [+] Trojan/W32.ShellLoader.akg!crit!submit [+] Trojan/W32.Ulise.a!crit!submit [+] Trojan/W64.Injector.i!crit!submit [+] Trojan/W64.Loader.d!crit!submit [+] TrojanDownloader/BAT.Agent.l!crit!submit [+] TrojanDropper/VBS.Agent.a!crit!submit [+] TrojanDropper/W32.Agent.ai!crit!submit [+] TrojanDropper/W32.DarkKomet.a!crit!submit [+] TrojanSpy/W64.Stealer.ac!crit!submit [+] Worm/W32.Gamarue.a!crit!submit [+] Worm/W32.Gamarue.b!crit!submit [+] Worm/W32.Gamarue.c!crit!submit [+] Worm/W32.Gamarue.d!crit!submit [-] Backdoor/Android.ShellLoader.b!crit!submit [-] Backdoor/W32.Lotok.ah!crit!submit [-] Exploit/Linux.CVE-2025-21756.a!crit!submit [-] Exploit/SCR.CVE-2017-0199.c!crit!submit [-] Trojan/.JS.Obfuscated.b!crit!submit [-] Trojan/JS.Obfuscated.n!crit!submit [-] Trojan/Linux.Agent.gvj!crit!submit [-] Trojan/Linux.Mirai.l!crit!submit [-] Trojan/Linux.Mirai.m!crit!submit [-] Trojan/Linux.Mirai.n!crit!submit [-] Trojan/MSIL.Obfuscated.az!crit!submit [-] Trojan/MSIL.Obfuscated.ba!crit!submit [-] Trojan/NSIS.Injector.ao!crit!submit [-] Trojan/PS.Loader.f!crit!submit [-] Trojan/PS.Obfuscator.fu!crit!submit [-] Trojan/Python.KillMBR.cp!crit!submit [-] Trojan/Python.KillMBR.cq!crit!submit [-] Trojan/Python.KillMBR.cr!crit!submit [-] Trojan/Python.KillMBR.cs!crit!submit [-] Trojan/SCR.ShellCode.q!crit!submit [-] Trojan/SCR.ShellCode.r!crit!submit [-] Trojan/SCR.ShellCode.s!crit!submit [-] Trojan/SCR.ShellLoader.c!crit!submit [-] Trojan/W32.FakeApp.n!crit!submit [-] Trojan/W32.FakeApp.o!crit!submit [-] Trojan/W32.FakeApp.p!crit!submit [-] Trojan/W32.HiJack.r!crit!submit [-] Trojan/W32.Loader.o!crit!submit [-] Trojan/W32.Loader.p!crit!submit [-] Trojan/W32.Obfuscated.g!crit!submit [-] Trojan/W32.ShellLoader.akf!crit!submit [-] TrojanDownloader/Android.Agent.a!crit!submit [-] TrojanDownloader/JAVA.Agent.a!crit!submit [-] TrojanDownloader/PS.Agent.bz!crit!submit [-] TrojanSpy/Android.Banker.c!crit!submit [-] TrojanSpy/Android.Banker.d!crit!submit ```新增: 3 | 移除: 2
``` [+] Software:OS/Gooxion.a#固信终端 [+] Software:OS/SouGouExt.A#搜狗PDF!submit [+] Software:OS/SouGouExt.A#搜狗扩展安装 [-] Software:OS/Gooxion.a#固信终端安全 [-] Software:OS/SouGouExt.A#搜狗扩展安装!submit ```1770639101 - 2026-02-09 12:11:41 UTC
#### 特征项变更 ([pset.txt](data/1770639101.pset.txt))新增正式定义: 38 | 移除正式定义: 1
``` [+] HVM:Trojan/W64.Agent.he [+] HVM:TrojanSpy/W64.Stealer.ad [+] HVM:TrojanSpy/W64.Stealer.ae [+] Ransom/LockScreen.db [+] Ransom/Trigona.b [+] Trojan/Agent.cmb [+] Trojan/Agent.cmd [+] Trojan/BAT.Loader.s [+] Trojan/FakeApp.aed [+] Trojan/FakeApp.aee [+] Trojan/FakeApp.aef [+] Trojan/Injector.cme [+] Trojan/JS.Obfuscated.dp [+] Trojan/Loader.no [+] Trojan/Loader.np [+] Trojan/Loader.nq [+] Trojan/Loader.nr [+] Trojan/Obfuscated.oc [+] Trojan/PS.Obfuscator.d [+] Trojan/Python.Loader.q [+] Trojan/Python.Loader.r [+] Trojan/ShellLoader.aix [+] Trojan/ShellLoader.aiy [+] Trojan/ShellLoader.aiz [+] Trojan/W64.Agent.hd [+] Trojan/W64.Injector.ck [+] TrojanDownloader/BAT.Agent.gh [+] TrojanDownloader/HTML.Agent.bl [+] TrojanDownloader/PS.Agent.fr [+] TrojanDownloader/Python.Agent.bi [+] TrojanDownloader/VBS.Agent.kl [+] TrojanDropper/Agent.alx [+] TrojanDropper/Agent.aly [+] TrojanDropper/JS.Agent.cf [+] TrojanDropper/MSIL.Agent.jz [+] TrojanSpy/Android.Banker.ar [+] TrojanSpy/Android.Banker.as [+] TrojanSpy/W64.Stealer.ad [-] Trojan/JS.Obfuscated.dm ```新增遥测定义: 48 | 移除遥测定义: 39
``` [+] Backdoor/Agent.rh!submit [+] Backdoor/Linux.Marai.b!submit [+] Exploit/Vulndriver!submit [+] HEUR:TrojanSpy/OSX.Stealer.v!submit [+] HVM:Ransom/LockFile.m!submit [+] HVM:TrojanDropper/W64.Agent.cd!submit [+] OMacro/Downloader.bow!submit [+] Trojan/BAT.Loader.t!submit [+] Trojan/BAT.Obfuscated.au!submit [+] Trojan/BAT.Runner.bw!submit [+] Trojan/CoinMiner.lc!submit [+] Trojan/DDoS.af!submit [+] Trojan/FakeApp.aeg!submit [+] Trojan/FakeApp.aeh!submit [+] Trojan/FakeApp.aei!submit [+] Trojan/Injector.cmf!submit [+] Trojan/KillMBR.cp!submit [+] Trojan/KillWin.dm!submit [+] Trojan/Linux.Agent.do!submit [+] Trojan/Linux.Flooder.i!submit [+] Trojan/Linux.Mirai.gy!submit [+] Trojan/Linux.Mirai.gz!submit [+] Trojan/Linux.Mirai.ha!submit [+] Trojan/Linux.Mirai.hb!submit [+] Trojan/Linux.Mirai.hc!submit [+] Trojan/Linux.Mirai.hd!submit [+] Trojan/Loader.ns!submit [+] Trojan/MSIL.Agent.aam!submit [+] Trojan/MSIL.Obfuscated.kq!submit [+] Trojan/MSIL.Obfuscated.kr!submit [+] Trojan/PS.Obfuscated.p!submit [+] Trojan/Python.Loader.s!submit [+] Trojan/Python.ShellLoader.df!submit [+] Trojan/ShellLoader.aja!submit [+] Trojan/Turla.g!submit [+] Trojan/W64.Agent.he!submit [+] Trojan/W64.Agent.hg!submit [+] Trojan/W64.Loader.ap!submit [+] Trojan/W64.Loader.aq!submit [+] TrojanDownloader/BAT.Agent.gi!submit [+] TrojanDownloader/Linux.Agent.ei!submit [+] TrojanDownloader/W64.Agent.cy!submit [+] TrojanDownloader/W64.Agent.cz!submit [+] TrojanDropper/Agent.alz!submit [+] TrojanDropper/Agent.ama!submit [+] TrojanDropper/CoinMiner.i!submit [+] TrojanSpy/MSIL.Stealer.kv!submit [+] TrojanSpy/Stealer.tm!submit [-] HVM:Backdoor/Lotok.cp!submit [-] HVM:Trojan/W64.Agent.he!submit [-] HVM:TrojanSpy/W64.Stealer.ad!submit [-] HVM:TrojanSpy/W64.Stealer.ae!submit [-] Ransom/LockScreen.db!submit [-] Ransom/Trigona.b!submit [-] Trojan/Agent.cmb!submit [-] Trojan/Agent.cmd!submit [-] Trojan/BAT.Loader.s!submit [-] Trojan/FakeApp.aed!submit [-] Trojan/FakeApp.aee!submit [-] Trojan/FakeApp.aef!submit [-] Trojan/Injector.cme!submit [-] Trojan/JS.Obfuscated.dp!submit [-] Trojan/Loader.no!submit [-] Trojan/Loader.np!submit [-] Trojan/Loader.nq!submit [-] Trojan/Loader.nr!submit [-] Trojan/Obfuscated.oc!submit [-] Trojan/PS.Obfuscator.d!submit [-] Trojan/Python.Loader.q!submit [-] Trojan/Python.Loader.r!submit [-] Trojan/ShellLoader.aix!submit [-] Trojan/ShellLoader.aiy!submit [-] Trojan/ShellLoader.aiz!submit [-] Trojan/W64.Agent.hd!submit [-] Trojan/W64.Injector.ck!submit [-] TrojanDownloader/BAT.Agent.gh!submit [-] TrojanDownloader/HTML.Agent.bl!submit [-] TrojanDownloader/PS.Agent.fr!submit [-] TrojanDownloader/Python.Agent.bi!submit [-] TrojanDownloader/VBS.Agent.kl!submit [-] TrojanDropper/Agent.alx!submit [-] TrojanDropper/Agent.aly!submit [-] TrojanDropper/JS.Agent.cf!submit [-] TrojanDropper/MSIL.Agent.jz!submit [-] TrojanSpy/Android.Banker.ar!submit [-] TrojanSpy/Android.Banker.as!submit [-] TrojanSpy/W64.Stealer.ad!submit ```新增正式定义: 17
``` [+] Backdoor/W32.Lotok.ad!crit [+] Backdoor/W32.Lotok.ae!crit [+] Backdoor/W32.Lotok.ag!crit [+] Backdoor/W32.Lotok.ah!crit [+] Exploit/SCR.CVE-2026-21509.b!crit [+] Trojan/.JS.Obfuscated.a!crit [+] Trojan/Linux.Agent.gvi!crit [+] Trojan/MSIL.Obfuscated.ay!crit [+] Trojan/SCR.Runner.d!crit [+] Trojan/SCR.Runner.e!crit [+] Trojan/SCR.ShellCode.p!crit [+] Trojan/W32.FakeApp.m!crit [+] Trojan/W32.Loader.n!crit [+] TrojanDownloader/SCR.Agent.a!crit [+] TrojanDropper/AutoIT.Agent.a!crit [+] TrojanDropper/BAT.Agent.e!crit [+] TrojanDropper/JAVA.Agent.c!crit ```新增遥测定义: 38 | 移除遥测定义: 19
``` [+] Backdoor/Android.ShellLoader.a!crit!submit [+] Backdoor/Android.ShellLoader.b!crit!submit [+] Exploit/Linux.CVE-2025-21756.a!crit!submit [+] Exploit/SCR.CVE-2017-0199.c!crit!submit [+] Trojan/.JS.Obfuscated.b!crit!submit [+] Trojan/JS.Obfuscated.n!crit!submit [+] Trojan/Linux.Agent.gvj!crit!submit [+] Trojan/Linux.Mirai.l!crit!submit [+] Trojan/Linux.Mirai.m!crit!submit [+] Trojan/Linux.Mirai.n!crit!submit [+] Trojan/MSIL.Obfuscated.az!crit!submit [+] Trojan/MSIL.Obfuscated.ba!crit!submit [+] Trojan/MSIL.Obfuscated.bb!crit!submit [+] Trojan/NSIS.Injector.ao!crit!submit [+] Trojan/PS.Loader.f!crit!submit [+] Trojan/PS.Obfuscator.fu!crit!submit [+] Trojan/Python.KillMBR.cp!crit!submit [+] Trojan/Python.KillMBR.cq!crit!submit [+] Trojan/Python.KillMBR.cr!crit!submit [+] Trojan/Python.KillMBR.cs!crit!submit [+] Trojan/SCR.ShellCode.q!crit!submit [+] Trojan/SCR.ShellCode.r!crit!submit [+] Trojan/SCR.ShellCode.s!crit!submit [+] Trojan/SCR.ShellLoader.c!crit!submit [+] Trojan/W32.FakeApp.n!crit!submit [+] Trojan/W32.FakeApp.o!crit!submit [+] Trojan/W32.FakeApp.p!crit!submit [+] Trojan/W32.FakeApp.q!crit!submit [+] Trojan/W32.HiJack.r!crit!submit [+] Trojan/W32.Loader.o!crit!submit [+] Trojan/W32.Loader.p!crit!submit [+] Trojan/W32.Obfuscated.g!crit!submit [+] Trojan/W32.ShellLoader.akf!crit!submit [+] TrojanDownloader/Android.Agent.a!crit!submit [+] TrojanDownloader/JAVA.Agent.a!crit!submit [+] TrojanDownloader/PS.Agent.bz!crit!submit [+] TrojanSpy/Android.Banker.c!crit!submit [+] TrojanSpy/Android.Banker.d!crit!submit [-] Backdoor/W32.Lotok.ad!crit!submit [-] Backdoor/W32.Lotok.ae!crit!submit [-] Backdoor/W32.Lotok.af!crit!submit [-] Backdoor/W32.Lotok.ag!crit!submit [-] Exploit/SCR.CVE-2026-21509.b!crit!submit [-] Trojan/.JS.Obfuscated.a!crit!submit [-] Trojan/Linux.Agent.gvi!crit!submit [-] Trojan/MSIL.Obfuscated.ay!crit!submit [-] Trojan/SCR.Runner.d!crit!submit [-] Trojan/SCR.Runner.e!crit!submit [-] Trojan/SCR.ShellCode.p!crit!submit [-] Trojan/W32.Agent.ah!crit!submit [-] Trojan/W32.FakeApp.m!crit!submit [-] Trojan/W32.Loader.n!crit!submit [-] Trojan/W32.ShellLoader.ake!crit!submit [-] TrojanDownloader/SCR.Agent.a!crit!submit [-] TrojanDropper/AutoIT.Agent.a!crit!submit [-] TrojanDropper/BAT.Agent.e!crit!submit [-] TrojanDropper/JAVA.Agent.c!crit!submit ```新增: 1
``` [+] Software:OS/SouGouExt.A#搜狗扩展安装!submit ```1770545580 - 2026-02-08 10:13:00 UTC
#### 特征项变更 ([pset.txt](data/1770545580.pset.txt))移除遥测定义: 3
``` [-] Backdoor/Lotok.ad!submit [-] HackTool/ProxyTool.f!submit [-] Trojan/Loader.nk!submit ```1770466842 - 2026-02-07 12:20:42 UTC
#### 特征项变更 ([pset.txt](data/1770466842.pset.txt))移除遥测定义: 1
``` [-] Exploit/Vulndriver!submit ```1770375434 - 2026-02-06 10:57:14 UTC
#### 特征项变更 ([pset.txt](data/1770375434.pset.txt))新增正式定义: 91 | 移除正式定义: 7
``` [+] Backdoor/Agent.rg [+] Backdoor/CobaltStrike.on [+] Backdoor/CobaltStrike.or [+] Backdoor/CobaltStrike.os [+] Backdoor/CobaltStrike.ot [+] Backdoor/CobaltStrike.pa [+] Backdoor/Lotok.op [+] HEUR:Backdoor/CobaltStrike.mn [+] HEUR:Joke/Agent.c [+] HEUR:Trojan/PS.Obfuscator.d [+] HVM:Trojan/Agent.cmd [+] HVM:Trojan/ShellLoader.cs [+] HVM:Trojan/W64.Injector.ck [+] HVM:Trojan/W64.Loader.ap [+] HVM:TrojanDropper/W64.Agent.cd [+] HackTool/ConnectWiseControl.i [+] HackTool/Python.Beacon.a [+] HackTool/ShellLoader.f [+] Ransom/FileCoder.em [+] Ransom/FileCoder.en [+] Ransom/LockFile.rp [+] Ransom/W64.LockFile.l [+] Ransom/W64.LockFile.m [+] Trojan/Agent.cly [+] Trojan/Agent.cma [+] Trojan/Agent.cmc [+] Trojan/Android.Agent.cl [+] Trojan/BAT.KillDisk.j [+] Trojan/BAT.Loader.p [+] Trojan/BAT.Loader.q [+] Trojan/BAT.Loader.r [+] Trojan/BAT.Maloader.d [+] Trojan/BAT.Runner.bv [+] Trojan/FakeApp.adz [+] Trojan/FakeApp.aea [+] Trojan/FakeApp.aeb [+] Trojan/FakeApp.aec [+] Trojan/JS.Obfuscated.dn [+] Trojan/KillMBR.co [+] Trojan/Linux.Agent.dk [+] Trojan/Linux.Agent.dl [+] Trojan/Linux.Agent.dm [+] Trojan/Linux.Agent.dn [+] Trojan/Linux.DDos.bn [+] Trojan/Linux.KillFiles.b [+] Trojan/Linux.Mirai.gw [+] Trojan/Linux.Mirai.gx [+] Trojan/Linux.SSHDoor.a [+] Trojan/Loader.nk [+] Trojan/Loader.nl [+] Trojan/Loader.nm [+] Trojan/Loader.nn [+] Trojan/MSIL.Agent.aak [+] Trojan/MSIL.Agent.aal [+] Trojan/MSIL.Injector.qi [+] Trojan/MSIL.Loader.au [+] Trojan/MSIL.Obfuscated.ko [+] Trojan/MSIL.Obfuscated.kp [+] Trojan/PS.Obfuscator.c [+] Trojan/PS.Runner.z [+] Trojan/Python.Loader.p [+] Trojan/ShellLoader.aip [+] Trojan/ShellLoader.aiq [+] Trojan/ShellLoader.air [+] Trojan/ShellLoader.ais [+] Trojan/ShellLoader.ait [+] Trojan/ShellLoader.aiu [+] Trojan/ShellLoader.aiv [+] Trojan/ShellLoader.aiw [+] Trojan/VBS.Agent.en [+] Trojan/VBS.Obfuscator.t [+] Trojan/W64.Agent.gy [+] Trojan/W64.Agent.gz [+] Trojan/W64.Agent.ha [+] Trojan/W64.Agent.hb [+] Trojan/W64.Agent.hc [+] Trojan/W64.Injector.ci [+] Trojan/W64.Injector.cj [+] TrojanDownloader/JS.Netloader.db [+] TrojanDownloader/JS.Netloader.dc [+] TrojanDownloader/MSIL.Agent.ajo [+] TrojanDownloader/PS.Agent.fp [+] TrojanDownloader/PS.Agent.fq [+] TrojanDownloader/W64.Agent.cx [+] TrojanDropper/Agent.alv [+] TrojanDropper/Agent.alw [+] TrojanDropper/Android.Agent.cn [+] TrojanDropper/MSIL.Agent.jy [+] TrojanSpy/MSIL.Stealer.ku [+] TrojanSpy/Stealer.tl [+] TrojanSpy/W64.Stealer.ac [-] Backdoor/Cobaltstrike.ki [-] Backdoor/Cobaltstrike.on [-] Backdoor/Cobaltstrike.or [-] Backdoor/Cobaltstrike.os [-] Backdoor/Cobaltstrike.ot [-] Exploit/Vulndriver.v [-] HEUR:Backdoor/Cobaltstrike.mn ```新增遥测定义: 42 | 移除遥测定义: 49
``` [+] Backdoor/XWorm.e!submit [+] Exploit/Vulndriver!submit [+] HVM:Backdoor/Lotok.cp!submit [+] HVM:Trojan/W64.Agent.he!submit [+] HVM:TrojanSpy/W64.Stealer.ad!submit [+] HVM:TrojanSpy/W64.Stealer.ae!submit [+] Ransom/LockScreen.db!submit [+] Ransom/Trigona.b!submit [+] Trojan/Agent.cmb!submit [+] Trojan/Agent.cmd!submit [+] Trojan/BAT.Loader.s!submit [+] Trojan/FakeApp.aed!submit [+] Trojan/FakeApp.aee!submit [+] Trojan/FakeApp.aef!submit [+] Trojan/Injector.cme!submit [+] Trojan/JS.Obfuscated.dp!submit [+] Trojan/Loader.nk!submit [+] Trojan/Loader.no!submit [+] Trojan/Loader.np!submit [+] Trojan/Loader.nq!submit [+] Trojan/Loader.nr!submit [+] Trojan/Obfuscated.oc!submit [+] Trojan/PS.Obfuscator.d!submit [+] Trojan/Python.Loader.q!submit [+] Trojan/Python.Loader.r!submit [+] Trojan/ShellLoader.aix!submit [+] Trojan/ShellLoader.aiy!submit [+] Trojan/ShellLoader.aiz!submit [+] Trojan/W64.Agent.hd!submit [+] Trojan/W64.Injector.ck!submit [+] TrojanDownloader/BAT.Agent.gh!submit [+] TrojanDownloader/HTML.Agent.bl!submit [+] TrojanDownloader/PS.Agent.fr!submit [+] TrojanDownloader/Python.Agent.bi!submit [+] TrojanDownloader/VBS.Agent.kl!submit [+] TrojanDropper/Agent.alx!submit [+] TrojanDropper/Agent.aly!submit [+] TrojanDropper/JS.Agent.cf!submit [+] TrojanDropper/MSIL.Agent.jz!submit [+] TrojanSpy/Android.Banker.ar!submit [+] TrojanSpy/Android.Banker.as!submit [+] TrojanSpy/W64.Stealer.ad!submit [-] Adware/TaoBao.a!submit [-] Backdoor/Agent.rg!submit [-] HEUR:Joke/Agent.c!submit [-] HVM:Trojan/W64.Loader.ap!submit [-] HVM:TrojanDropper/W64.Agent.cd!submit [-] HackTool/ConnectWiseControl.i!submit [-] HackTool/ShellLoader.f!submit [-] Ransom/FileCoder.em!submit [-] Ransom/FileCoder.en!submit [-] Trojan/Agent.cly!submit [-] Trojan/Agent.cma!submit [-] Trojan/BAT.Loader.p!submit [-] Trojan/BAT.Loader.q!submit [-] Trojan/BAT.Maloader.d!submit [-] Trojan/BAT.Runner.bv!submit [-] Trojan/JS.Obfuscated.dn!submit [-] Trojan/Linux.Agent.dk!submit [-] Trojan/Linux.Agent.dl!submit [-] Trojan/Linux.Agent.dm!submit [-] Trojan/Linux.DDos.bn!submit [-] Trojan/Linux.KillFiles.b!submit [-] Trojan/Linux.Mirai.gw!submit [-] Trojan/Linux.SSHDoor.a!submit [-] Trojan/MSIL.Agent.aak!submit [-] Trojan/MSIL.Injector.qi!submit [-] Trojan/MSIL.Loader.au!submit [-] Trojan/MSIL.Obfuscated.kn!submit [-] Trojan/MSIL.Obfuscated.ko!submit [-] Trojan/Python.Loader.p!submit [-] Trojan/ShellLoader.aip!submit [-] Trojan/ShellLoader.aiq!submit [-] Trojan/ShellLoader.air!submit [-] Trojan/ShellLoader.ais!submit [-] Trojan/ShellLoader.ait!submit [-] Trojan/VBS.Agent.en!submit [-] Trojan/VBS.Obfuscator.t!submit [-] Trojan/W64.Agent.gy!submit [-] Trojan/W64.Agent.gz!submit [-] Trojan/W64.Agent.ha!submit [-] Trojan/W64.Agent.hb!submit [-] Trojan/W64.Injector.ci!submit [-] TrojanDownloader/JS.Netloader.db!submit [-] TrojanDownloader/JS.Netloader.dc!submit [-] TrojanDownloader/MSIL.Agent.ajo!submit [-] TrojanDownloader/PS.Agent.fp!submit [-] TrojanDownloader/W64.Agent.cx!submit [-] TrojanDropper/Agent.alv!submit [-] TrojanDropper/Agent.alw!submit [-] TrojanSpy/Stealer.tl!submit ```新增正式定义: 32
``` [+] Exploit/SCR.CVE-2026-21509.a!crit [+] Exploit/W32.Vulndriver.d!crit [+] Rootkit/W32.Efchkmd.a!crit [+] Trojan/BAT.Obfuscated.arh!crit [+] Trojan/BAT.Obfuscated.ari!crit [+] Trojan/BAT.Runner.b!crit [+] Trojan/Linux.Agent.gvh!crit [+] Trojan/Linux.Mirai.k!crit [+] Trojan/MSIL.Obfuscated.aw!crit [+] Trojan/MSIL.Obfuscated.ax!crit [+] Trojan/SCR.Runner.c!crit [+] Trojan/SCR.ShellCode.n!crit [+] Trojan/SCR.ShellCode.o!crit [+] Trojan/W32.Agent.cuge!crit [+] Trojan/W32.Loader.l!crit [+] Trojan/W32.Loader.m!crit [+] Trojan/W32.Obfuscated.od!crit [+] Trojan/W32.Obfuscated.oe!crit [+] Trojan/W32.Obfuscated.of!crit [+] Trojan/W64.Agent.gy!crit [+] Trojan/W64.Agent.k!crit [+] Trojan/W64.Obfuscated.oc!crit [+] TrojanDownloader/BAT.Agent.j!crit [+] TrojanDownloader/BAT.Agent.k!crit [+] TrojanDownloader/Linux.Agent.n!crit [+] TrojanDownloader/Linux.Agent.o!crit [+] TrojanDownloader/OSX.Agent.f!crit [+] TrojanDownloader/PS.Agent.bx!crit [+] TrojanDownloader/PS.Agent.by!crit [+] TrojanDownloader/Python.Agent.c!crit [+] TrojanDownloader/SCR.Agent.aa!crit [+] TrojanDropper/BAT.Agent.d!crit ```新增遥测定义: 20 | 移除遥测定义: 23
``` [+] Backdoor/W32.Lotok.ad!crit!submit [+] Backdoor/W32.Lotok.ae!crit!submit [+] Backdoor/W32.Lotok.af!crit!submit [+] Backdoor/W32.Lotok.ag!crit!submit [+] Backdoor/W32.Lotok.ah!crit!submit [+] Exploit/SCR.CVE-2026-21509.b!crit!submit [+] Trojan/.JS.Obfuscated.a!crit!submit [+] Trojan/Linux.Agent.gvi!crit!submit [+] Trojan/MSIL.Obfuscated.ay!crit!submit [+] Trojan/SCR.Runner.d!crit!submit [+] Trojan/SCR.Runner.e!crit!submit [+] Trojan/SCR.ShellCode.p!crit!submit [+] Trojan/W32.FakeApp.m!crit!submit [+] Trojan/W32.Loader.n!crit!submit [+] TrojanDownloader/Linux.Agent.aa!crit!submit [+] TrojanDownloader/Linux.Agent.ab!crit!submit [+] TrojanDownloader/SCR.Agent.a!crit!submit [+] TrojanDropper/AutoIT.Agent.a!crit!submit [+] TrojanDropper/BAT.Agent.e!crit!submit [+] TrojanDropper/JAVA.Agent.c!crit!submit [-] Exploit/SCR.CVE-2026-21509.a!crit!submit [-] Exploit/W32.Vulndriver.d!crit!submit [-] Trojan/BAT.Runner.b!crit!submit [-] Trojan/MSIL.Obfuscated.aw!crit!submit [-] Trojan/MSIL.Obfuscated.ax!crit!submit [-] Trojan/SCR.Runner.c!crit!submit [-] Trojan/SCR.ShellCode.n!crit!submit [-] Trojan/SCR.ShellCode.o!crit!submit [-] Trojan/W32.Agent.ag!crit!submit [-] Trojan/W32.Loader.l!crit!submit [-] Trojan/W32.Obfuscated.od!crit!submit [-] Trojan/W32.Obfuscated.oe!crit!submit [-] Trojan/W32.Obfuscated.of!crit!submit [-] Trojan/W32.ShellLoader.akd!crit!submit [-] Trojan/W64.Agent.gy!crit!submit [-] Trojan/W64.Agent.k!crit!submit [-] Trojan/W64.Obfuscated.oc!crit!submit [-] TrojanDownloader/BAT.Agent.j!crit!submit [-] TrojanDownloader/Linux.Agent.n!crit!submit [-] TrojanDownloader/PS.Agent.bx!crit!submit [-] TrojanDownloader/PS.Agent.by!crit!submit [-] TrojanDownloader/SCR.Agent.aa!crit!submit [-] TrojanDropper/BAT.Agent.d!crit!submit ```移除: 4
``` [-] Software:OS/Quark.A#夸克!submit [-] TrojanDropper/MalSetup.OCA!submit [-] TrojanDropper/MalSetup.OCB!submit [-] TrojanDropper/MalSetup.OCC!submit ```1770205303 - 2026-02-04 11:41:43 UTC
#### 特征项变更 ([pset.txt](data/1770205303.pset.txt))新增正式定义: 35
``` [+] Backdoor/Agent.rf [+] Exploit/Vulndriver.v [+] HEUR:TrojanDownloader/Linux.Agent.eh [+] HVM:Trojan/W64.Injector.ci [+] HVM:TrojanDownloader/Agent.bmd [+] HackTool/Python.StealerBuilder.a [+] HackTool/W64.ProcessHacker.b [+] Trojan/Agent.clz [+] Trojan/BAT.Obfuscated.as [+] Trojan/BAT.Obfuscated.at [+] Trojan/FakeApp.adw [+] Trojan/FakeApp.adx [+] Trojan/FakeApp.ady [+] Trojan/JS.Obfuscated.dm [+] Trojan/JS.Rescoms.a [+] Trojan/Linux.Coinminer.dz [+] Trojan/Linux.DDos.bm [+] Trojan/Linux.Mirai.gp [+] Trojan/PS.Loader.t [+] Trojan/PS.Loader.u [+] Trojan/W64.Rozena.q [+] TrojanDownloader/Agent.bmd [+] TrojanDownloader/BAT.Agent.gf [+] TrojanDownloader/BAT.Agent.gg [+] TrojanDownloader/LNK.Agent.hf [+] TrojanDownloader/Linux.Agent.ef [+] TrojanDownloader/Linux.Agent.eg [+] TrojanDownloader/MSIL.Agent.ajn [+] TrojanDownloader/NSIS.Agent.a [+] TrojanDownloader/PS.Agent.fo [+] TrojanDownloader/Python.Agent.bh [+] TrojanDownloader/VBS.Agent.kk [+] TrojanDownloader/W64.Agent.cw [+] TrojanDownloader/linux.Agent.ef [+] TrojanDownloader/linux.Agent.eh ```新增遥测定义: 41 | 移除遥测定义: 39
``` [+] Backdoor/Agent.rg!submit [+] HVM:Trojan/W64.Loader.ap!submit [+] HVM:TrojanDropper/W64.Agent.cd!submit [+] HackTool/ShellLoader.f!submit [+] Ransom/FileCoder.em!submit [+] Ransom/FileCoder.en!submit [+] Trojan/Agent.cma!submit [+] Trojan/BAT.Loader.p!submit [+] Trojan/BAT.Loader.q!submit [+] Trojan/BAT.Maloader.d!submit [+] Trojan/BAT.Runner.bv!submit [+] Trojan/JS.Obfuscated.dn!submit [+] Trojan/Linux.DDos.bn!submit [+] Trojan/Linux.Mirai.gw!submit [+] Trojan/Linux.SSHDoor.a!submit [+] Trojan/MSIL.Agent.aak!submit [+] Trojan/MSIL.Injector.qi!submit [+] Trojan/MSIL.Loader.au!submit [+] Trojan/MSIL.Obfuscated.ko!submit [+] Trojan/Python.Loader.p!submit [+] Trojan/ShellLoader.aio!submit [+] Trojan/ShellLoader.aip!submit [+] Trojan/ShellLoader.aiq!submit [+] Trojan/ShellLoader.air!submit [+] Trojan/ShellLoader.ais!submit [+] Trojan/ShellLoader.ait!submit [+] Trojan/VBS.Agent.en!submit [+] Trojan/VBS.Obfuscator.t!submit [+] Trojan/W64.Agent.gy!submit [+] Trojan/W64.Agent.gz!submit [+] Trojan/W64.Agent.ha!submit [+] Trojan/W64.Agent.hb!submit [+] Trojan/W64.Injector.ci!submit [+] TrojanDownloader/JS.Netloader.db!submit [+] TrojanDownloader/JS.Netloader.dc!submit [+] TrojanDownloader/MSIL.Agent.ajo!submit [+] TrojanDownloader/PS.Agent.fp!submit [+] TrojanDownloader/W64.Agent.cx!submit [+] TrojanDropper/Agent.alv!submit [+] TrojanDropper/Agent.alw!submit [+] TrojanSpy/Stealer.tl!submit [-] Backdoor/Agent.rf!submit [-] Backdoor/Lotok.on!submit [-] Exploit/Vulndriver!submit [-] Exploit/Vulndriver.v!submit [-] HEUR:TrojanDownloader/Linux.Agent.eh!submit [-] HVM:Backdoor/Lotok.cp!submit [-] HVM:Trojan/W64.Injector.ci!submit [-] HVM:TrojanDownloader/Agent.bmd!submit [-] HackTool/Python.StealerBuilder.a!submit [-] HackTool/W64.ProcessHacker.b!submit [-] Trojan/Agent.clz!submit [-] Trojan/BAT.Obfuscated.as!submit [-] Trojan/BAT.Obfuscated.at!submit [-] Trojan/FakeApp.ads!submit [-] Trojan/FakeApp.adw!submit [-] Trojan/FakeApp.adx!submit [-] Trojan/FakeApp.ady!submit [-] Trojan/JS.Obfuscated.dm!submit [-] Trojan/JS.Rescoms.a!submit [-] Trojan/Linux.Coinminer.dz!submit [-] Trojan/Linux.DDos.bm!submit [-] Trojan/Linux.Mirai.gp!submit [-] Trojan/PS.Loader.t!submit [-] Trojan/PS.Loader.u!submit [-] Trojan/W64.Rozena.q!submit [-] TrojanDownloader/Agent.bmd!submit [-] TrojanDownloader/BAT.Agent.gf!submit [-] TrojanDownloader/BAT.Agent.gg!submit [-] TrojanDownloader/LNK.Agent.hf!submit [-] TrojanDownloader/Linux.Agent.ef!submit [-] TrojanDownloader/Linux.Agent.eg!submit [-] TrojanDownloader/MSIL.Agent.ajn!submit [-] TrojanDownloader/NSIS.Agent.a!submit [-] TrojanDownloader/PS.Agent.fo!submit [-] TrojanDownloader/Python.Agent.bh!submit [-] TrojanDownloader/VBS.Agent.kk!submit [-] TrojanDownloader/W64.Agent.cw!submit [-] TrojanDownloader/linux.Agent.ef!submit [-] TrojanDownloader/linux.Agent.eh!submit ```新增正式定义: 19
``` [+] Backdoor/Linux.Gafgyt.a!crit [+] HackTool/Linux.ExploitScan.a!crit [+] Trojan/HTML.Redirector.b!crit [+] Trojan/MSIL.Injector.n!crit [+] Trojan/MSIL.Obfuscated.av!crit [+] Trojan/Python.ShellLoader.a!crit [+] Trojan/VBS.Loader.a!crit [+] Trojan/W32.Loader.k!crit [+] Trojan/W32.ShellLoader.ake!crit [+] Trojan/W64.Loader.c!crit [+] TrojanDownloader/BAT.Agent.i!crit [+] TrojanDownloader/HTML.Agent.i!crit [+] TrojanDownloader/HTML.Agent.j!crit [+] TrojanDownloader/Linux.Agent.l!crit [+] TrojanDownloader/Linux.Agent.m!crit [+] TrojanDownloader/OSX.Agent.e!crit [+] TrojanDropper/PS.Agent.ae!crit [+] TrojanSpy/Python.Stealer.b!crit [+] TrojanSpy/W64.Stealer.ab!crit ```新增遥测定义: 20 | 移除遥测定义: 21
``` [+] Exploit/SCR.CVE-2026-21509.a!crit!submit [+] Trojan/BAT.Runner.b!crit!submit [+] Trojan/Linux.Mirai.aa!crit!submit [+] Trojan/Linux.Mirai.ab!crit!submit [+] Trojan/MSIL.Obfuscated.aw!crit!submit [+] Trojan/MSIL.Obfuscated.ax!crit!submit [+] Trojan/SCR.Runner.c!crit!submit [+] Trojan/SCR.ShellCode.n!crit!submit [+] Trojan/SCR.ShellCode.o!crit!submit [+] Trojan/W32.Agent.ag!crit!submit [+] Trojan/W32.Agent.ah!crit!submit [+] Trojan/W32.Loader.l!crit!submit [+] Trojan/W32.ShellLoader.akd!crit!submit [+] Trojan/W64.Agent.k!crit!submit [+] TrojanDownloader/BAT.Agent.j!crit!submit [+] TrojanDownloader/Linux.Agent.n!crit!submit [+] TrojanDownloader/PS.Agent.bx!crit!submit [+] TrojanDownloader/PS.Agent.by!crit!submit [+] TrojanDownloader/SCR.Agent.aa!crit!submit [+] TrojanDropper/BAT.Agent.d!crit!submit [-] Backdoor/Linux.Gafgyt.a!crit!submit [-] HackTool/Linux.ExploitScan.a!crit!submit [-] Trojan/HTML.Redirector.b!crit!submit [-] Trojan/MSIL.Injector.n!crit!submit [-] Trojan/MSIL.Obfuscated.av!crit!submit [-] Trojan/Python.ShellLoader.a!crit!submit [-] Trojan/VBS.Loader.a!crit!submit [-] Trojan/W32.Agent.af!crit!submit [-] Trojan/W32.Loader.k!crit!submit [-] Trojan/W64.Loader.c!crit!submit [-] TrojanDownloader/BAT.Agent.i!crit!submit [-] TrojanDownloader/HTML.Agent.i!crit!submit [-] TrojanDownloader/HTML.Agent.j!crit!submit [-] TrojanDownloader/Linux.Agent.l!crit!submit [-] TrojanDownloader/Linux.Agent.m!crit!submit [-] TrojanDownloader/OSX.Agent.e!crit!submit [-] TrojanDownloader/PS.Agent.bx!submit [-] TrojanDownloader/PS.Agent.by!submit [-] TrojanDropper/PS.Agent.ae!crit!submit [-] TrojanSpy/Python.Stealer.b!crit!submit [-] TrojanSpy/W64.Stealer.ab!crit!submit ```新增: 2 | 移除: 1
``` [+] TrojanDropper/MalSetup.OCE!submit [+] TrojanDropper/MalSetup.Q [-] TrojanDropper/MalSetup.OCD!submit ```1770117088 - 2026-02-03 11:11:28 UTC
#### 特征项变更 ([pset.txt](data/1770117088.pset.txt))新增正式定义: 46
``` [+] Backdoor/Linux.Agent.ap [+] Backdoor/Linux.Gafgyt.cc [+] Backdoor/W64.Agent.o [+] Exploit/Vulndriver.u [+] HEUR:TrojanSpy/OSX.Amos.g [+] HVM:Backdoor/Lotok.cp [+] HVM:TrojanDropper/Agent.aj [+] HackTool/ProxyTool.j [+] Ransom/Filecoder.ek [+] Ransom/Filecoder.el [+] Trojan/Agent.clw [+] Trojan/Agent.clx [+] Trojan/BAT.Loader.o [+] Trojan/FakeApp.adr [+] Trojan/FakeApp.ads [+] Trojan/FakeApp.adt [+] Trojan/FakeApp.adu [+] Trojan/FakeApp.adv [+] Trojan/Hijack.ym [+] Trojan/Injector.clz [+] Trojan/Injector.cmd [+] Trojan/KillAV.de [+] Trojan/KillFiles.bg [+] Trojan/KillMBR.cn [+] Trojan/KillWin.dl [+] Trojan/Linux.Gafgyt.s [+] Trojan/MSIL.Obfuscated.kn [+] Trojan/Obfuscated.ob [+] Trojan/Python.Agent.bw [+] Trojan/ShellLoader.aim [+] Trojan/ShellLoader.ain [+] Trojan/VBS.Obfuscator.r [+] Trojan/VBS.Obfuscator.s [+] Trojan/W64.Agent.gs [+] Trojan/W64.Agent.gw [+] Trojan/W64.Agent.gx [+] Trojan/W64.Loader.ao [+] TrojanDownloader/PS.Agent.fn [+] TrojanDownloader/W64.Agent.cu [+] TrojanDownloader/W64.Agent.cv [+] TrojanDropper/Agent.alr [+] TrojanDropper/Agent.als [+] TrojanDropper/Agent.alt [+] TrojanDropper/Agent.alu [+] TrojanDropper/Maloader.o [+] TrojanSpy/OSX.Stealer.u ```新增遥测定义: 39 | 移除遥测定义: 44
``` [+] Backdoor/Agent.rf!submit [+] Backdoor/Lotok.on!submit [+] Exploit/Vulndriver.v!submit [+] HEUR:Joke/Agent.c!submit [+] HEUR:TrojanDownloader/Linux.Agent.eh!submit [+] HVM:Trojan/W64.Injector.ci!submit [+] HVM:TrojanDownloader/Agent.bmd!submit [+] HackTool/Python.StealerBuilder.a!submit [+] Ransom/MSIL.LockFile.du!submit [+] Trojan/Agent.clz!submit [+] Trojan/BAT.Obfuscated.as!submit [+] Trojan/BAT.Obfuscated.at!submit [+] Trojan/FakeApp.adw!submit [+] Trojan/FakeApp.adx!submit [+] Trojan/FakeApp.ady!submit [+] Trojan/JS.Obfuscated.dm!submit [+] Trojan/JS.Rescoms.a!submit [+] Trojan/Linux.Agent.dk!submit [+] Trojan/Linux.Agent.dl!submit [+] Trojan/Linux.Agent.dm!submit [+] Trojan/Linux.Coinminer.dz!submit [+] Trojan/Linux.DDos.bm!submit [+] Trojan/PS.Loader.t!submit [+] Trojan/PS.Loader.u!submit [+] Trojan/W64.Rozena.q!submit [+] TrojanDownloader/Agent.bmd!submit [+] TrojanDownloader/BAT.Agent.gf!submit [+] TrojanDownloader/BAT.Agent.gg!submit [+] TrojanDownloader/LNK.Agent.hf!submit [+] TrojanDownloader/Linux.Agent.ef!submit [+] TrojanDownloader/Linux.Agent.eg!submit [+] TrojanDownloader/MSIL.Agent.ajn!submit [+] TrojanDownloader/NSIS.Agent.a!submit [+] TrojanDownloader/PS.Agent.fo!submit [+] TrojanDownloader/Python.Agent.bh!submit [+] TrojanDownloader/VBS.Agent.kk!submit [+] TrojanDownloader/W64.Agent.cw!submit [+] TrojanDownloader/linux.Agent.ef!submit [+] TrojanDownloader/linux.Agent.eh!submit [-] Backdoor/Linux.Agent.ap!submit [-] Backdoor/Linux.Gafgyt.cc!submit [-] Backdoor/W64.Agent.o!submit [-] Exploit/Vulndriver.u!submit [-] HEUR:TrojanSpy/OSX.Amos.g!submit [-] HVM:TrojanDropper/Agent.aj!submit [-] HackTool/ProxyTool.j!submit [-] Ransom/Filecoder.ek!submit [-] Ransom/Filecoder.el!submit [-] Trojan/Agent.clw!submit [-] Trojan/Agent.clx!submit [-] Trojan/BAT.Loader.o!submit [-] Trojan/FakeApp.adr!submit [-] Trojan/FakeApp.adt!submit [-] Trojan/FakeApp.adu!submit [-] Trojan/FakeApp.adv!submit [-] Trojan/Hijack.ym!submit [-] Trojan/Injector.clz!submit [-] Trojan/Injector.cmd!submit [-] Trojan/KillAV.de!submit [-] Trojan/KillFiles.bg!submit [-] Trojan/KillMBR.cn!submit [-] Trojan/KillWin.dl!submit [-] Trojan/Linux.Gafgyt.s!submit [-] Trojan/Obfuscated.ob!submit [-] Trojan/PS.Runner.v!submit [-] Trojan/Python.Agent.bw!submit [-] Trojan/ShellLoader.aim!submit [-] Trojan/ShellLoader.ain!submit [-] Trojan/VBS.Obfuscator.r!submit [-] Trojan/VBS.Obfuscator.s!submit [-] Trojan/W64.Agent.gs!submit [-] Trojan/W64.Agent.gw!submit [-] Trojan/W64.Agent.gx!submit [-] Trojan/W64.Loader.ao!submit [-] TrojanDownloader/PS.Agent.fn!submit [-] TrojanDownloader/W64.Agent.cu!submit [-] TrojanDownloader/W64.Agent.cv!submit [-] TrojanDropper/Agent.alr!submit [-] TrojanDropper/Agent.als!submit [-] TrojanDropper/Agent.alt!submit [-] TrojanDropper/Agent.alu!submit [-] TrojanDropper/Maloader.o!submit [-] TrojanSpy/OSX.Stealer.u!submit ```新增正式定义: 15
``` [+] Backdoor/Linux.Mirai.e!crit [+] Trojan/MSIL.Injector.m!crit [+] Trojan/MSIL.Obfuscated.au!crit [+] Trojan/W32.Agent.cugd!crit [+] Trojan/W32.FakeApp.k!crit [+] Trojan/W32.FakeApp.l!crit [+] Trojan/W32.KillFiles.b!crit [+] Trojan/W32.ShellLoader.akc!crit [+] Trojan/W32.ShellLoader.akd!crit [+] Trojan/W64.DLLHijack.a!crit [+] Trojan/W64.DLLHijack.b!crit [+] Trojan/W64.Rozena.q!crit [+] TrojanDownloader/HTML.Agent.h!crit [+] TrojanDownloader/OSX.Agent.d!crit [+] TrojanSpy/OSX.Stealer.a!crit ```新增遥测定义: 27 | 移除遥测定义: 14
``` [+] Backdoor/Linux.Gafgyt.a!crit!submit [+] HackTool/Linux.ExploitScan.a!crit!submit [+] Trojan/HTML.Redirector.b!crit!submit [+] Trojan/MSIL.Injector.n!crit!submit [+] Trojan/MSIL.Obfuscated.av!crit!submit [+] Trojan/Python.ShellLoader.a!crit!submit [+] Trojan/VBS.Loader.a!crit!submit [+] Trojan/W32.Agent.af!crit!submit [+] Trojan/W32.Loader.k!crit!submit [+] Trojan/W32.Obfuscated.od!crit!submit [+] Trojan/W32.Obfuscated.oe!crit!submit [+] Trojan/W32.Obfuscated.of!crit!submit [+] Trojan/W32.ShellLoader.ake!crit!submit [+] Trojan/W64.Agent.gy!crit!submit [+] Trojan/W64.Loader.c!crit!submit [+] Trojan/W64.Obfuscated.oc!crit!submit [+] TrojanDownloader/BAT.Agent.i!crit!submit [+] TrojanDownloader/HTML.Agent.i!crit!submit [+] TrojanDownloader/HTML.Agent.j!crit!submit [+] TrojanDownloader/Linux.Agent.l!crit!submit [+] TrojanDownloader/Linux.Agent.m!crit!submit [+] TrojanDownloader/OSX.Agent.e!crit!submit [+] TrojanDownloader/PS.Agent.bx!submit [+] TrojanDownloader/PS.Agent.by!submit [+] TrojanDropper/PS.Agent.ae!crit!submit [+] TrojanSpy/Python.Stealer.b!crit!submit [+] TrojanSpy/W64.Stealer.ab!crit!submit [-] Backdoor/Linux.Mirai.e!crit!submit [-] Trojan/MSIL.Injector.m!crit!submit [-] Trojan/MSIL.Obfuscated.au!crit!submit [-] Trojan/W32.Agent.cugd!crit!submit [-] Trojan/W32.FakeApp.k!crit!submit [-] Trojan/W32.KillFiles.b!crit!submit [-] Trojan/W32.ShellLoader.akc!crit!submit [-] Trojan/W32.ShellLoader.akd!crit!submit [-] Trojan/W64.DLLHijack.a!crit!submit [-] Trojan/W64.DLLHijack.b!crit!submit [-] Trojan/W64.Rozena.q!submit [-] TrojanDownloader/HTML.Agent.h!crit!submit [-] TrojanDownloader/OSX.Agent.d!crit!submit [-] TrojanSpy/OSX.Stealer.a!crit!submit ```新增: 3 | 移除: 1
``` [+] Software:OS/ComputerZ.AA#鲁大师推广 [+] Software:OS/Quark.A#夸克!submit [+] TrojanDropper/MalSetup.OCD!submit [-] Software:OS/ComputerZ.AA#鲁大师推广!submit ```1770031687 - 2026-02-02 11:28:07 UTC
#### 特征项变更 ([pset.txt](data/1770031687.pset.txt))新增正式定义: 37
``` [+] Backdoor/JAVA.Agent.a [+] Backdoor/Linux.Gafgyt.cb [+] Backdoor/Lotok.oo [+] Backdoor/PHP.WebShell.gq [+] HEUR:Trojan/BAT.Runner.bv [+] HVM:Backdoor/Lotok.co [+] HVM:Trojan/ShellLoader.cr [+] HVM:TrojanDownloader/W64.Agent.cu [+] Trojan/Agent.clv [+] Trojan/Autoit.Agent.u [+] Trojan/DLLHijack.ag [+] Trojan/DLLhijack.ae [+] Trojan/FakeApp.adn [+] Trojan/FakeApp.ado [+] Trojan/FakeApp.adp [+] Trojan/FakeApp.adq [+] Trojan/Injector.cmb [+] Trojan/Injector.cmc [+] Trojan/LUA.Agent.h [+] Trojan/Linux.Agent.dj [+] Trojan/Linux.Mirai.gv [+] Trojan/Loader.nj [+] Trojan/MSIL.Obfuscated.km [+] Trojan/PS.Runner.w [+] Trojan/PS.Runner.x [+] Trojan/PS.Runner.y [+] Trojan/Python.ShellLoader.de [+] Trojan/ShellLoader.aik [+] Trojan/ShellLoader.ail [+] Trojan/W64.Agent.gv [+] TrojanDownloader/BAT.Maloader.p [+] TrojanDownloader/HTML.Agent.bk [+] TrojanDownloader/LNK.Agent.he [+] TrojanDownloader/Python.Agent.l [+] TrojanDropper/BAT.Agent.bq [+] TrojanDropper/W64.Agent.cc [+] TrojanSpy/MSIL.Formbook.bj ```新增遥测定义: 46 | 移除遥测定义: 38
``` [+] Adware/TaoBao.a!submit [+] Backdoor/Linux.Agent.ap!submit [+] Backdoor/Linux.Gafgyt.cc!submit [+] Backdoor/W64.Agent.o!submit [+] Exploit/Vulndriver!submit [+] Exploit/Vulndriver.u!submit [+] HVM:Backdoor/Lotok.cp!submit [+] HVM:TrojanDropper/Agent.aj!submit [+] HackTool/ProxyTool.j!submit [+] Ransom/Filecoder.ek!submit [+] Ransom/Filecoder.el!submit [+] Trojan/Agent.clw!submit [+] Trojan/Agent.clx!submit [+] Trojan/Agent.cly!submit [+] Trojan/BAT.Loader.o!submit [+] Trojan/FakeApp.adr!submit [+] Trojan/FakeApp.ads!submit [+] Trojan/FakeApp.adt!submit [+] Trojan/FakeApp.adu!submit [+] Trojan/FakeApp.adv!submit [+] Trojan/Hijack.ym!submit [+] Trojan/Injector.cmd!submit [+] Trojan/KillAV.de!submit [+] Trojan/KillFiles.bg!submit [+] Trojan/KillMBR.cn!submit [+] Trojan/KillWin.dl!submit [+] Trojan/Linux.Gafgyt.s!submit [+] Trojan/MSIL.Obfuscated.kn!submit [+] Trojan/Obfuscated.ob!submit [+] Trojan/Python.Agent.bw!submit [+] Trojan/ShellLoader.aim!submit [+] Trojan/ShellLoader.ain!submit [+] Trojan/VBS.Obfuscator.r!submit [+] Trojan/VBS.Obfuscator.s!submit [+] Trojan/W64.Agent.gw!submit [+] Trojan/W64.Agent.gx!submit [+] Trojan/W64.Loader.ao!submit [+] TrojanDownloader/PS.Agent.fn!submit [+] TrojanDownloader/W64.Agent.cu!submit [+] TrojanDownloader/W64.Agent.cv!submit [+] TrojanDropper/Agent.alr!submit [+] TrojanDropper/Agent.als!submit [+] TrojanDropper/Agent.alt!submit [+] TrojanDropper/Agent.alu!submit [+] TrojanDropper/Maloader.o!submit [+] TrojanSpy/OSX.Stealer.u!submit [-] Backdoor/JAVA.Agent.a!submit [-] Backdoor/Linux.Gafgyt.cb!submit [-] Backdoor/Lotok.oo!submit [-] Backdoor/PHP.WebShell.gq!submit [-] HEUR:Trojan/BAT.Runner.bv!submit [-] HVM:Backdoor/Lotok.co!submit [-] HVM:Trojan/ShellLoader.cr!submit [-] HVM:TrojanDownloader/W64.Agent.cu!submit [-] Trojan/Agent.clv!submit [-] Trojan/Autoit.Agent.u!submit [-] Trojan/DLLHijack.ag!submit [-] Trojan/DLLhijack.ae!submit [-] Trojan/FakeApp.adn!submit [-] Trojan/FakeApp.ado!submit [-] Trojan/FakeApp.adp!submit [-] Trojan/FakeApp.adq!submit [-] Trojan/Injector.cmb!submit [-] Trojan/Injector.cmc!submit [-] Trojan/LUA.Agent.h!submit [-] Trojan/Linux.Agent.dj!submit [-] Trojan/Linux.Mirai.gv!submit [-] Trojan/Loader.nj!submit [-] Trojan/MSIL.Obfuscated.km!submit [-] Trojan/PS.Runner.w!submit [-] Trojan/PS.Runner.x!submit [-] Trojan/PS.Runner.y!submit [-] Trojan/Python.ShellLoader.de!submit [-] Trojan/ShellLoader.aif!submit [-] Trojan/ShellLoader.aik!submit [-] Trojan/ShellLoader.ail!submit [-] Trojan/W64.Agent.gv!submit [-] TrojanDownloader/BAT.Maloader.p!submit [-] TrojanDownloader/HTML.Agent.bk!submit [-] TrojanDownloader/LNK.Agent.he!submit [-] TrojanDownloader/Python.Agent.l!submit [-] TrojanDropper/BAT.Agent.bq!submit [-] TrojanDropper/W64.Agent.cc!submit [-] TrojanSpy/MSIL.Formbook.bj!submit ```新增正式定义: 16
``` [+] Backdoor/W32.Lotok.nn!crit [+] Trojan/Linux.Gafgyt.a!crit [+] Trojan/Linux.Mirai.i!crit [+] Trojan/Linux.Mirai.j!crit [+] Trojan/MSIL.Obfuscated.at!crit [+] Trojan/W32.Injector.clk!crit [+] Trojan/W32.Injector.cll!crit [+] Trojan/W32.Injector.clm!crit [+] Trojan/W32.ShellLoader.aka!crit [+] Trojan/W32.ShellLoader.akb!crit [+] Trojan/W64.KillMBR.b!crit [+] TrojanDownloader/LNK.Agent.h!crit [+] TrojanDownloader/PS.Agent.bw!crit [+] TrojanDropper/W32.Agent.la!crit [+] TrojanDropper/W32.Agent.lb!crit [+] Worm/W32.Agent.f!crit ```新增遥测定义: 38 | 移除遥测定义: 18
``` [+] Backdoor/Linux.Mirai.e!crit!submit [+] Backdoor/PHP.WebShell.aj!crit!submit [+] Backerdoor/PHP.WebShell.a!crit!submit [+] Exploit/W32.Vulndriver.d!crit!submit [+] Trojan/BAT.KillFiles.g!crit!submit [+] Trojan/BAT.KillWin.aa!crit!submit [+] Trojan/BAT.KillWin.y!crit!submit [+] Trojan/BAT.KillWin.z!crit!submit [+] Trojan/MSIL.Injector.m!crit!submit [+] Trojan/MSIL.Obfuscated.au!crit!submit [+] Trojan/W32.Agent.cugd!crit!submit [+] Trojan/W32.DDOS.a!crit!submit [+] Trojan/W32.FakeApp.k!crit!submit [+] Trojan/W32.KillFiles.b!crit!submit [+] Trojan/W32.ShellLoader.akc!crit!submit [+] Trojan/W32.ShellLoader.akd!crit!submit [+] Trojan/W64.DLLHijack.a!crit!submit [+] Trojan/W64.DLLHijack.b!crit!submit [+] Trojan/W64.Injector.k!crit!submit [+] Trojan/W64.Rozena.q!submit [+] Trojan/W64.ShellLoader.m!crit!submit [+] Trojan/W64.ShellLoader.n!crit!submit [+] Trojan/W64.ShellLoader.o!crit!submit [+] TrojanDownloader/HTML.Agent.h!crit!submit [+] TrojanDownloader/OSX.Agent.d!crit!submit [+] TrojanDownloader/PS.Runner.ad!crit!submit [+] TrojanDownloader/VBS.Runner.j!crit!submit [+] TrojanDropper/JS.Runner.a!crit!submit [+] TrojanDropper/PS.Runner.e!crit!submit [+] TrojanSpy/BAT.Stealer.m!crit!submit [+] TrojanSpy/OSX.Stealer.a!crit!submit [+] TrojanSpy/VBS.Stealer.c!crit!submit [+] TrojanSpy/W32.Stealer.am!crit!submit [+] TrojanSpy/W64.Stealer.aa!crit!submit [+] TrojanSpy/W64.Stealer.w!crit!submit [+] TrojanSpy/W64.Stealer.x!crit!submit [+] TrojanSpy/W64.Stealer.y!crit!submit [+] TrojanSpy/W64.Stealer.z!crit!submit [-] HEUR:Trojan/W32.FakeApp.ic!crit!submit [-] Trojan/Linux.Gafgyt.a!crit!submit [-] Trojan/Linux.Mirai.i!crit!submit [-] Trojan/Linux.Mirai.j!crit!submit [-] Trojan/MSIL.Obfuscated.at!crit!submit [-] Trojan/W32.Agent.ad!crit!submit [-] Trojan/W32.Agent.ae!crit!submit [-] Trojan/W32.Injector.clk!crit!submit [-] Trojan/W32.Injector.cll!crit!submit [-] Trojan/W32.Injector.clm!crit!submit [-] Trojan/W32.ShellLoader.aka!crit!submit [-] Trojan/W32.ShellLoader.akb!crit!submit [-] TrojanDownloader/LNK.Agent.h!crit!submit [-] TrojanDownloader/PS.Agent.bw!crit!submit [-] TrojanDropper/W32.Agent.b!crit!submit [-] TrojanDropper/W32.Agent.la!crit!submit [-] TrojanDropper/W32.Agent.lb!crit!submit [-] Worm/W32.Agent.f!crit!submit ```新增: 2
``` [+] Backdoor/Lotok.DE!submit [+] Software:OS/ComputerZ.AA#鲁大师推广!submit ```1769941672 - 2026-02-01 10:27:52 UTC
#### 特征项变更 ([pset.txt](data/1769941672.pset.txt))新增正式定义: 1
``` [+] HackTool/ProxyHijack ```1769857670 - 2026-01-31 11:07:50 UTC
#### 黑名单哈希变更 ([troj.txt](data/1769857670.troj.txt)) 新增: 76 #### 白名单哈希变更 ([hwl.txt](data/1769857670.hwl.txt)) 新增: 31769775707 - 2026-01-30 12:21:47 UTC
#### 特征项变更 ([pset.txt](data/1769775707.pset.txt))新增正式定义: 32
``` [+] Backdoor/Lotok.on [+] HEUR:Trojan/Injector.clx [+] HVM:Trojan/W64.Agent.gu [+] HVM:TrojanDownloader/Small.dr [+] Trojan/Agent.clu [+] Trojan/BAT.Obfuscated.ar [+] Trojan/FakeApp.adi [+] Trojan/FakeApp.adj [+] Trojan/FakeApp.adk [+] Trojan/FakeApp.adl [+] Trojan/FakeApp.adm [+] Trojan/Injector.cly [+] Trojan/Injector.cma [+] Trojan/Linux.Mirai.gu [+] Trojan/Loader.ni [+] Trojan/MSIL.Agent.aaj [+] Trojan/MSIL.Obfuscated.kl [+] Trojan/PS.Loader.s [+] Trojan/PS.Runner.v [+] Trojan/Runner.fq [+] Trojan/ShellLoader.aii [+] Trojan/ShellLoader.aij [+] Trojan/W64.Agent.gu [+] TrojanDownloader/Agent.bmc [+] TrojanDownloader/BAT.Agent.ge [+] TrojanDownloader/VBS.Agent.kj [+] TrojanDropper/Agent.alo [+] TrojanDropper/Agent.alp [+] TrojanDropper/Agent.alq [+] TrojanDropper/VBS.Agent.eh [+] TrojanSpy/OSX.Stealer.t [+] TrojanSpy/Stealer.tk ```新增遥测定义: 39 | 移除遥测定义: 34
``` [+] Backdoor/JAVA.Agent.a!submit [+] Backdoor/Linux.Gafgyt.cb!submit [+] Backdoor/Lotok.oo!submit [+] Backdoor/PHP.WebShell.gq!submit [+] HEUR:Trojan/BAT.Runner.bv!submit [+] HEUR:TrojanSpy/OSX.Amos.g!submit [+] HVM:Backdoor/Lotok.co!submit [+] HVM:Trojan/ShellLoader.cr!submit [+] HVM:TrojanDownloader/W64.Agent.cu!submit [+] Trojan/Agent.clv!submit [+] Trojan/Autoit.Agent.u!submit [+] Trojan/DLLHijack.ag!submit [+] Trojan/DLLhijack.ae!submit [+] Trojan/FakeApp.adn!submit [+] Trojan/FakeApp.ado!submit [+] Trojan/FakeApp.adp!submit [+] Trojan/FakeApp.adq!submit [+] Trojan/Injector.cmb!submit [+] Trojan/Injector.cmc!submit [+] Trojan/LUA.Agent.h!submit [+] Trojan/Linux.Agent.dj!submit [+] Trojan/Linux.KillFiles.b!submit [+] Trojan/Linux.Mirai.gv!submit [+] Trojan/Loader.nj!submit [+] Trojan/MSIL.Obfuscated.km!submit [+] Trojan/PS.Runner.w!submit [+] Trojan/PS.Runner.x!submit [+] Trojan/PS.Runner.y!submit [+] Trojan/Python.ShellLoader.de!submit [+] Trojan/ShellLoader.aik!submit [+] Trojan/ShellLoader.ail!submit [+] Trojan/W64.Agent.gv!submit [+] TrojanDownloader/BAT.Maloader.p!submit [+] TrojanDownloader/HTML.Agent.bk!submit [+] TrojanDownloader/LNK.Agent.he!submit [+] TrojanDownloader/Python.Agent.l!submit [+] TrojanDropper/BAT.Agent.bq!submit [+] TrojanDropper/W64.Agent.cc!submit [+] TrojanSpy/MSIL.Formbook.bj!submit [-] Backdoor/Lotok.on!submit [-] HEUR:Trojan/Injector.clx!submit [-] HVM:Trojan/W64.Agent.gu!submit [-] Trojan/Agent.clu!submit [-] Trojan/BAT.Obfuscated.ar!submit [-] Trojan/FakeApp.ade!submit [-] Trojan/FakeApp.adi!submit [-] Trojan/FakeApp.adj!submit [-] Trojan/FakeApp.adk!submit [-] Trojan/FakeApp.adl!submit [-] Trojan/FakeApp.adm!submit [-] Trojan/Injector.cly!submit [-] Trojan/Injector.cma!submit [-] Trojan/Linux.Mirai.gu!submit [-] Trojan/Loader.ni!submit [-] Trojan/MSIL.Agent.aaj!submit [-] Trojan/MSIL.Obfuscated.kl!submit [-] Trojan/PS.Loader.s!submit [-] Trojan/Runner.fq!submit [-] Trojan/ShellLoader.aig!submit [-] Trojan/ShellLoader.aih!submit [-] Trojan/ShellLoader.aii!submit [-] Trojan/ShellLoader.aij!submit [-] Trojan/W64.Agent.gu!submit [-] TrojanDownloader/Agent.bmc!submit [-] TrojanDownloader/BAT.Agent.ge!submit [-] TrojanDownloader/VBS.Agent.kj!submit [-] TrojanDropper/Agent.alm!submit [-] TrojanDropper/Agent.alo!submit [-] TrojanDropper/Agent.alp!submit [-] TrojanDropper/Agent.alq!submit [-] TrojanDropper/VBS.Agent.eh!submit [-] TrojanSpy/OSX.Stealer.t!submit [-] TrojanSpy/Stealer.tk!submit ```新增正式定义: 13
``` [+] Backdoor/BAT.Agent.b!crit [+] Trojan/BAT.KillFiles.f!crit [+] Trojan/MSIL.Obfuscated.kk!crit [+] Trojan/MSIL.Obfuscated.kl!crit [+] Trojan/W32.FakeApp.j!crit [+] Trojan/W64.Loader.ap!crit [+] TrojanDownloader/BAT.Agent.e!crit [+] TrojanDownloader/BAT.Agent.f!crit [+] TrojanDownloader/BAT.Agent.g!crit [+] TrojanDownloader/BAT.Agent.h!crit [+] TrojanDownloader/W64.Agent.c!crit [+] TrojanDropper/BAT.Agent.c!crit [+] TrojanSpy/W64.Stealer.o!crit ```新增遥测定义: 46 | 移除测定义: 16
``` [+] Backdoor/PHP.ReverseShell.a!crit!submit [+] Backdoor/PHP.ReverseShell.b!crit!submit [+] Backdoor/PHP.ReverseShell.c!crit!submit [+] Backdoor/PHP.ReverseShell.e!crit!submit [+] Backdoor/PHP.WebShell.af!crit!submit [+] Backdoor/PHP.WebShell.ag!crit!submit [+] Backdoor/PHP.WebShell.ah!crit!submit [+] Backdoor/PHP.WebShell.ai!crit!submit [+] HEUR:Trojan/W32.FakeApp.ic!crit!submit [+] Joke/BAT.Shutdown.f!crit!submit [+] Trojan/Linux.Gafgyt.a!crit!submit [+] Trojan/Linux.Mirai.i!crit!submit [+] Trojan/Linux.Mirai.j!crit!submit [+] Trojan/MSIL.Injector.l!crit!submit [+] Trojan/MSIL.Obfuscated.at!crit!submit [+] Trojan/PS.Obfuscator.ft!crit!submit [+] Trojan/W32.Agent.ad!crit!submit [+] Trojan/W32.Agent.ae!crit!submit [+] Trojan/W32.Injector.clk!crit!submit [+] Trojan/W32.Injector.cll!crit!submit [+] Trojan/W32.Injector.clm!crit!submit [+] Trojan/W32.Injector.cln!crit!submit [+] Trojan/W32.ShellLoader.ak!crit!submit [+] Trojan/W32.ShellLoader.aka!crit!submit [+] Trojan/W32.ShellLoader.akb!crit!submit [+] Trojan/W64.Injector.j!crit!submit [+] Trojan/W64.ShellLoader.l!crit!submit [+] TrojanDownloader/BAT.Runner.i!crit!submit [+] TrojanDownloader/LNK.Agent.h!crit!submit [+] TrojanDownloader/PS.Agent.bv!crit!submit [+] TrojanDownloader/PS.Agent.bw!crit!submit [+] TrojanDownloader/PS.Runner.aa!crit!submit [+] TrojanDownloader/PS.Runner.ab!crit!submit [+] TrojanDownloader/PS.Runner.ac!crit!submit [+] TrojanDownloader/VBS.Runner.i!crit!submit [+] TrojanDropper/W32.Agent.b!crit!submit [+] TrojanDropper/W32.Agent.la!crit!submit [+] TrojanDropper/W32.Agent.lb!crit!submit [+] TrojanDropper/W64.Runner.c!crit!submit [+] TrojanSpy/MSIL.Stealer.cdf!crit!submit [+] TrojanSpy/PS.Stealer.o!crit!submit [+] TrojanSpy/W32.Stealer.al!crit!submit [+] TrojanSpy/W64.Stealer.t!crit!submit [+] TrojanSpy/W64.Stealer.u!crit!submit [+] TrojanSpy/W64.Stealer.v!crit!submit [+] Worm/W32.Agent.f!crit!submit [-] Backdoor/BAT.Agent.b!crit!submit [-] HEUR:Trojan/W32.FakeApp.ib!crit!submit [-] Trojan/BAT.KillFiles.f!crit!submit [-] Trojan/MSIL.Obfuscated.kk!crit!submit [-] Trojan/MSIL.Obfuscated.kl!crit!submit [-] Trojan/PS.Obfuscator.ft!submit [-] Trojan/W32.Agent.ac!crit!submit [-] Trojan/W32.FakeApp.j!crit!submit [-] Trojan/W64.Loader.ap!crit!submit [-] TrojanDownloader/BAT.Agent.e!crit!submit [-] TrojanDownloader/BAT.Agent.f!crit!submit [-] TrojanDownloader/BAT.Agent.g!crit!submit [-] TrojanDownloader/BAT.Agent.h!crit!submit [-] TrojanDownloader/PS.Agent.bv!submit [-] TrojanDownloader/W64.Agent.c!crit!submit [-] TrojanDropper/BAT.Agent.c!crit!submit ```1769686468 - 2026-01-29 11:34:28 UTC
#### 特征项变更 ([pset.txt](data/1769686468.pset.txt))新增正式定义: 36
``` [+] Backdoor/Linux.Gafgyt.ca [+] Backdoor/Lotok.om [+] HEUR:Trojan/Agent.clu [+] HackTool/DecryptTeamViewer.a [+] Trojan/BAT.Loader.n [+] Trojan/BAT.Obfuscated.aq [+] Trojan/BAT.Pwrsch.ew [+] Trojan/BAT.Runner.bu [+] Trojan/DLLHijack.ae [+] Trojan/FakeApp.ada [+] Trojan/FakeApp.adf [+] Trojan/FakeApp.adg [+] Trojan/FakeApp.adh [+] Trojan/FakeDll.cp [+] Trojan/Injector.clw [+] Trojan/Injector.clx [+] Trojan/KillAV.dd [+] Trojan/Linux.Agent.dg [+] Trojan/Linux.Agent.di [+] Trojan/Linux.CoinMiner.dy [+] Trojan/Linux.Mirai.gl [+] Trojan/MSIL.Obfuscated.kk [+] Trojan/Python.Loader.o [+] Trojan/ShellLoader.aig [+] Trojan/ShellLoader.aih [+] Trojan/W64.Agent.gt [+] TrojanDownloader/Agent.bma [+] TrojanDownloader/Agent.bmb [+] TrojanDownloader/HTML.Agent.bj [+] TrojanDownloader/JS.Agent.im [+] TrojanDownloader/Linux.Agent.dw [+] TrojanDownloader/Linux.Agent.ee [+] TrojanDropper/Agent.alm [+] TrojanDropper/Agent.aln [+] TrojanDropper/JS.Agent.ce [+] TrojanDropper/Python.Loader.b ```新增遥测定义: 34 | 移除遥测定义: 34
``` [+] Backdoor/Lotok.on!submit [+] HEUR:Trojan/Injector.clx!submit [+] HVM:Trojan/Agent.clu!submit [+] HVM:Trojan/W64.Agent.gu!submit [+] HVM:TrojanDownloader/Small.dr!submit [+] Trojan/Agent.clu!submit [+] Trojan/BAT.Obfuscated.ar!submit [+] Trojan/FakeApp.adi!submit [+] Trojan/FakeApp.adj!submit [+] Trojan/FakeApp.adk!submit [+] Trojan/FakeApp.adl!submit [+] Trojan/FakeApp.adm!submit [+] Trojan/Injector.cly!submit [+] Trojan/Injector.clz!submit [+] Trojan/Injector.cma!submit [+] Trojan/Linux.Mirai.gu!submit [+] Trojan/Loader.ni!submit [+] Trojan/MSIL.Agent.aaj!submit [+] Trojan/MSIL.Obfuscated.kl!submit [+] Trojan/PS.Loader.s!submit [+] Trojan/PS.Runner.v!submit [+] Trojan/Runner.fq!submit [+] Trojan/ShellLoader.aii!submit [+] Trojan/ShellLoader.aij!submit [+] Trojan/W64.Agent.gu!submit [+] TrojanDownloader/Agent.bmc!submit [+] TrojanDownloader/BAT.Agent.ge!submit [+] TrojanDownloader/VBS.Agent.kj!submit [+] TrojanDropper/Agent.alo!submit [+] TrojanDropper/Agent.alp!submit [+] TrojanDropper/Agent.alq!submit [+] TrojanDropper/VBS.Agent.eh!submit [+] TrojanSpy/OSX.Stealer.t!submit [+] TrojanSpy/Stealer.tk!submit [-] Backdoor/Linux.Gafgyt.ca!submit [-] Backdoor/Lotok.om!submit [-] HEUR:Trojan/Agent.clu!submit [-] HEUR:TrojanSpy/OSX.Amos.c!submit [-] HackTool/DecryptTeamViewer.a!submit [-] Trojan/BAT.Loader.n!submit [-] Trojan/BAT.Obfuscated.aq!submit [-] Trojan/BAT.Runner.bu!submit [-] Trojan/DLLHijack.ae!submit [-] Trojan/FakeApp.ada!submit [-] Trojan/FakeApp.adf!submit [-] Trojan/FakeApp.adg!submit [-] Trojan/FakeApp.adh!submit [-] Trojan/FakeDll.cp!submit [-] Trojan/Injector.clw!submit [-] Trojan/Injector.clx!submit [-] Trojan/KillAV.dd!submit [-] Trojan/Linux.Agent.dg!submit [-] Trojan/Linux.Agent.di!submit [-] Trojan/Linux.CoinMiner.dy!submit [-] Trojan/Linux.Mirai.gl!submit [-] Trojan/MSIL.Obfuscated.kk!submit [-] Trojan/Python.Loader.o!submit [-] Trojan/W64.Agent.gt!submit [-] Trojan/W64.Injector.ch!submit [-] TrojanDownloader/Agent.bma!submit [-] TrojanDownloader/Agent.bmb!submit [-] TrojanDownloader/HTML.Agent.bj!submit [-] TrojanDownloader/JS.Agent.im!submit [-] TrojanDownloader/Linux.Agent.dw!submit [-] TrojanDownloader/Linux.Agent.ee!submit [-] TrojanDropper/Agent.aln!submit [-] TrojanDropper/JS.Agent.ce!submit [-] TrojanDropper/Python.Loader.b!submit ```新增正式定义: 18
``` [+] Backdoor/Android.FraudLoader.a!crit [+] Backdoor/W64.Agent.h!crit [+] Trojan/Linux.CoinMiner.a!crit [+] Trojan/Linux.Mirai.h!crit [+] Trojan/SCR.Maloader.u!crit [+] Trojan/W32.ShellLoader.ad!crit [+] Trojan/W32.ShellLoader.ae!crit [+] Trojan/W32.ShellLoader.af!crit [+] Trojan/W32.ShellLoader.ag!crit [+] Trojan/W32.ShellLoader.ah!crit [+] Trojan/W32.ShellLoader.ai!crit [+] Trojan/W32.ShellLoader.aj!crit [+] Trojan/W64.Agent.gt!crit [+] Trojan/W64.Injector.i!crit [+] Trojan/W64.Loader.ao!crit [+] TrojanDownloader/BAT.Agent.d!crit [+] TrojanDownloader/Linux.Agent.k!crit [+] TrojanSpy/JAVA.Stealer.a!crit ```新增遥测定义: 41 | 移除遥测定义: 19
``` [+] Backdoor/BAT.Agent.b!crit!submit [+] HEUR:Trojan/W32.FakeApp.ib!crit!submit [+] Joke/VBS.ShutDown.c!crit!submit [+] Trojan/BAT.KillFiles.f!crit!submit [+] Trojan/BAT.KillWin.w!crit!submit [+] Trojan/BAT.KillWin.x!crit!submit [+] Trojan/BAT.Runner.a!crit!submit [+] Trojan/MSIL.Obfuscated.kk!crit!submit [+] Trojan/MSIL.Obfuscated.kl!crit!submit [+] Trojan/PS.Obfuscator.ft!submit [+] Trojan/PS.ShellLoader.a!crit!submit [+] Trojan/W32.Agent.ac!crit!submit [+] Trojan/W32.FakeApp.j!crit!submit [+] Trojan/W64.Loader.ap!crit!submit [+] TrojanDownloader/BAT.Agent.e!crit!submit [+] TrojanDownloader/BAT.Agent.f!crit!submit [+] TrojanDownloader/BAT.Agent.g!crit!submit [+] TrojanDownloader/BAT.Agent.h!crit!submit [+] TrojanDownloader/PS.Agent.bv!submit [+] TrojanDownloader/PS.Runner.z!crit!submit [+] TrojanDownloader/PS.Starter.b!crit!submit [+] TrojanDownloader/PS.Starter.e!crit!submit [+] TrojanDownloader/VBS.Starter.a!crit!submit [+] TrojanDownloader/W64.Agent.c!crit!submit [+] TrojanDropper/BAT.Agent.c!crit!submit [+] TrojanDropper/BAT.Encpe.b!crit!submit [+] TrojanDropper/PS.Starter.a!crit!submit [+] TrojanDropper/VBS.Encpe.a!crit!submit [+] TrojanDropper/VBS.Encpe.b!crit!submit [+] TrojanDropper/VBS.Encpe.c!crit!submit [+] TrojanDropper/VBS.Encpe.d!crit!submit [+] TrojanDropper/W32.HiJack.a!crit!submit [+] TrojanDropper/W32.HiJack.b!crit!submit [+] TrojanDropper/W32.ShellLoader.a!crit!submit [+] TrojanSpy/BAT.Stealer.k!crit!submit [+] TrojanSpy/W64.Keylogger.c!crit!submit [+] TrojanSpy/W64.Stealer.o!crit!submit [+] TrojanSpy/W64.Stealer.p!crit!submit [+] TrojanSpy/W64.Stealer.q!crit!submit [+] TrojanSpy/W64.Stealer.r!crit!submit [+] TrojanSpy/W64.Stealer.s!crit!submit [-] Backdoor/Android.FraudLoader.a!crit!submit [-] Backdoor/W64.Agent.h!crit!submit [-] Trojan/Linux.CoinMiner.a!crit!submit [-] Trojan/Linux.Mirai.h!crit!submit [-] Trojan/SCR.Maloader.u!crit!submit [-] Trojan/SCR.ShellCode.m!crit!submit [-] Trojan/W32.ShellLoader.ad!crit!submit [-] Trojan/W32.ShellLoader.ae!crit!submit [-] Trojan/W32.ShellLoader.af!crit!submit [-] Trojan/W32.ShellLoader.ag!crit!submit [-] Trojan/W32.ShellLoader.ah!crit!submit [-] Trojan/W32.ShellLoader.ai!crit!submit [-] Trojan/W32.ShellLoader.aj!crit!submit [-] Trojan/W64.Agent.gt!crit!submit [-] Trojan/W64.Injector.i!crit!submit [-] Trojan/W64.Loader.ao!crit!submit [-] TrojanDownloader/BAT.Agent.d!crit!submit [-] TrojanDownloader/Linux.Agent.k!crit!submit [-] TrojanSpy/JAVA.Stealer.a!crit!submit ```1769603737 - 2026-01-28 12:35:37 UTC
#### 特征项变更 ([pset.txt](data/1769603737.pset.txt))新增正式定义: 37
``` [+] Backdoor/Lotok.oc [+] Backdoor/W64.Agent.n [+] HEUR:Backdoor/JSP.WebShell.r [+] HEUR:Backdoor/Lotok.cn [+] HEUR:Trojan/FakeApp.aw [+] HEUR:Trojan/Loader.nh [+] HEUR:Trojan/Rozena.b [+] HVM:Trojan/W64.Injector.ch [+] HackTool/GYscan.a [+] Ransom/LockFile.rm [+] Ransom/LockFile.rn [+] Ransom/LockFile.ro [+] Trojan/BAT.Loader.m [+] Trojan/FakeApp.adb [+] Trojan/FakeApp.adc [+] Trojan/FakeApp.add [+] Trojan/FakeApp.ade [+] Trojan/HTML.FakeCaptcha.h [+] Trojan/Injector.clv [+] Trojan/Linux.Mirai.gt [+] Trojan/Loader.nh [+] Trojan/Obfuscated.ny [+] Trojan/Obfuscated.nz [+] Trojan/Obfuscated.oa [+] Trojan/PS.Obfuscator.b [+] Trojan/Runner.fp [+] Trojan/ShellLoader.aif [+] Trojan/W64.Agent.gr [+] Trojan/W64.Injector.cg [+] TrojanDownloader/BAT.Maloader.o [+] TrojanDownloader/Linux.Agent.ed [+] TrojanDownloader/Maloader.br [+] TrojanDownloader/PS.Agent.fm [+] TrojanDropper/Agent.alk [+] TrojanDropper/Agent.all [+] TrojanSpy/JAVA.Stealer.k [+] TrojanSpy/OSX.Stealer.s ```新增遥测定义: 32 | 移除遥测定义: 37
``` [+] Backdoor/Linux.Gafgyt.ca!submit [+] Backdoor/Lotok.om!submit [+] HEUR:Trojan/Agent.clu!submit [+] HackTool/DecryptTeamViewer.a!submit [+] Trojan/BAT.Loader.n!submit [+] Trojan/BAT.Obfuscated.aq!submit [+] Trojan/BAT.Runner.bu!submit [+] Trojan/DLLHijack.ae!submit [+] Trojan/FakeApp.adf!submit [+] Trojan/FakeApp.adg!submit [+] Trojan/FakeApp.adh!submit [+] Trojan/FakeDll.cp!submit [+] Trojan/Injector.clw!submit [+] Trojan/Injector.clx!submit [+] Trojan/KillAV.dd!submit [+] Trojan/Linux.CoinMiner.dy!submit [+] Trojan/MSIL.Obfuscated.kk!submit [+] Trojan/Python.Loader.o!submit [+] Trojan/ShellLoader.aig!submit [+] Trojan/ShellLoader.aih!submit [+] Trojan/W64.Agent.gs!submit [+] Trojan/W64.Agent.gt!submit [+] Trojan/W64.Injector.ch!submit [+] TrojanDownloader/Agent.bma!submit [+] TrojanDownloader/Agent.bmb!submit [+] TrojanDownloader/HTML.Agent.bj!submit [+] TrojanDownloader/JS.Agent.im!submit [+] TrojanDownloader/Linux.Agent.ee!submit [+] TrojanDropper/Agent.alm!submit [+] TrojanDropper/Agent.aln!submit [+] TrojanDropper/JS.Agent.ce!submit [+] TrojanDropper/Python.Loader.b!submit [-] Backdoor/Lotok.oc!submit [-] Backdoor/W64.Agent.n!submit [-] HEUR:Backdoor/JSP.WebShell.r!submit [-] HEUR:Backdoor/Lotok.cn!submit [-] HEUR:Trojan/FakeApp.aw!submit [-] HEUR:Trojan/Loader.nh!submit [-] HEUR:Trojan/Rozena.b!submit [-] HVM:Trojan/ShellLoader.cm!submit [-] HVM:Trojan/W64.Injector.ch!submit [-] HackTool/GYscan.a!submit [-] Ransom/LockFile.rm!submit [-] Ransom/LockFile.rn!submit [-] Ransom/LockFile.ro!submit [-] Trojan/BAT.Loader.m!submit [-] Trojan/FakeApp.abs!submit [-] Trojan/FakeApp.adb!submit [-] Trojan/FakeApp.adc!submit [-] Trojan/FakeApp.add!submit [-] Trojan/HTML.FakeCaptcha.h!submit [-] Trojan/Injector.clv!submit [-] Trojan/Linux.Mirai.gt!submit [-] Trojan/Loader.nh!submit [-] Trojan/Obfuscated.ny!submit [-] Trojan/Obfuscated.nz!submit [-] Trojan/Obfuscated.oa!submit [-] Trojan/PS.Obfuscator.b!submit [-] Trojan/Runner.fp!submit [-] Trojan/W64.Agent.gr!submit [-] Trojan/W64.Injector.cg!submit [-] TrojanDownloader/BAT.Maloader.o!submit [-] TrojanDownloader/Linux.Agent.ed!submit [-] TrojanDownloader/Maloader.br!submit [-] TrojanDownloader/PS.Agent.fm!submit [-] TrojanDropper/Agent.alk!submit [-] TrojanDropper/Agent.all!submit [-] TrojanSpy/JAVA.Stealer.k!submit [-] TrojanSpy/OSX.Stealer.s!submit ```新增正式定义: 10
``` [+] HackTool/W64.Fscan.b!crit [+] Joke/W32.CrazyScreen.ba!crit [+] Trojan/W32.Agent.cugc!crit [+] Trojan/W32.ShellLoader.aa!crit [+] Trojan/W32.ShellLoader.ab!crit [+] Trojan/W32.ShellLoader.ac!crit [+] TrojanDownloader/PS.Agent.bu!crit [+] TrojanSpy/OSX.Stealer.bu!crit [+] TrojanSpy/W32.Stealer.ak!crit [+] TrojanSpy/W64.Stealer.g!crit ```新增遥测定义: 19 | 移除遥测定义: 11
``` [+] Backdoor/Android.FraudLoader.a!crit!submit [+] Backdoor/W64.Agent.h!crit!submit [+] Trojan/Linux.CoinMiner.a!crit!submit [+] Trojan/Linux.Mirai.h!crit!submit [+] Trojan/SCR.Maloader.u!crit!submit [+] Trojan/SCR.ShellCode.m!crit!submit [+] Trojan/W32.ShellLoader.ad!crit!submit [+] Trojan/W32.ShellLoader.ae!crit!submit [+] Trojan/W32.ShellLoader.af!crit!submit [+] Trojan/W32.ShellLoader.ag!crit!submit [+] Trojan/W32.ShellLoader.ah!crit!submit [+] Trojan/W32.ShellLoader.ai!crit!submit [+] Trojan/W32.ShellLoader.aj!crit!submit [+] Trojan/W64.Agent.gt!crit!submit [+] Trojan/W64.Injector.i!crit!submit [+] Trojan/W64.Loader.ao!crit!submit [+] TrojanDownloader/BAT.Agent.d!crit!submit [+] TrojanDownloader/Linux.Agent.k!crit!submit [+] TrojanSpy/JAVA.Stealer.a!crit!submit [-] HackTool/W64.Fscan.b!crit!submit [-] Joke/W32.CrazyScreen.ba!crit!submit [-] Trojan/W32.Agent.cugc!crit!submit [-] Trojan/W32.ShellLoader.aa!crit!submit [-] Trojan/W32.ShellLoader.ab!crit!submit [-] Trojan/W32.ShellLoader.ac!crit!submit [-] TrojanDownloader/PS.Agent.bu!crit!submit [-] TrojanDropper/W32.Agent.i!crit!submit [-] TrojanDropper/W32.Agent.j!crit!submit [-] TrojanSpy/OSX.Stealer.bu!crit!submit [-] TrojanSpy/W32.Stealer.ak!crit!submit ```新增: 2
``` [+] Backdoor/Lotok.XX!submit [+] TrojanDownloader/Agent.BLO!submit ```1769515359 - 2026-01-27 12:02:39 UTC
#### 特征项变更 ([pset.txt](data/1769515359.pset.txt))新增正式定义: 40
``` [+] Backdoor/PHP.WebShell.gm [+] Backdoor/PHP.WebShell.gn [+] Backdoor/PHP.WebShell.go [+] Backdoor/PHP.WebShell.gp [+] HEUR:Backdoor/ASP.WebShell.bf [+] HEUR:Backdoor/ASP.WebShell.bg [+] HEUR:Trojan/BAT.Runner.m [+] HEUR:Trojan/JS.Obfuscated.dm [+] HEUR:TrojanDownloader/JS.Agent.n [+] HVM:Trojan/ShellLoader.cq [+] HackTool/DecryptTeamViewer [+] Ransom/LockFile.rl [+] Trojan/DLLHijack.af [+] Trojan/FakeApp.acs [+] Trojan/FakeApp.act [+] Trojan/FakeApp.acu [+] Trojan/FakeApp.acv [+] Trojan/FakeApp.acw [+] Trojan/FakeApp.acx [+] Trojan/FakeApp.acy [+] Trojan/FakeApp.acz [+] Trojan/Injector.clt [+] Trojan/Injector.clu [+] Trojan/JS.Loader.e [+] Trojan/Linux.Mirai.go [+] Trojan/Linux.Mirai.gr [+] Trojan/Linux.Mirai.gs [+] Trojan/Obfuscated.nx [+] Trojan/ShellLoader.ahx [+] Trojan/W64.Agent.gq [+] Trojan/W64.Injector.cf [+] TrojanDownloader/JS.Agent.il [+] TrojanDownloader/PS.Agent.fj [+] TrojanDownloader/PS.Agent.fk [+] TrojanDownloader/PS.Agent.fl [+] TrojanDownloader/W64.Agent.ct [+] TrojanDropper/Agent.alj [+] TrojanDropper/MSIL.Maloader.d [+] TrojanSpy/PassStealer.ay [+] TrojanSpy/W64.SnakeStealer.b ```新增遥测定义: 38 | 移除遥测定义: 39
``` [+] Backdoor/Lotok.oc!submit [+] Backdoor/W64.Agent.n!submit [+] HEUR:Backdoor/JSP.WebShell.r!submit [+] HEUR:Backdoor/Lotok.cn!submit [+] HEUR:Trojan/FakeApp.aw!submit [+] HEUR:Trojan/Loader.nh!submit [+] HEUR:Trojan/Rozena.b!submit [+] HVM:Trojan/W64.Injector.ch!submit [+] HackTool/GYscan.a!submit [+] Ransom/LockFile.rm!submit [+] Ransom/LockFile.rn!submit [+] Ransom/LockFile.ro!submit [+] Trojan/BAT.Loader.m!submit [+] Trojan/FakeApp.abs!submit [+] Trojan/FakeApp.adb!submit [+] Trojan/FakeApp.adc!submit [+] Trojan/FakeApp.add!submit [+] Trojan/FakeApp.ade!submit [+] Trojan/HTML.FakeCaptcha.h!submit [+] Trojan/Injector.clv!submit [+] Trojan/Linux.Mirai.gt!submit [+] Trojan/Loader.nh!submit [+] Trojan/Obfuscated.ny!submit [+] Trojan/Obfuscated.nz!submit [+] Trojan/Obfuscated.oa!submit [+] Trojan/PS.Obfuscator.b!submit [+] Trojan/Runner.fp!submit [+] Trojan/ShellLoader.aif!submit [+] Trojan/W64.Agent.gr!submit [+] Trojan/W64.Injector.cg!submit [+] TrojanDownloader/BAT.Maloader.o!submit [+] TrojanDownloader/Linux.Agent.ed!submit [+] TrojanDownloader/Maloader.br!submit [+] TrojanDownloader/PS.Agent.fm!submit [+] TrojanDropper/Agent.alk!submit [+] TrojanDropper/Agent.all!submit [+] TrojanSpy/JAVA.Stealer.k!submit [+] TrojanSpy/OSX.Stealer.s!submit [-] Backdoor/PHP.WebShell.gm!submit [-] Backdoor/PHP.WebShell.gn!submit [-] Backdoor/PHP.WebShell.go!submit [-] Backdoor/PHP.WebShell.gp!submit [-] HEUR:Backdoor/ASP.WebShell.bf!submit [-] HEUR:Backdoor/ASP.WebShell.bg!submit [-] HEUR:Trojan/BAT.Runner.m!submit [-] HEUR:Trojan/JS.Obfuscated.dm!submit [-] HEUR:TrojanDownloader/JS.Agent.n!submit [-] HVM:Trojan/ShellLoader.cq!submit [-] Ransom/LockFile.rl!submit [-] Trojan/DLLHijack.af!submit [-] Trojan/FakeApp.acs!submit [-] Trojan/FakeApp.act!submit [-] Trojan/FakeApp.acu!submit [-] Trojan/FakeApp.acv!submit [-] Trojan/FakeApp.acw!submit [-] Trojan/FakeApp.acx!submit [-] Trojan/FakeApp.acy!submit [-] Trojan/FakeApp.acz!submit [-] Trojan/Injector.clt!submit [-] Trojan/Injector.clu!submit [-] Trojan/JS.Loader.e!submit [-] Trojan/Linux.Mirai.go!submit [-] Trojan/Linux.Mirai.gr!submit [-] Trojan/Linux.Mirai.gs!submit [-] Trojan/Obfuscated.nx!submit [-] Trojan/ShellLoader.ahx!submit [-] Trojan/W64.Agent.gq!submit [-] Trojan/W64.Injector.cf!submit [-] TrojanDownloader/JS.Agent.il!submit [-] TrojanDownloader/PS.Agent.fj!submit [-] TrojanDownloader/PS.Agent.fk!submit [-] TrojanDownloader/PS.Agent.fl!submit [-] TrojanDownloader/W64.Agent.ct!submit [-] TrojanDropper/Agent.alj!submit [-] TrojanDropper/MSIL.Maloader.d!submit [-] TrojanSpy/PassStealer.ay!submit [-] TrojanSpy/W64.SnakeStealer.b!submit ```新增正式定义: 11
``` [+] Joke/W32.CrazyScreen.bb!crit [+] Trojan/Linux.Mirai.g!crit [+] Trojan/MSIL.Obfuscated.as!crit [+] Trojan/PS.Loader.e!crit [+] Trojan/W32.FakeApp.i!crit [+] Trojan/W32.Loader.j!crit [+] Trojan/W32.ShellLoader.y!crit [+] Trojan/W32.ShellLoader.z!crit [+] TrojanDownloader/OSX.Agent.c!crit [+] TrojanDownloader/PS.Agent.bt!crit [+] TrojanDropper/JAVA.Agent.b!crit ```新增遥测定义: 40 | 移除遥测定义: 10
``` [+] Backdoor/W64.ReverseShell.a!crit!submit [+] Backdoor/W64.ReverseShell.b!crit!submit [+] HackTool/W64.Fscan.b!crit!submit [+] Joke/BAT.CrazyWindow.b!crit!submit [+] Ransom/PS.LockFile.d!crit!submit [+] Ransom/W64.LockFile.e!crit!submit [+] Ransom/W64.LockFile.f!crit!submit [+] Ransom/W64.LockFile.g!crit!submit [+] Ransom/W64.LockFile.h!crit!submit [+] Ransom/W64.LockScreen.b!crit!submit [+] Trojan/BAT.KillAV.f!crit!submit [+] Trojan/BAT.KillAV.g!crit!submit [+] Trojan/BAT.KillFiles.e!crit!submit [+] Trojan/BAT.KillWin.s!crit!submit [+] Trojan/BAT.KillWin.t!crit!submit [+] Trojan/BAT.KillWin.u!crit!submit [+] Trojan/BAT.KillWin.v!crit!submit [+] Trojan/W32.Agent.cugc!crit!submit [+] Trojan/W32.ShellLoader.aa!crit!submit [+] Trojan/W32.ShellLoader.ab!crit!submit [+] Trojan/W32.ShellLoader.ac!crit!submit [+] Trojan/W64.KillMBR.a!crit!submit [+] Trojan/W64.KillMBR.b!crit!submit [+] TrojanDownloader/BAT.Runner.h!crit!submit [+] TrojanDownloader/PS.Agent.bu!crit!submit [+] TrojanDownloader/PS.Runner.y!crit!submit [+] TrojanDownloader/W64.Starter.a!crit!submit [+] TrojanDropper/BAT.Encpe.a!crit!submit [+] TrojanDropper/JS.Encpe.a!crit!submit [+] TrojanDropper/PS.Encpe.c!crit!submit [+] TrojanDropper/PS.Encpe.d!crit!submit [+] TrojanDropper/W32.Agent.i!crit!submit [+] TrojanDropper/W32.Agent.j!crit!submit [+] TrojanSpy/OSX.Stealer.bu!crit!submit [+] TrojanSpy/W32.Stealer.ak!crit!submit [+] TrojanSpy/W32.Zbot.a!crit!submit [+] TrojanSpy/W32.Zbot.b!crit!submit [+] TrojanSpy/W64.Stealer.l!crit!submit [+] TrojanSpy/W64.Stealer.m!crit!submit [+] TrojanSpy/W64.Stealer.n!crit!submit [-] Joke/W32.CrazyScreen.bb!crit!submit [-] Trojan/Linux.Mirai.g!crit!submit [-] Trojan/MSIL.Obfuscated.as!crit!submit [-] Trojan/PS.Loader.e!crit!submit [-] Trojan/W32.FakeApp.i!crit!submit [-] Trojan/W32.Loader.j!crit!submit [-] Trojan/W32.ShellLoader.y!crit!submit [-] TrojanDownloader/OSX.Agent.c!crit!submit [-] TrojanDownloader/PS.Agent.bt!crit!submit [-] TrojanDropper/JAVA.Agent.b!crit!submit ```1769432877 - 2026-01-26 13:07:57 UTC
#### 特征项变更 ([pset.txt](data/1769432877.pset.txt))新增正式定义: 37 | 移除正式定义: 2
``` [+] Exploit/JS.Pdfka.w [+] HEUR:Joke/BAT.Popupwindow.j [+] HEUR:TrojanDownloader/MSIL.Maloader.j [+] HVM:Backdoor/Lotok.cn [+] HVM:Trojan/ShellLoader.cp [+] HackTool/Agent.m [+] HackTool/GYscan [+] Ransom/Akira.e [+] Trojan/BAT.KillWin.bc [+] Trojan/BAT.Obfuscated.ao [+] Trojan/BAT.Obfuscated.ap [+] Trojan/DLLHijack.ac [+] Trojan/DLLHijack.ad [+] Trojan/FakeApp.abq [+] Trojan/FakeApp.abs [+] Trojan/FakeApp.aco [+] Trojan/FakeApp.acp [+] Trojan/FakeApp.acq [+] Trojan/FakeApp.acr [+] Trojan/Injector.cls [+] Trojan/KillWin.dk [+] Trojan/Linux.DDos.bl [+] Trojan/Linux.Mirai.gq [+] Trojan/MSIL.Injector.qh [+] Trojan/MSIL.Obfuscated.kg [+] Trojan/MSIL.Obfuscated.kh [+] Trojan/MSIL.Obfuscated.ki [+] Trojan/MSIL.Obfuscated.kj [+] Trojan/W64.Agent.gp [+] Trojan/W64.Loader.am [+] Trojan/W64.Loader.an [+] TrojanDownloader/Linux.Agent.ec [+] TrojanDownloader/MSIL.Maloader.k [+] TrojanDownloader/NetLoader.q [+] TrojanDownloader/PS.NetLoader.ls [+] TrojanDropper/Agent.alh [+] TrojanDropper/Agent.ali [-] HVM:Trojan/ShellLoader.co [-] Trojan/Shellcode.j ```新增遥测定义: 40 | 移除遥测定义: 40
``` [+] Backdoor/PHP.WebShell.gm!submit [+] Backdoor/PHP.WebShell.gn!submit [+] Backdoor/PHP.WebShell.go!submit [+] Backdoor/PHP.WebShell.gp!submit [+] HEUR:Backdoor/ASP.WebShell.bf!submit [+] HEUR:Backdoor/ASP.WebShell.bg!submit [+] HEUR:Trojan/BAT.Runner.m!submit [+] HEUR:Trojan/JS.Obfuscated.dm!submit [+] HEUR:TrojanDownloader/JS.Agent.n!submit [+] HVM:Trojan/ShellLoader.cm!submit [+] HVM:Trojan/ShellLoader.cq!submit [+] Ransom/LockFile.rl!submit [+] Trojan/DLLHijack.af!submit [+] Trojan/FakeApp.acs!submit [+] Trojan/FakeApp.act!submit [+] Trojan/FakeApp.acu!submit [+] Trojan/FakeApp.acv!submit [+] Trojan/FakeApp.acw!submit [+] Trojan/FakeApp.acx!submit [+] Trojan/FakeApp.acy!submit [+] Trojan/FakeApp.acz!submit [+] Trojan/FakeApp.ada!submit [+] Trojan/Injector.clt!submit [+] Trojan/Injector.clu!submit [+] Trojan/JS.Loader.e!submit [+] Trojan/Linux.Mirai.gr!submit [+] Trojan/Linux.Mirai.gs!submit [+] Trojan/Obfuscated.nx!submit [+] Trojan/ShellLoader.ahx!submit [+] Trojan/W64.Agent.gq!submit [+] Trojan/W64.Injector.cf!submit [+] TrojanDownloader/JS.Agent.il!submit [+] TrojanDownloader/PS.Agent.fj!submit [+] TrojanDownloader/PS.Agent.fk!submit [+] TrojanDownloader/PS.Agent.fl!submit [+] TrojanDownloader/W64.Agent.ct!submit [+] TrojanDropper/Agent.alj!submit [+] TrojanDropper/MSIL.Maloader.d!submit [+] TrojanSpy/PassStealer.ay!submit [+] TrojanSpy/W64.SnakeStealer.b!submit [-] Exploit/JS.Pdfka.w!submit [-] Exploit/Vulndriver!submit [-] HEUR:Joke/BAT.Popupwindow.j!submit [-] HEUR:TrojanDownloader/MSIL.Maloader.j!submit [-] HVM:Backdoor/Lotok.cm!submit [-] HVM:Trojan/ShellLoader.cl!submit [-] HVM:Trojan/ShellLoader.cp!submit [-] HackTool/Agent.m!submit [-] Ransom/Akira.e!submit [-] Trojan/BAT.KillWin.bc!submit [-] Trojan/BAT.Obfuscated.ao!submit [-] Trojan/BAT.Obfuscated.ap!submit [-] Trojan/DLLHijack.ac!submit [-] Trojan/DLLHijack.ad!submit [-] Trojan/FakeApp.abq!submit [-] Trojan/FakeApp.abs!submit [-] Trojan/FakeApp.aco!submit [-] Trojan/FakeApp.acp!submit [-] Trojan/FakeApp.acq!submit [-] Trojan/FakeApp.acr!submit [-] Trojan/Injector.cls!submit [-] Trojan/KillWin.dk!submit [-] Trojan/Linux.DDos.bl!submit [-] Trojan/Linux.Mirai.gq!submit [-] Trojan/Loader.nd!submit [-] Trojan/MSIL.Injector.qh!submit [-] Trojan/MSIL.Obfuscated.kg!submit [-] Trojan/MSIL.Obfuscated.kh!submit [-] Trojan/MSIL.Obfuscated.ki!submit [-] Trojan/MSIL.Obfuscated.kj!submit [-] Trojan/W64.Agent.gp!submit [-] Trojan/W64.Injector.ce!submit [-] Trojan/W64.Loader.am!submit [-] Trojan/W64.Loader.an!submit [-] TrojanDownloader/Linux.Agent.ec!submit [-] TrojanDownloader/MSIL.Maloader.k!submit [-] TrojanDownloader/NetLoader.q!submit [-] TrojanDownloader/PS.NetLoader.ls!submit [-] TrojanDropper/Agent.alh!submit [-] TrojanDropper/Agent.ali!submit ```新增正式定义: 9
``` [+] Trojan/MSIL.Obfuscated.ar!crit [+] Trojan/PS.Disabler.b!crit [+] Trojan/W32.ShellLoader.w!crit [+] Trojan/W64.Injector.h!crit [+] TrojanDownloader/Linux.Agent.i!crit [+] TrojanDownloader/Linux.Agent.j!crit [+] TrojanDropper/W64.Agent.d!crit [+] TrojanSpy/BAT.Stealer.j!crit [+] TrojanSpy/W64.ClipBanker.b!crit ```新增遥测定义: 29 | 移除遥测定义: 12
``` [+] Backdoor/PHP.WebShell.ad!crit!submit [+] Backdoor/PHP.WebShell.ae!crit!submit [+] Joke/W32.CrazyScreen.ba!crit!submit [+] Joke/W32.CrazyScreen.bb!crit!submit [+] Trojan/BAT.KillFiles.d!crit!submit [+] Trojan/BAT.KillWin.p!crit!submit [+] Trojan/BAT.KillWin.q!crit!submit [+] Trojan/BAT.KillWin.r!crit!submit [+] Trojan/Linux.Mirai.g!crit!submit [+] Trojan/MSIL.Obfuscated.as!crit!submit [+] Trojan/PS.Loader.e!crit!submit [+] Trojan/W32.FakeApp.i!crit!submit [+] Trojan/W32.ShellLoader.y!crit!submit [+] Trojan/W64.ShellLoader.g!crit!submit [+] Trojan/W64.ShellLoader.h!crit!submit [+] Trojan/W64.ShellLoader.i!crit!submit [+] TrojanDownloader/OSX.Agent.c!crit!submit [+] TrojanDownloader/PS.Agent.bt!crit!submit [+] TrojanDownloader/VBS.Runner.h!crit!submit [+] TrojanDropper/JAVA.Agent.b!crit!submit [+] TrojanSpy/VBS.Stealer.b!crit!submit [+] TrojanSpy/W32.Stealer.ah!crit!submit [+] TrojanSpy/W32.Stealer.ai!crit!submit [+] TrojanSpy/W32.Stealer.aj!crit!submit [+] TrojanSpy/W64.Stealer.g!crit!submit [+] TrojanSpy/W64.Stealer.h!crit!submit [+] TrojanSpy/W64.Stealer.i!crit!submit [+] TrojanSpy/W64.Stealer.j!crit!submit [+] TrojanSpy/W64.Stealer.k!crit!submit [-] Backdoor/W32.Lotok.ac!crit!submit [-] Trojan/MSIL.Obfuscated.ar!crit!submit [-] Trojan/PS.Disabler.b!crit!submit [-] Trojan/W32.Agent.ab!crit!submit [-] Trojan/W32.ShellLoader.u!crit!submit [-] Trojan/W32.ShellLoader.v!crit!submit [-] Trojan/W32.ShellLoader.x!crit!submit [-] TrojanDownloader/Linux.Agent.i!crit!submit [-] TrojanDownloader/Linux.Agent.j!crit!submit [-] TrojanDropper/W64.Agent.d!crit!submit [-] TrojanSpy/BAT.Stealer.j!crit!submit [-] TrojanSpy/W64.ClipBanker.b!crit!submit ```新增: 1
``` [+] Trojan/Runner.FO!submit ```1769339642 - 2026-01-25 11:14:02 UTC
#### 黑名单哈希变更 ([troj.txt](data/1769339642.troj.txt)) 新增: 411769256096 - 2026-01-24 12:01:36 UTC
#### 黑名单哈希变更 ([troj.txt](data/1769256096.troj.txt)) 新增: 381769165827 - 2026-01-23 10:57:07 UTC
#### 特征项变更 ([pset.txt](data/1769165827.pset.txt))新增正式定义: 36 | 移除正式定义: 3
``` [+] Backdoor/AsyncRAT.n [+] Backdoor/MSIL.Crysan.f [+] Exploit/CVE-2025-32433.a [+] HEUR:Backdoor/MSIL.Agent.aw [+] HEUR:Trojan/PS.Runner.v [+] HVM:Backdoor/Lotok.cm [+] HVM:Trojan/ShellLoader.cm [+] HVM:Trojan/ShellLoader.cn [+] HVM:Trojan/ShellLoader.co [+] Trojan/FakeApp.aci [+] Trojan/FakeApp.acj [+] Trojan/FakeApp.ack [+] Trojan/FakeApp.acl [+] Trojan/FakeApp.acm [+] Trojan/FakeApp.acn [+] Trojan/Injector.clq [+] Trojan/Injector.clr [+] Trojan/JS.Obfuscated.dj [+] Trojan/JS.Obfuscated.dk [+] Trojan/JS.Obfuscated.dl [+] Trojan/Loader.nd [+] Trojan/Loader.ne [+] Trojan/Loader.nf [+] Trojan/Loader.ng [+] Trojan/MSIL.Obfuscated.ke [+] Trojan/MSIL.Obfuscated.kf [+] Trojan/Python.Agent.bu [+] Trojan/Python.Agent.bv [+] Trojan/Python.Loader.n [+] Trojan/ShellLoader.aic [+] Trojan/ShellLoader.aid [+] Trojan/ShellLoader.aie [+] TrojanDownloader/Agent.blz [+] TrojanDownloader/JS.Agent.ik [+] TrojanDownloader/MSIL.Agent.ajm [+] TrojanDropper/Agent.alg [-] Backdoor/Lotok.oc [-] Trojan/FakeApp.abq [-] Trojan/FakeApp.abs ```新增遥测定义: 37 | 移除遥测定义: 37
``` [+] Exploit/JS.Pdfka.w!submit [+] Exploit/Vulndriver!submit [+] HEUR:Joke/BAT.Popupwindow.j!submit [+] HEUR:TrojanDownloader/MSIL.Maloader.j!submit [+] HVM:Backdoor/Lotok.cm!submit [+] HVM:Trojan/ShellLoader.cl!submit [+] HVM:Trojan/ShellLoader.cp!submit [+] HackTool/Agent.m!submit [+] HackTool/ConnectWiseControl.i!submit [+] Ransom/Akira.e!submit [+] Trojan/BAT.KillWin.bc!submit [+] Trojan/BAT.Obfuscated.ao!submit [+] Trojan/BAT.Obfuscated.ap!submit [+] Trojan/DLLHijack.ad!submit [+] Trojan/FakeApp.abq!submit [+] Trojan/FakeApp.abs!submit [+] Trojan/FakeApp.aco!submit [+] Trojan/FakeApp.acp!submit [+] Trojan/FakeApp.acq!submit [+] Trojan/FakeApp.acr!submit [+] Trojan/Injector.cls!submit [+] Trojan/KillWin.dk!submit [+] Trojan/Linux.DDos.bl!submit [+] Trojan/MSIL.Injector.qh!submit [+] Trojan/MSIL.Obfuscated.kg!submit [+] Trojan/MSIL.Obfuscated.kh!submit [+] Trojan/MSIL.Obfuscated.ki!submit [+] Trojan/MSIL.Obfuscated.kj!submit [+] Trojan/W64.Agent.gp!submit [+] Trojan/W64.Injector.ce!submit [+] Trojan/W64.Loader.am!submit [+] Trojan/W64.Loader.an!submit [+] TrojanDownloader/MSIL.Maloader.k!submit [+] TrojanDownloader/NetLoader.q!submit [+] TrojanDownloader/PS.NetLoader.ls!submit [+] TrojanDropper/Agent.alh!submit [+] TrojanDropper/Agent.ali!submit [-] Backdoor/AsyncRAT.n!submit [-] Backdoor/MSIL.Crysan.f!submit [-] Exploit/CVE-2025-32433.a!submit [-] HEUR:Backdoor/MSIL.Agent.aw!submit [-] HEUR:Trojan/PS.Runner.v!submit [-] HVM:Trojan/ShellLoader.ck!submit [-] HVM:Trojan/ShellLoader.cm!submit [-] HVM:Trojan/ShellLoader.cn!submit [-] HVM:Trojan/ShellLoader.co!submit [-] Trojan/FakeApp.aci!submit [-] Trojan/FakeApp.acj!submit [-] Trojan/FakeApp.ack!submit [-] Trojan/FakeApp.acl!submit [-] Trojan/FakeApp.acm!submit [-] Trojan/FakeApp.acn!submit [-] Trojan/Injector.clq!submit [-] Trojan/Injector.clr!submit [-] Trojan/JS.Obfuscated.dj!submit [-] Trojan/JS.Obfuscated.dk!submit [-] Trojan/JS.Obfuscated.dl!submit [-] Trojan/Loader.ne!submit [-] Trojan/Loader.nf!submit [-] Trojan/Loader.ng!submit [-] Trojan/MSIL.Obfuscated.ke!submit [-] Trojan/MSIL.Obfuscated.kf!submit [-] Trojan/Python.Agent.bu!submit [-] Trojan/Python.Agent.bv!submit [-] Trojan/Python.Loader.n!submit [-] Trojan/ShellLoader.ahf!submit [-] Trojan/ShellLoader.aic!submit [-] Trojan/ShellLoader.aid!submit [-] Trojan/ShellLoader.aie!submit [-] TrojanDownloader/Agent.blz!submit [-] TrojanDownloader/JS.Agent.ik!submit [-] TrojanDownloader/MSIL.Agent.ajm!submit [-] TrojanDropper/Agent.alg!submit [-] TrojanSpy/W64.Stealer.ab!submit ```新增正式定义: 18 | 移除正式定义: 2
``` [+] Backdoor/W32.Lotok.ab!crit [+] Exploit/JS.CVE-2022-1364.a!crit [+] Trojan/JS.Redirector.a!crit [+] Trojan/Linux.DDos.b!crit [+] Trojan/Linux.Mirai.e!crit [+] Trojan/Linux.Mirai.f!crit [+] Trojan/PS.Obfuscator.fs!crit [+] Trojan/VBS.Loader.e!crit [+] Trojan/W32.HiJack.z!crit [+] Trojan/W32.ShellLoader.t!crit [+] Trojan/W64.Agent.gp!crit [+] Trojan/W64.Agent.gq!crit [+] TrojanDownloader/BAT.Agent.c!crit [+] TrojanDownloader/HTML.Agent.g!crit [+] TrojanDownloader/LNK.Agent.f!crit [+] TrojanDownloader/PS.Agent.bs!crit [+] TrojanDropper/W32.Agent.g!crit [+] TrojanDropper/W64.Agent.b!crit [-] Trojan/VBS.Loader.e [-] TrojanSpy/W64.ClipBanker.b!crit ```新增遥测定义: 33 | 移除遥测定义: 15
``` [+] Backdoor/W32.Lotok.ac!crit!submit [+] Joke/BAT.CrazyFile.a!crit!submit [+] Joke/BAT.Shutdown.d!crit!submit [+] Joke/BAT.Shutdown.e!crit!submit [+] Trojan/BAT.KillFile.c!crit!submit [+] Trojan/BAT.KillWin.m!crit!submit [+] Trojan/BAT.KillWin.n!crit!submit [+] Trojan/BAT.KillWin.o!crit!submit [+] Trojan/MSIL.Obfuscated.ar!crit!submit [+] Trojan/PS.Disabler.b!crit!submit [+] Trojan/VBS.Loader.e!crit!submit [+] Trojan/W32.Agent.ab!crit!submit [+] Trojan/W32.Agent.cugb!crit!submit [+] Trojan/W32.ShellLoader.u!crit!submit [+] Trojan/W32.ShellLoader.v!crit!submit [+] Trojan/W32.ShellLoader.x!crit!submit [+] Trojan/W32.ShellLoader.z!crit!submit [+] Trojan/W64.Injector.h!crit!submit [+] Trojan/W64.ShellLoader.f!crit!submit [+] TrojanDownloader/Linux.Agent.i!crit!submit [+] TrojanDownloader/Linux.Agent.j!crit!submit [+] TrojanDownloader/PS.Runner.x!crit!submit [+] TrojanDropper/PS.Encpe.a!crit!submit [+] TrojanDropper/PS.Encpe.b!crit!submit [+] TrojanDropper/PS.Runner.d!crit!submit [+] TrojanDropper/W64.Agent.d!crit!submit [+] TrojanDropper/W64.Runner.a!crit!submit [+] TrojanSpy/BAT.Stealer.j!crit!submit [+] TrojanSpy/PS.Keylogger.c!crit!submit [+] TrojanSpy/W32.Stealer.af!crit!submit [+] TrojanSpy/W32.Stealer.ag!crit!submit [+] TrojanSpy/W64.ClipBanker.b!crit!submit [+] TrojanSpy/W64.Keylogger.b!crit!submit [-] Backdoor/W32.Lotok.ab!crit!submit [-] Exploit/JS.CVE-2022-1364.a!crit!submit [-] Trojan/JS.Redirector.a!crit!submit [-] Trojan/Linux.DDos.b!crit!submit [-] Trojan/Linux.Mirai.e!crit!submit [-] Trojan/Linux.Mirai.f!crit!submit [-] Trojan/PS.Obfuscator.fs!crit!submit [-] Trojan/W32.HiJack.z!crit!submit [-] Trojan/W64.Agent.gp!crit!submit [-] Trojan/W64.Agent.gq!crit!submit [-] TrojanDownloader/BAT.Agent.c!crit!submit [-] TrojanDownloader/HTML.Agent.g!crit!submit [-] TrojanDownloader/LNK.Agent.f!crit!submit [-] TrojanDownloader/PS.Agent.bs!crit!submit [-] TrojanDropper/W64.Agent.b!crit!submit ```新增: 2 | 移除: 2
``` [+] ADV:Ransom/Genalocker.ZGA!submit [+] ADV:Ransom/Genalocker.ZGB!submit [-] ADV:Ransom/Genalocker.ZFA!submit [-] ADV:Ransom/Genalocker.ZFB!submit ```1769081101 - 2026-01-22 11:25:01 UTC
#### 特征项变更 ([pset.txt](data/1769081101.pset.txt))新增正式定义: 38 | 移除正式定义: 1
``` [+] Backdoor/ASPX.WebShell.m [+] Backdoor/MSIL.AsyncRAT.ac [+] HEUR:Backdoor/ASPX.WebShell.n [+] HEUR:Backdoor/ASPX.WebShell.o [+] HEUR:Trojan/ProxyChanger.d [+] HEUR:Trojan/ShellLoader.aib [+] HVM:Backdoor/W64.Agent.n [+] HVM:TrojanDownloader/W64.Agent.ct [+] Trojan/BAT.Loader.l [+] Trojan/FakeApp.acc [+] Trojan/FakeApp.acd [+] Trojan/FakeApp.ace [+] Trojan/FakeApp.acf [+] Trojan/FakeApp.acg [+] Trojan/FakeApp.ach [+] Trojan/HTML.Agent.br [+] Trojan/Injector.clp [+] Trojan/Loader.nb [+] Trojan/Loader.nc [+] Trojan/MSIL.Obfuscated.kd [+] Trojan/MSIL.ShellLoader.am [+] Trojan/Obfuscated.nw [+] Trojan/PS.Agent.bt [+] Trojan/Python.Agent.bt [+] Trojan/Runner.fo [+] Trojan/ShellLoader.aib [+] Trojan/W64.Injector.cc [+] Trojan/W64.Injector.cd [+] TrojanDownloader/Agent.bly [+] TrojanDownloader/JS.Agent.ij [+] TrojanDownloader/JS.Maloader.as [+] TrojanDownloader/LNK.Agent.hd [+] TrojanDownloader/MSIL.Agent.ajl [+] TrojanDownloader/PS.Agent.fh [+] TrojanDownloader/PS.Agent.fi [+] TrojanDownloader/VBS.Agent.kh [+] TrojanDownloader/VBS.Agent.ki [+] TrojanSpy/W64.Stealer.aa [-] Trojan/ShellLoader.ahx ```新增遥测定义: 39 | 移除遥测定义: 39
``` [+] Backdoor/AsyncRAT.n!submit [+] Backdoor/MSIL.Crysan.f!submit [+] Exploit/CVE-2025-32433.a!submit [+] HEUR:Backdoor/MSIL.Agent.aw!submit [+] HEUR:Trojan/PS.Runner.v!submit [+] HVM:Trojan/ShellLoader.ck!submit [+] HVM:Trojan/ShellLoader.cm!submit [+] HVM:Trojan/ShellLoader.cn!submit [+] HVM:Trojan/ShellLoader.co!submit [+] Trojan/FakeApp.aci!submit [+] Trojan/FakeApp.acj!submit [+] Trojan/FakeApp.ack!submit [+] Trojan/FakeApp.acl!submit [+] Trojan/FakeApp.acm!submit [+] Trojan/FakeApp.acn!submit [+] Trojan/Injector.clq!submit [+] Trojan/Injector.clr!submit [+] Trojan/JS.Obfuscated.dj!submit [+] Trojan/JS.Obfuscated.dk!submit [+] Trojan/JS.Obfuscated.dl!submit [+] Trojan/Linux.Mirai.gq!submit [+] Trojan/Loader.nd!submit [+] Trojan/Loader.ne!submit [+] Trojan/Loader.nf!submit [+] Trojan/Loader.ng!submit [+] Trojan/MSIL.Obfuscated.ke!submit [+] Trojan/MSIL.Obfuscated.kf!submit [+] Trojan/Python.Agent.bu!submit [+] Trojan/Python.Agent.bv!submit [+] Trojan/Python.Loader.n!submit [+] Trojan/ShellLoader.ahf!submit [+] Trojan/ShellLoader.aic!submit [+] Trojan/ShellLoader.aid!submit [+] Trojan/ShellLoader.aie!submit [+] TrojanDownloader/Agent.blz!submit [+] TrojanDownloader/JS.Agent.ik!submit [+] TrojanDownloader/Linux.Agent.ec!submit [+] TrojanDownloader/MSIL.Agent.ajm!submit [+] TrojanDropper/Agent.alg!submit [-] Backdoor/ASPX.WebShell.m!submit [-] Backdoor/MSIL.AsyncRAT.ac!submit [-] HEUR:Backdoor/ASPX.WebShell.n!submit [-] HEUR:Backdoor/ASPX.WebShell.o!submit [-] HEUR:Trojan/ShellLoader.aib!submit [-] HVM:Backdoor/W64.Agent.n!submit [-] HVM:TrojanDownloader/W64.Agent.ct!submit [-] Trojan/BAT.Loader.l!submit [-] Trojan/FakeApp.acc!submit [-] Trojan/FakeApp.acd!submit [-] Trojan/FakeApp.ace!submit [-] Trojan/FakeApp.acf!submit [-] Trojan/FakeApp.acg!submit [-] Trojan/FakeApp.ach!submit [-] Trojan/HTML.Agent.br!submit [-] Trojan/Injector.clp!submit [-] Trojan/Loader.nb!submit [-] Trojan/Loader.nc!submit [-] Trojan/MSIL.Obfuscated.kd!submit [-] Trojan/MSIL.ShellLoader.am!submit [-] Trojan/Obfuscated.nw!submit [-] Trojan/PS.Agent.bt!submit [-] Trojan/ProxyChanger.i!submit [-] Trojan/Python.Agent.bt!submit [-] Trojan/Runner.fo!submit [-] Trojan/ShellLoader.aib!submit [-] Trojan/W64.Injector.cc!submit [-] Trojan/W64.Injector.cd!submit [-] TrojanDownloader/Agent.bly!submit [-] TrojanDownloader/JS.Agent.ij!submit [-] TrojanDownloader/JS.Maloader.as!submit [-] TrojanDownloader/LNK.Agent.hd!submit [-] TrojanDownloader/MSIL.Agent.ajl!submit [-] TrojanDownloader/PS.Agent.fh!submit [-] TrojanDownloader/PS.Agent.fi!submit [-] TrojanDownloader/VBS.Agent.fj!submit [-] TrojanDownloader/VBS.Agent.kh!submit [-] TrojanDownloader/VBS.Agent.ki!submit [-] TrojanSpy/W64.Stealer.aa!submit ```新增正式定义: 18 | 移除正式定义: 1
``` [+] HackTool/Linux.PortScan.a!crit [+] HackTool/Linux.PortScan.b!crit [+] Ransom/W32.LockFile.rl!crit [+] Trojan/BAT.Obfuscated.arg!crit [+] Trojan/HTML.Redirector.a!crit [+] Trojan/Linux.Mirai.d!crit [+] Trojan/MSIL.Obfuscated.kd!crit [+] Trojan/W32.FakeApp.g!crit [+] Trojan/W32.FakeApp.h!crit [+] Trojan/W32.ShellLoader.x!crit [+] Trojan/W32.ShellLoader.y [+] Trojan/W64.StartPage.ll!crit [+] TrojanDownloader/HTML.Agent.f!crit [+] TrojanDownloader/LNK.Agent.g!crit [+] TrojanDownloader/PS.Agent.bq!crit [+] TrojanDownloader/PS.Agent.br!crit [+] TrojanSpy/W64.Stealer.e!crit [+] TrojanSpy/W64.Stealer.f!crit [-] TrojanSpy/W64.Stealer.d!crit ```新增遥测定义: 29 | 移除遥测定义: 20
``` [+] Backdoor/PHP.WebShell.ab!crit!submit [+] Backdoor/W32.Lotok.ab!crit!submit [+] Exploit/JS.CVE-2022-1364.a!crit!submit [+] Joke/BAT.Shutdown.c!crit!submit [+] Joke/VBS.CrazyWindow.b!crit!submit [+] Joke/VBS.CrazyWindow.c!crit!submit [+] Joke/VBS.CrazyWindow.d!crit!submit [+] Trojan/JS.Redirector.a!crit!submit [+] Trojan/Linux.DDos.b!crit!submit [+] Trojan/Linux.Mirai.e!crit!submit [+] Trojan/Linux.Mirai.f!crit!submit [+] Trojan/PS.Obfuscator.fs!crit!submit [+] Trojan/VBS.KillWin.a!crit!submit [+] Trojan/W32.HiJack.z!crit!submit [+] Trojan/W64.Agent.gp!crit!submit [+] Trojan/W64.Agent.gq!crit!submit [+] TrojanDownloader/BAT.Agent.c!crit!submit [+] TrojanDownloader/HTML.Agent.g!crit!submit [+] TrojanDownloader/LNK.Agent.f!crit!submit [+] TrojanDownloader/PS.Agent.bs!crit!submit [+] TrojanDownloader/PS.Runner.t!crit!submit [+] TrojanDownloader/PS.Runner.u!crit!submit [+] TrojanDownloader/PS.Runner.v!crit!submit [+] TrojanDownloader/PS.Runner.w!crit!submit [+] TrojanDownloader/W32.Starter.g!crit!submit [+] TrojanDownloader/W32.Starter.h!crit!submit [+] TrojanDropper/W64.Agent.b!crit!submit [+] TrojanSpy/W32.Shiz.a!crit!submit [+] TrojanSpy/W32.Shiz.b!crit!submit [-] HackTool/Linux.PortScan.a!crit!submit [-] HackTool/Linux.PortScan.b!crit!submit [-] Ransom/W32.LockFile.rl!crit!submit [-] Trojan/BAT.Obfuscated.arg!crit!submit [-] Trojan/HTML.Redirector.a!crit!submit [-] Trojan/JS.Pdfka.l!crit!submit [-] Trojan/Linux.Mirai.d!crit!submit [-] Trojan/MSIL.Obfuscated.kd!crit!submit [-] Trojan/W32.FakeApp.g!crit!submit [-] Trojan/W32.FakeApp.h!crit!submit [-] Trojan/W32.ShellLoader.s!crit!submit [-] Trojan/W32.ShellLoader.x!crit!submit [-] Trojan/W32.ShellLoader.y!crit!submit [-] Trojan/W64.StartPage.ll!crit!submit [-] TrojanDownloader/HTML.Agent.f!crit!submit [-] TrojanDownloader/LNK.Agent.g!crit!submit [-] TrojanDownloader/PS.Agent.bq!crit!submit [-] TrojanDownloader/PS.Agent.br!crit!submit [-] TrojanDropper/W32.Agent.f!crit!submit [-] TrojanSpy/W64.Stealer.f!crit!submit ```1768997183 - 2026-01-21 12:06:23 UTC
#### 特征项变更 ([pset.txt](data/1768997183.pset.txt))新增正式定义: 53 | 移除正式定义: 2
``` [+] Adware/InstallCore.t [+] Backdoor/Lotok.ol [+] Exploit/CVE-2022-1364 [+] HEUR:Ransom/LockFile.rj [+] HEUR:Trojan/FakeApp.av [+] HEUR:Trojan/ShellLoader.ahy [+] HVM:Trojan/ShellLoader.cl [+] HVM:Trojan/W64.ShellLoader.ak [+] HVM:TrojanSpy/W64.Stealer.aa [+] HackTool/EDRBlocker [+] HackTool/MSIL.AppxPotato.a [+] HackTool/MSIL.BrowserGhost.a [+] HackTool/MSIL.ListRDP.a [+] HackTool/MSIL.LsassDumper.b [+] HackTool/MSIL.SharpClipHistory.a [+] HackTool/MSIL.SharpElevator.a [+] HackTool/MSIL.SharpWxDump.a [+] Ransom/Akira.d [+] Ransom/LockFile.rj [+] SVM:TrojanDownloader/JS.MalBehav.gen!H [+] SVM:TrojanDownloader/JS.MalBehav.gen.G [+] Trojan/Agent.clt [+] Trojan/BAT.Pwrsvc.bw [+] Trojan/CoinMiner.lb [+] Trojan/FakeApp.abz [+] Trojan/FakeApp.aca [+] Trojan/FakeApp.acb [+] Trojan/Injector.cln [+] Trojan/Injector.clo [+] Trojan/Korplug.ak [+] Trojan/Korplug.al [+] Trojan/Linux.CoinMiner.dx [+] Trojan/Linux.DDos.bj [+] Trojan/Linux.DDos.bk [+] Trojan/Loader.na [+] Trojan/MSIL.AddUser.k [+] Trojan/Python.Loader.m [+] Trojan/ShellLoader.ahz [+] Trojan/ShellLoader.aia [+] Trojan/StartPage.lk [+] Trojan/W64.Agent.gn [+] Trojan/W64.Agent.go [+] Trojan/W64.Loader.al [+] TrojanDownloader/Linux.Agent.ea [+] TrojanDownloader/Linux.Agent.eb [+] TrojanDownloader/PS.Agent.ff [+] TrojanDownloader/PS.Agent.fg [+] TrojanDownloader/VBS.Agent.kg [+] TrojanDownloader/W64.Agent.cs [+] TrojanDropper/Agent.ale [+] TrojanDropper/Agent.alf [+] TrojanDropper/W64.Agent.cb [+] Virus/Viking.a!dll@viking_kdll [-] Ransom/Akira.e [-] SVM:TrojanDownloader/JS.MalBehav.gen.a ```新增遥测定义: 45 | 移除遥测定义: 51
``` [+] Backdoor/ASPX.WebShell.m!submit [+] Backdoor/Lotok.nv!submit [+] Backdoor/MSIL.AsyncRAT.ac!submit [+] HEUR:Backdoor/ASPX.WebShell.n!submit [+] HEUR:Backdoor/ASPX.WebShell.o!submit [+] HEUR:Trojan/ShellLoader.aib!submit [+] HVM:Backdoor/W64.Agent.n!submit [+] HVM:TrojanDownloader/W64.Agent.ct!submit [+] HackTool/MSIL.SchTask.a!submit [+] HackTool/W64.ProcessHacker.b!submit [+] Ransom/LockFile.rk!submit [+] Trojan/BAT.Loader.l!submit [+] Trojan/DLLHijack.ac!submit [+] Trojan/FakeApp.acc!submit [+] Trojan/FakeApp.acd!submit [+] Trojan/FakeApp.ace!submit [+] Trojan/FakeApp.acf!submit [+] Trojan/FakeApp.acg!submit [+] Trojan/FakeApp.ach!submit [+] Trojan/HTML.Agent.br!submit [+] Trojan/Injector.clp!submit [+] Trojan/Loader.nb!submit [+] Trojan/Loader.nc!submit [+] Trojan/MSIL.Obfuscated.kd!submit [+] Trojan/MSIL.ShellLoader.am!submit [+] Trojan/Obfuscated.nw!submit [+] Trojan/PS.Agent.bt!submit [+] Trojan/ProxyChanger.i!submit [+] Trojan/Python.Agent.bt!submit [+] Trojan/Runner.fo!submit [+] Trojan/ShellLoader.aib!submit [+] Trojan/W64.Injector.cc!submit [+] Trojan/W64.Injector.cd!submit [+] TrojanDownloader/Agent.bly!submit [+] TrojanDownloader/JS.Agent.ij!submit [+] TrojanDownloader/JS.Maloader.as!submit [+] TrojanDownloader/LNK.Agent.hd!submit [+] TrojanDownloader/MSIL.Agent.ajl!submit [+] TrojanDownloader/PS.Agent.fh!submit [+] TrojanDownloader/PS.Agent.fi!submit [+] TrojanDownloader/VBS.Agent.fj!submit [+] TrojanDownloader/VBS.Agent.kh!submit [+] TrojanDownloader/VBS.Agent.ki!submit [+] TrojanSpy/W64.Stealer.aa!submit [+] TrojanSpy/W64.Stealer.ab!submit [-] Adware/InstallCore.t!submit [-] Backdoor/Lotok.ol!submit [-] HEUR:Ransom/LockFile.rj!submit [-] HEUR:Trojan/FakeApp.av!submit [-] HEUR:Trojan/ShellLoader.ahy!submit [-] HVM:Trojan/MalBehav.i!submit [-] HVM:Trojan/ShellLoader.cl!submit [-] HVM:Trojan/W64.ShellLoader.ak!submit [-] HVM:TrojanSpy/W64.Stealer.aa!submit [-] HackTool/AppxPotato.a!submit [-] HackTool/BrowserGhost.a!submit [-] HackTool/ListRDP.a!submit [-] HackTool/LsassDumper.b!submit [-] HackTool/SchTask.a!submit [-] HackTool/SharpClipHistory.a!submit [-] HackTool/SharpElevator.a!submit [-] HackTool/SharpWxDump.a!submit [-] Ransom/Akira.d!submit [-] Ransom/LockFile.rj!submit [-] SVM:TrojanDownloader/JS.MalBehav.b!submit [-] Trojan/AddUser.k!submit [-] Trojan/Agent.clt!submit [-] Trojan/Agent.clu!submit [-] Trojan/CoinMiner.lb!submit [-] Trojan/FakeApp.abz!submit [-] Trojan/FakeApp.aca!submit [-] Trojan/FakeApp.acb!submit [-] Trojan/Injector.cln!submit [-] Trojan/Injector.clo!submit [-] Trojan/Korplug.ak!submit [-] Trojan/Korplug.al!submit [-] Trojan/Linux.CoinMiner.dx!submit [-] Trojan/Linux.DDos.bj!submit [-] Trojan/Linux.DDos.bk!submit [-] Trojan/Loader.na!submit [-] Trojan/Python.Loader.m!submit [-] Trojan/ShellLoader.ahz!submit [-] Trojan/ShellLoader.aia!submit [-] Trojan/StartPage.lk!submit [-] Trojan/W64.Agent.gn!submit [-] Trojan/W64.Agent.go!submit [-] Trojan/W64.Loader.al!submit [-] TrojanDownloader/Linux.Agent.ea!submit [-] TrojanDownloader/Linux.Agent.eb!submit [-] TrojanDownloader/PS.Agent.ff!submit [-] TrojanDownloader/PS.Agent.fg!submit [-] TrojanDownloader/VBS.Agent.kg!submit [-] TrojanDownloader/W64.Agent.cs!submit [-] TrojanDropper/Agent.ale!submit [-] TrojanDropper/Agent.alf!submit [-] TrojanDropper/W64.Agent.cb!submit ```新增正式定义: 7
``` [+] Exploit/W32.Vulndriver.b!crit [+] Exploit/W32.Vulndriver.c!crit [+] Trojan/HTML.Phishing.ot!crit [+] Trojan/JS.Obfuscated.dj!crit [+] Trojan/JS.Obfuscated.dk!crit [+] Trojan/JS.Obfuscated.dl!crit [+] Trojan/SCR.ShellCode.m!crit ```新增遥测定义: 32 | 移除遥测定义: 12
``` [+] Backdoor/PHP.Webshell.aa!crit!submit [+] Backdoor/PS.ReverseShell.h!crit!submit [+] Backdoor/PS.ReverseShell.j!crit!submit [+] HackTool/Linux.PortScan.a!crit!submit [+] HackTool/Linux.PortScan.b!crit!submit [+] Ransom/W32.LockFile.d!crit!submit [+] Ransom/W32.LockFile.e!crit!submit [+] Ransom/W32.LockFile.rl!crit!submit [+] Trojan/BAT.Obfuscated.arg!crit!submit [+] Trojan/HTML.Redirector.a!crit!submit [+] Trojan/Linux.Mirai.d!crit!submit [+] Trojan/MSIL.Obfuscated.kd!crit!submit [+] Trojan/W32.FakeApp.g!crit!submit [+] Trojan/W32.FakeApp.h!crit!submit [+] Trojan/W32.KillFile.a!crit!submit [+] Trojan/W32.ShellLoader.s!crit!submit [+] Trojan/W32.ShellLoader.x!crit!submit [+] Trojan/W32.ShellLoader.y!crit!submit [+] Trojan/W32.Stealer.b!crit!submit [+] Trojan/W64.StartPage.ll!crit!submit [+] TrojanDownloader/HTML.Agent.f!crit!submit [+] TrojanDownloader/LNK.Agent.g!crit!submit [+] TrojanDownloader/PS.Agent.bq!crit!submit [+] TrojanDownloader/PS.Agent.br!crit!submit [+] TrojanDownloader/PS.Runner.s!crit!submit [+] TrojanDownloader/VBS.Runner.g!crit!submit [+] TrojanDownloader/VBS.Starter.b!crit!submit [+] TrojanDropper/W32.Agent.f!crit!submit [+] TrojanSpy/PS.Keylogger.b!crit!submit [+] TrojanSpy/PS.Stealer.n!crit!submit [+] TrojanSpy/W64.Stealer.e!crit!submit [+] TrojanSpy/W64.Stealer.f!crit!submit [-] Backdoor/W32.Lotok.aa!crit!submit [-] Exploit/W32.Vulndriver.b!crit!submit [-] Exploit/W32.Vulndriver.c!crit!submit [-] HEUR:Trojan/W32.HiJack.a!crit!submit [-] Trojan/HTML.Phishing.ot!crit!submit [-] Trojan/JS.Obfuscated.dj!crit!submit [-] Trojan/JS.Obfuscated.dk!crit!submit [-] Trojan/JS.Obfuscated.dl!crit!submit [-] Trojan/SCR.ShellCode.m!crit!submit [-] Trojan/W32.ShellLoader.q!crit!submit [-] Trojan/W32.ShellLoader.r!crit!submit [-] TrojanDropper/W32.Agent.e!crit!submit ```1768907496 - 2026-01-20 11:11:36 UTC
#### 特征项变更 ([pset.txt](data/1768907496.pset.txt))新增正式定义: 40 | 移除正式定义: 53
``` [+] Backdoor/Androm.aj [+] Backdoor/Lotok.oc [+] HEUR:Trojan/JS.Injector.t [+] HVM:Trojan/ShellLoader.ck [+] OMacro/Thus.n [+] Ransom/Akira.e [+] Ransom/Linux.Lockbit.e [+] Trojan/Agent.cls [+] Trojan/BAT.Obfuscated.an [+] Trojan/FakeApp.abr [+] Trojan/FakeApp.abs [+] Trojan/FakeApp.abt [+] Trojan/FakeApp.abu [+] Trojan/FakeApp.abv [+] Trojan/FakeApp.abw [+] Trojan/FakeApp.abx [+] Trojan/FakeApp.aby [+] Trojan/Injector.clm [+] Trojan/JS.Obfuscated.di [+] Trojan/KillWin.dj [+] Trojan/Linux.Agent.dh [+] Trojan/Linux.DDos.bh [+] Trojan/Linux.DDos.bi [+] Trojan/Loader.mx [+] Trojan/Loader.my [+] Trojan/Loader.mz [+] Trojan/MSIL.Loader.at [+] Trojan/MSIL.Obfuscated.kc [+] Trojan/OSX.Loader.a [+] Trojan/OSX.Loader.c [+] Trojan/ShellLoader.ahy [+] Trojan/W64.Agent.gl [+] Trojan/W64.Loader.ak [+] TrojanDownloader/Agent.blx [+] TrojanDownloader/LNK.Agent.hc [+] TrojanDownloader/W64.Agent.cr [+] TrojanDropper/Agent.alb [+] TrojanDropper/Agent.alc [+] TrojanDropper/Agent.ald [+] TrojanDropper/PS.Agent.z [-] Adware/ExtensionInstaller [-] Backdoor/XRat [-] Constructor/CodeLoaderGen [-] Constructor/ShellGenerate [-] Exploit/CVE-2020-16902 [-] Exploit/CVE-2022-21882 [-] Exploit/CVE-2025-29824 [-] Exploit/CVE-2025-60710 [-] HackTool/AntSword [-] HackTool/BloodHound [-] HackTool/BrowserSpy [-] HackTool/DSEFix [-] HackTool/Ddos.d [-] HackTool/DefenderWrite [-] HackTool/DumpGuard [-] HackTool/Gost [-] HackTool/Inject [-] HackTool/Launcher [-] HackTool/Linux.CoinMiner [-] HackTool/Mimipenguin [-] HackTool/NoPatchGuard [-] HackTool/PassStealer [-] HackTool/Railgun [-] HackTool/Reaper [-] HackTool/Remote [-] HackTool/SilentButDeadly [-] HackTool/Stowaway [-] HackTool/Uacme [-] Hacktool/DisPPL [-] Joke/Crayzpop [-] Joke/ScreenMelter [-] RootKit/Agent [-] Rootkit/DNSHijack [-] Rootkit/Inject [-] Rootkit/Injecter [-] Rootkit/MiniFilter [-] Trojan/BSoD [-] Trojan/FakeChrome [-] Trojan/JS.Dropper [-] Trojan/JS.POSCardStealer [-] Trojan/Lisp.Neyer [-] Trojan/MSIL.Obfuscated [-] Trojan/ServStart [-] Trojan/VB.Agent [-] Trojan/VBS.Radier [-] Trojan/Zlader [-] TrojanDownloader/Qfas [-] TrojanDownloader/SiMay [-] TrojanSpy/JS.Credtect [-] TrojanSpy/Loader [-] TrojanSpy/MSIL.Steam [-] Virus/VBS.Agent [-] Worm/VBS.Padon ```新增遥测定义: 52 | 移除遥测定义: 44
``` [+] Adware/InstallCore.t!submit [+] Backdoor/Lotok.ol!submit [+] HEUR:Ransom/LockFile.rj!submit [+] HEUR:Trojan/FakeApp.av!submit [+] HEUR:Trojan/ShellLoader.ahy!submit [+] HVM:Trojan/MalBehav.i!submit [+] HVM:Trojan/ShellLoader.cl!submit [+] HVM:Trojan/W64.ShellLoader.ak!submit [+] HVM:TrojanSpy/W64.Stealer.aa!submit [+] HackTool/AppxPotato.a!submit [+] HackTool/BrowserGhost.a!submit [+] HackTool/ListRDP.a!submit [+] HackTool/LsassDumper.b!submit [+] HackTool/SchTask.a!submit [+] HackTool/SharpClipHistory.a!submit [+] HackTool/SharpElevator.a!submit [+] HackTool/SharpWxDump.a!submit [+] Ransom/LockFile.rj!submit [+] SVM:TrojanDownloader/JS.MalBehav.a!submit [+] SVM:TrojanDownloader/JS.MalBehav.b!submit [+] Trojan/AddUser.k!submit [+] Trojan/Agent.clt!submit [+] Trojan/Agent.clu!submit [+] Trojan/CoinMiner.lb!submit [+] Trojan/FakeApp.abz!submit [+] Trojan/FakeApp.aca!submit [+] Trojan/FakeApp.acb!submit [+] Trojan/Injector.cln!submit [+] Trojan/Injector.clo!submit [+] Trojan/Korplug.ak!submit [+] Trojan/Korplug.al!submit [+] Trojan/Linux.CoinMiner.dx!submit [+] Trojan/Linux.DDos.bj!submit [+] Trojan/Linux.DDos.bk!submit [+] Trojan/Linux.Mirai.gp!submit [+] Trojan/Loader.na!submit [+] Trojan/Python.Loader.m!submit [+] Trojan/ShellLoader.ahz!submit [+] Trojan/ShellLoader.aia!submit [+] Trojan/StartPage.lk!submit [+] Trojan/W64.Agent.gn!submit [+] Trojan/W64.Agent.go!submit [+] Trojan/W64.Loader.al!submit [+] TrojanDownloader/Linux.Agent.ea!submit [+] TrojanDownloader/Linux.Agent.eb!submit [+] TrojanDownloader/PS.Agent.ff!submit [+] TrojanDownloader/PS.Agent.fg!submit [+] TrojanDownloader/VBS.Agent.kg!submit [+] TrojanDownloader/W64.Agent.cs!submit [+] TrojanDropper/Agent.ale!submit [+] TrojanDropper/Agent.alf!submit [+] TrojanDropper/W64.Agent.cb!submit [-] Backdoor/Androm.aj!submit [-] Backdoor/Lotok.oc!submit [-] Exploit/Vulndriver!submit [-] HEUR:Trojan/JS.Injector.t!submit [-] HVM:Trojan/ShellLoader.ck!submit [-] HackTool/PetitPotato!submit [-] OMacro/Thus.n!submit [-] Ransom/Akira.e!submit [-] Ransom/Linux.Lockbit.e!submit [-] RootKit/Agent!submit [-] Trojan/Agent.cls!submit [-] Trojan/BAT.Obfuscated.an!submit [-] Trojan/FakeApp.abb!submit [-] Trojan/FakeApp.abr!submit [-] Trojan/FakeApp.abs!submit [-] Trojan/FakeApp.abt!submit [-] Trojan/FakeApp.abu!submit [-] Trojan/FakeApp.abv!submit [-] Trojan/FakeApp.abw!submit [-] Trojan/FakeApp.abx!submit [-] Trojan/FakeApp.aby!submit [-] Trojan/Injector.clm!submit [-] Trojan/JS.Obfuscated.di!submit [-] Trojan/KillWin.dj!submit [-] Trojan/Linux.Agent.dh!submit [-] Trojan/Linux.DDos.bh!submit [-] Trojan/Linux.DDos.bi!submit [-] Trojan/Loader.mx!submit [-] Trojan/Loader.my!submit [-] Trojan/Loader.mz!submit [-] Trojan/MSIL.Loader.at!submit [-] Trojan/MSIL.Obfuscated.kc!submit [-] Trojan/OSX.Loader.a!submit [-] Trojan/OSX.Loader.c!submit [-] Trojan/ShellLoader.ahy!submit [-] Trojan/W64.Agent.gl!submit [-] Trojan/W64.Loader.ak!submit [-] TrojanDownloader/Agent.blx!submit [-] TrojanDownloader/LNK.Agent.hc!submit [-] TrojanDownloader/W64.Agent.cr!submit [-] TrojanDropper/Agent.alb!submit [-] TrojanDropper/Agent.alc!submit [-] TrojanDropper/Agent.ald!submit [-] TrojanDropper/PS.Agent.z!submit ```新增正式定义: 8 | 移除正式定义: 1
``` [+] Backdoor/JSP.WebShell.r!crit [+] Backdoor/Linux.Gafgyt.b!crit [+] HackTool/W64.Fscan.a!crit [+] Trojan/Linux.Mirai.c!crit [+] Trojan/MSIL.Obfuscated.aq!crit [+] TrojanDownloader/HTML.Agent.e!crit [+] TrojanDownloader/W32.Agent.blx!crit [+] TrojanSpy/W64.Stealer.d!crit [-] Backdoor/JSP.WebShell.r ```新增遥测定义: 34 | 移除遥测定义: 11
``` [+] Backdoor/BAT.ReverseShell.c!crit!submit [+] Backdoor/PHP.WebShell.y!crit!submit [+] Backdoor/PHP.WebShell.z!crit!submit [+] Backdoor/W32.Lotok.aa!crit!submit [+] Exploit/W32.Vulndriver.b!crit!submit [+] Exploit/W32.Vulndriver.c!crit!submit [+] HEUR:Trojan/W32.HiJack.a!crit!submit [+] Joke/BAT.CrazyWindow.a!crit!submit [+] Ransom/VBS.LockFile.b!crit!submit [+] Ransom/W32.LockFile.b!crit!submit [+] Trojan/BAT.KillFile.b!crit!submit [+] Trojan/BAT.KillWin.j!crit!submit [+] Trojan/BAT.KillWin.k!crit!submit [+] Trojan/HTML.Phishing.ot!crit!submit [+] Trojan/JS.Obfuscated.dj!crit!submit [+] Trojan/JS.Obfuscated.dk!crit!submit [+] Trojan/JS.Obfuscated.dl!crit!submit [+] Trojan/SCR.KillWin.b!crit!submit [+] Trojan/SCR.ShellCode.m!crit!submit [+] Trojan/VBS.KillAV.c!crit!submit [+] Trojan/W32.Injector.u!crit!submit [+] Trojan/W32.Injector.v!crit!submit [+] Trojan/W32.ShellLoader.q!crit!submit [+] Trojan/W32.ShellLoader.r!crit!submit [+] Trojan/W64.ShellLoader.e!crit!submit [+] TrojanDownloader/W32.Starter.b!crit!submit [+] TrojanDownloader/W32.Starter.c!crit!submit [+] TrojanDownloader/W32.Starter.e!crit!submit [+] TrojanDropper/W32.Agent.e!crit!submit [+] TrojanDropper/W32.Starter.b!crit!submit [+] TrojanSpy/BAT.Stealer.i!crit!submit [+] TrojanSpy/PHP.Phishing.b!crit!submit [+] TrojanSpy/W32.Stealer.ad!crit!submit [+] TrojanSpy/W32.Stealer.ae!crit!submit [-] Backdoor/Linux.Gafgyt.b!crit!submit [-] Backdoor/W32.Lotok.z!crit!submit [-] HackTool/W64.Fscan.a!crit!submit [-] Trojan/Linux.Mirai.c!crit!submit [-] Trojan/MSIL.Obfuscated.aq!crit!submit [-] Trojan/W32.Agent.aa!crit!submit [-] Trojan/W32.Agent.y!crit!submit [-] Trojan/W32.Agent.z!crit!submit [-] TrojanDownloader/HTML.Agent.e!crit!submit [-] TrojanDownloader/W32.Agent.blx!crit!submit [-] TrojanSpy/W64.Stealer.d!crit!submit ```1768821989 - 2026-01-19 11:26:29 UTC
#### 特征项变更 ([pset.txt](data/1768821989.pset.txt))新增正式定义: 37
``` [+] HEUR:TrojanDropper/Agent.ar [+] HVM:Backdoor/Lotok.cl [+] Trojan/BAT.Runner.bs [+] Trojan/BAT.Runner.bt [+] Trojan/FakeApp.aae [+] Trojan/FakeApp.abo [+] Trojan/FakeApp.abp [+] Trojan/FakeApp.abq [+] Trojan/FakeApp.zd [+] Trojan/Loader.mw [+] Trojan/MSIL.Disabler.e [+] Trojan/MSIL.Obfuscated.kb [+] Trojan/PS.Loader.q [+] Trojan/PS.Loader.r [+] Trojan/Python.DDos.i [+] Trojan/Rozena.bf [+] Trojan/Runner.fn [+] Trojan/ShellLoader.ahv [+] Trojan/ShellLoader.ahw [+] Trojan/ShellLoader.ahx [+] Trojan/W64.Agent.gm [+] Trojan/W64.Injector.cb [+] Trojan/W64.ShellLoader.aj [+] TrojanDownloader/JS.Agent.ii [+] TrojanDownloader/PS.Agent.fe [+] TrojanDownloader/VBS.Agent.kf [+] TrojanDropper/Agent.akz [+] TrojanDropper/Agent.ala [+] TrojanDropper/Android.Agent.ci [+] TrojanDropper/Android.Agent.cj [+] TrojanDropper/Android.Agent.ck [+] TrojanDropper/Android.Agent.cl [+] TrojanDropper/Android.Agent.cm [+] TrojanDropper/JS.Agent.cd [+] TrojanDropper/Python.Loader.a [+] TrojanSpy/Android.SMSSpy.aq [+] TrojanSpy/Android.SMSSpy.ar ```新增遥测定义: 41 | 移除遥测定义: 38
``` [+] Backdoor/Androm.aj!submit [+] Backdoor/Lotok.oc!submit [+] HEUR:Trojan/JS.Injector.t!submit [+] HVM:Trojan/ShellLoader.ck!submit [+] Ransom/Akira.d!submit [+] Ransom/Akira.e!submit [+] Ransom/Linux.Lockbit.e!submit [+] Trojan/Agent.cls!submit [+] Trojan/BAT.Obfuscated.an!submit [+] Trojan/FakeApp.abb!submit [+] Trojan/FakeApp.abr!submit [+] Trojan/FakeApp.abs!submit [+] Trojan/FakeApp.abt!submit [+] Trojan/FakeApp.abu!submit [+] Trojan/FakeApp.abv!submit [+] Trojan/FakeApp.abw!submit [+] Trojan/FakeApp.abx!submit [+] Trojan/FakeApp.aby!submit [+] Trojan/Injector.clm!submit [+] Trojan/JS.Obfuscated.di!submit [+] Trojan/KillWin.dj!submit [+] Trojan/Linux.Agent.dg!submit [+] Trojan/Linux.Agent.dh!submit [+] Trojan/Linux.Agent.di!submit [+] Trojan/Linux.DDos.bh!submit [+] Trojan/Linux.DDos.bi!submit [+] Trojan/Linux.Mirai.go!submit [+] Trojan/Loader.mx!submit [+] Trojan/Loader.my!submit [+] Trojan/Loader.mz!submit [+] Trojan/MSIL.Loader.at!submit [+] Trojan/MSIL.Obfuscated.kc!submit [+] Trojan/OSX.Loader.a!submit [+] Trojan/OSX.Loader.c!submit [+] Trojan/ShellLoader.ahy!submit [+] TrojanDownloader/Agent.blx!submit [+] TrojanDownloader/W64.Agent.cr!submit [+] TrojanDropper/Agent.alb!submit [+] TrojanDropper/Agent.alc!submit [+] TrojanDropper/Agent.ald!submit [+] TrojanDropper/PS.Agent.z!submit [-] HEUR:TrojanDropper/Agent.ar!submit [-] HVM:Backdoor/Lotok.cl!submit [-] Trojan/BAT.Runner.bs!submit [-] Trojan/BAT.Runner.bt!submit [-] Trojan/FakeApp.aae!submit [-] Trojan/FakeApp.abo!submit [-] Trojan/FakeApp.abp!submit [-] Trojan/FakeApp.abq!submit [-] Trojan/FakeApp.zd!submit [-] Trojan/Loader.mw!submit [-] Trojan/MSIL.Disabler.e!submit [-] Trojan/MSIL.Obfuscated.ka!submit [-] Trojan/MSIL.Obfuscated.kb!submit [-] Trojan/PS.Loader.q!submit [-] Trojan/PS.Loader.r!submit [-] Trojan/Python.DDos.i!submit [-] Trojan/Rozena.bf!submit [-] Trojan/Runner.fn!submit [-] Trojan/ShellLoader.ahv!submit [-] Trojan/ShellLoader.ahw!submit [-] Trojan/ShellLoader.ahx!submit [-] Trojan/W64.Agent.gm!submit [-] Trojan/W64.Injector.cb!submit [-] Trojan/W64.ShellLoader.aj!submit [-] TrojanDownloader/JS.Agent.ii!submit [-] TrojanDownloader/PS.Agent.fe!submit [-] TrojanDownloader/VBS.Agent.kf!submit [-] TrojanDropper/Agent.akz!submit [-] TrojanDropper/Agent.ala!submit [-] TrojanDropper/Android.Agent.ci!submit [-] TrojanDropper/Android.Agent.cj!submit [-] TrojanDropper/Android.Agent.ck!submit [-] TrojanDropper/Android.Agent.cl!submit [-] TrojanDropper/Android.Agent.cm!submit [-] TrojanDropper/JS.Agent.cd!submit [-] TrojanDropper/Python.Loader.a!submit [-] TrojanSpy/Android.SMSSpy.aq!submit [-] TrojanSpy/Android.SMSSpy.ar!submit ```新增正式定义: 18 | 移除正式定义: 1
``` [+] Adware/W32.Xra.a!crit [+] Backdoor/Linux.Mirai.d!crit [+] Exploit/JS.Brash.a!crit [+] Exploit/W32.CVE-2025-53136.a!crit [+] Trojan/HTML.Phishing.os!crit [+] Trojan/MSIL.Obfuscated.ap!crit [+] Trojan/PS.Agent.a!crit [+] Trojan/SCR.ShellCode.j!crit [+] Trojan/SCR.ShellCode.k!crit [+] Trojan/SCR.ShellCode.l!crit [+] Trojan/SCR.ShellLoader.b [+] Trojan/W32.ShellLoader.v!crit [+] TrojanDownloader/Linux.Agent.h!crit [+] TrojanDownloader/OSX.Agent.b!crit [+] TrojanDownloader/PS.Agent.bp!crit [+] TrojanDownloader/VBS.Agent.b!crit [+] TrojanDownloader/W32.Rugmi.ac!crit [+] TrojanSpy/PS.Stealer.j!crit [-] Trojan/W32.FakeApp.h!crit ```新增遥测定义: 25 | 移除遥测定义: 20
``` [+] Backdoor/Linux.Gafgyt.b!crit!submit [+] Backdoor/PHP.WebShell.u!crit!submit [+] Backdoor/PHP.WebShell.v!crit!submit [+] Backdoor/PHP.WebShell.w!crit!submit [+] Backdoor/PHP.WebShell.x!crit!submit [+] Backdoor/W32.Lotok.z!crit!submit [+] HackTool/PS.BruteForce.c!crit!submit [+] HackTool/W64.Fscan.a!crit!submit [+] Joke/BAT.Shutdown.b!crit!submit [+] Trojan/Linux.Mirai.c!crit!submit [+] Trojan/MSIL.Injector.k!crit!submit [+] Trojan/MSIL.Obfuscated.aq!crit!submit [+] Trojan/W32.Agent.aa!crit!submit [+] Trojan/W32.Agent.y!crit!submit [+] Trojan/W32.Agent.z!crit!submit [+] Trojan/W32.ShellLoader.w!crit!submit [+] Trojan/W64.Injector.f!crit!submit [+] Trojan/W64.Injector.g!crit!submit [+] Trojan/W64.Runner.b!crit!submit [+] Trojan/W64.ShellLoader.d!crit!submit [+] TrojanDownloader/HTML.Agent.e!crit!submit [+] TrojanDownloader/W32.Agent.blx!crit!submit [+] TrojanSpy/MSIL.Stealer.cde!crit!submit [+] TrojanSpy/PS.Stealer.m!crit!submit [+] TrojanSpy/W64.Stealer.d!crit!submit [-] Backdoor/Linux.Mirai.d!crit!submit [-] Exploit/JS.Brash.a!crit!submit [-] Exploit/W32.CVE-2025-53136.a!crit!submit [-] Trojan/HTML.Phishing.os!crit!submit [-] Trojan/MSIL.Obfuscated.ap!crit!submit [-] Trojan/PS.Agent.a!crit!submit [-] Trojan/SCR.ShellCode.j!crit!submit [-] Trojan/SCR.ShellCode.k!crit!submit [-] Trojan/SCR.ShellCode.l!crit!submit [-] Trojan/SCR.ShellLoader.b!submit [-] Trojan/W32.FakeApp.g!crit!submit [-] Trojan/W32.HiJack.k!crit!submit [-] Trojan/W32.ShellLoader.v!crit!submit [-] TrojanDownloader/Linux.Agent.h!crit!submit [-] TrojanDownloader/OSX.Agent.b!crit!submit [-] TrojanDownloader/PS.Agent.bp!crit!submit [-] TrojanDownloader/VBS.Agent.b!crit!submit [-] TrojanDownloader/W32.Rugmi.ac!crit!submit [-] TrojanDropper/W32.Agent.c!crit!submit [-] TrojanDropper/W32.Agent.d!crit!submit ```1768733570 - 2026-01-18 10:52:50 UTC
#### 黑名单哈希变更 ([troj.txt](data/1768733570.troj.txt)) 新增: 22 #### 白名单哈希变更 ([hwl.txt](data/1768733570.hwl.txt)) 新增: 71768651961 - 2026-01-17 12:12:41 UTC
#### 黑名单哈希变更 ([troj.txt](data/1768651961.troj.txt)) 新增: 21 #### 白名单哈希变更 ([hwl.txt](data/1768651961.hwl.txt)) 新增: 41768562210 - 2026-01-16 11:16:50 UTC
#### 特征项变更 ([pset.txt](data/1768562210.pset.txt))新增正式定义: 35 | 移除正式定义: 3
``` [+] HEUR:Trojan/Injector.clm [+] HVM:Backdoor/Lotok.ci [+] HVM:Backdoor/Lotok.cj [+] HVM:Backdoor/Lotok.ck [+] HVM:Trojan/Injector.dt [+] Trojan/BAT.Runner.br [+] Trojan/FakeApp.aay [+] Trojan/HiJack.yl [+] Trojan/Injector.clj [+] Trojan/Injector.clk [+] Trojan/Injector.cll [+] Trojan/JS.Obfuscated.dh [+] Trojan/LNK.Runner.bq [+] Trojan/Linux.DDos.bf [+] Trojan/Linux.DDos.bg [+] Trojan/Linux.Mirai.gn [+] Trojan/Loader.mv [+] Trojan/MSIL.Obfuscated.ka [+] Trojan/PS.Injector.c [+] Trojan/Runner.fm [+] Trojan/ShellLoader.ahs [+] Trojan/ShellLoader.aht [+] Trojan/ShellLoader.ahu [+] Trojan/W64.ShellLoader.n [+] TrojanDownloader/Agent.blv [+] TrojanDownloader/Agent.blw [+] TrojanDownloader/JS.Agent.ih [+] TrojanDownloader/Linux.Agent.dz [+] TrojanDownloader/PS.Agent.fc [+] TrojanDownloader/PS.Agent.fd [+] TrojanDropper/BAT.Agent.bp [+] TrojanSpy/MSIL.Formbook.bh [+] TrojanSpy/MSIL.Formbook.bi [+] TrojanSpy/Stealer.tj [+] TrojanSpy/W64.LummaStealer.a [-] HVM:Trojan/Hook.a [-] Trojan/FakeApp.aae [-] Trojan/FakeApp.zd ```新增遥测定义: 40 | 移除遥测定义: 36
``` [+] HVM:Backdoor/Lotok.cl!submit [+] HVM:VirTool/Obfuscator.be!submit [+] OMacro/Thus.n!submit [+] Trojan/BAT.Runner.bs!submit [+] Trojan/BAT.Runner.bt!submit [+] Trojan/FakeApp.aae!submit [+] Trojan/FakeApp.abo!submit [+] Trojan/FakeApp.abp!submit [+] Trojan/FakeApp.abq!submit [+] Trojan/FakeApp.zd!submit [+] Trojan/Loader.mw!submit [+] Trojan/MSIL.Disabler.e!submit [+] Trojan/MSIL.Obfuscated.kb!submit [+] Trojan/PS.Loader.q!submit [+] Trojan/PS.Loader.r!submit [+] Trojan/Python.DDos.i!submit [+] Trojan/Rozena.bf!submit [+] Trojan/Runner.fn!submit [+] Trojan/ShellLoader.ahv!submit [+] Trojan/ShellLoader.ahw!submit [+] Trojan/ShellLoader.ahx!submit [+] Trojan/W64.Agent.gm!submit [+] Trojan/W64.Injector.cb!submit [+] Trojan/W64.Loader.ak!submit [+] Trojan/W64.ShellLoader.aj!submit [+] TrojanDownloader/JS.Agent.ii!submit [+] TrojanDownloader/PS.Agent.fe!submit [+] TrojanDownloader/VBS.Agent.kf!submit [+] TrojanDownloader/W64.Agent.cq!submit [+] TrojanDropper/Agent.akz!submit [+] TrojanDropper/Agent.ala!submit [+] TrojanDropper/Android.Agent.ci!submit [+] TrojanDropper/Android.Agent.cj!submit [+] TrojanDropper/Android.Agent.ck!submit [+] TrojanDropper/Android.Agent.cl!submit [+] TrojanDropper/Android.Agent.cm!submit [+] TrojanDropper/JS.Agent.cd!submit [+] TrojanDropper/Python.Loader.a!submit [+] TrojanSpy/Android.SMSSpy.aq!submit [+] TrojanSpy/Android.SMSSpy.ar!submit [-] Backdoor/Lotok.oc!submit [-] HEUR:Trojan/Injector.clm!submit [-] HVM:Backdoor/Lotok.ci!submit [-] HVM:Backdoor/Lotok.cj!submit [-] HVM:Backdoor/Lotok.ck!submit [-] HVM:Trojan/Injector.dt!submit [-] HVM:TrojanDownloader/Small.dq!submit [-] Trojan/BAT.Runner.br!submit [-] Trojan/FakeApp.aay!submit [-] Trojan/HiJack.yl!submit [-] Trojan/Injector.clj!submit [-] Trojan/Injector.clk!submit [-] Trojan/Injector.cll!submit [-] Trojan/JS.Obfuscated.dh!submit [-] Trojan/LNK.Runner.bq!submit [-] Trojan/Linux.DDos.bf!submit [-] Trojan/Linux.DDos.bg!submit [-] Trojan/Linux.Mirai.gn!submit [-] Trojan/Loader.mv!submit [-] Trojan/PS.Injector.c!submit [-] Trojan/Runner.fm!submit [-] Trojan/ShellLoader.ahs!submit [-] Trojan/ShellLoader.aht!submit [-] Trojan/ShellLoader.ahu!submit [-] Trojan/W64.ShellLoader.n!submit [-] TrojanDownloader/Agent.blv!submit [-] TrojanDownloader/Agent.blw!submit [-] TrojanDownloader/JS.Agent.ih!submit [-] TrojanDownloader/Linux.Agent.dz!submit [-] TrojanDownloader/PS.Agent.fc!submit [-] TrojanDownloader/PS.Agent.fd!submit [-] TrojanDropper/BAT.Agent.bp!submit [-] TrojanSpy/MSIL.Formbook.bh!submit [-] TrojanSpy/MSIL.Formbook.bi!submit [-] TrojanSpy/Stealer.tj!submit [-] TrojanSpy/W64.LummaStealer.a!submit ```新增正式定义: 17 | 移除正式定义: 2
``` [+] HackTool/Linux.CoinMiner.b!crit [+] Trojan/HTML.Phishing.or!crit [+] Trojan/Linux.Mirai.b!crit [+] Trojan/SCR.Agent.e!crit [+] Trojan/W32.CrazyScreen.e!crit [+] Trojan/W32.CrazyScreen.f!crit [+] Trojan/W32.FakeApp.f!crit [+] Trojan/W32.FakeApp.h!crit [+] Trojan/W64.Agent.j!crit [+] TrojanDownloader/LNK.Agent.d!crit [+] TrojanDownloader/LNK.Agent.e!crit [+] TrojanDownloader/Linux.Agent.f!crit [+] TrojanDownloader/Linux.Agent.g!crit [+] TrojanDownloader/PS.Agent.bo!crit [+] TrojanDropper/W32.Agent.o!crit [+] TrojanSpy/OSX.Stealer.b!crit [+] TrojanSpy/W64.Noon.s!crit [-] Backdoor/W32.Lotok.ad!crit [-] Backdoor/W32.Lotok.ae!crit ```新增遥测定义: 35 | 移除遥测定义: 21
``` [+] Backdoor/Linux.Mirai.d!crit!submit [+] Backdoor/MSIL.ReverseShell.d!crit!submit [+] Backdoor/PS.ReverseShell.i!crit!submit [+] Exploit/JS.Brash.a!crit!submit [+] Exploit/W32.CVE-2025-53136.a!crit!submit [+] Joke/VBS.CrazyWindow.a!crit!submit [+] Ransom/MSIL.LockFile.g!crit!submit [+] Ransom/PS.LockFile.b!crit!submit [+] Ransom/PS.LockFile.c!crit!submit [+] Ransom/W64.LockFile.d!crit!submit [+] Trojan/BAT.KillFile.a!crit!submit [+] Trojan/HTML.Phishing.os!crit!submit [+] Trojan/MSIL.Obfuscated.ap!crit!submit [+] Trojan/PS.Agent.a!crit!submit [+] Trojan/SCR.ShellCode.k!crit!submit [+] Trojan/SCR.ShellCode.l!crit!submit [+] Trojan/VBS.KillAV.d!crit!submit [+] Trojan/W32.HiJack.k!crit!submit [+] Trojan/W32.Loader.j!crit!submit [+] Trojan/W32.ShellLoader.v!crit!submit [+] TrojanDownloader/Linux.Agent.h!crit!submit [+] TrojanDownloader/MSIL.Runner.f!crit!submit [+] TrojanDownloader/OSX.Agent.b!crit!submit [+] TrojanDownloader/PS.Agent.bp!crit!submit [+] TrojanDownloader/PS.Runner.r!crit!submit [+] TrojanDownloader/VBS.Agent.b!crit!submit [+] TrojanDropper/VBS.Runner.d!crit!submit [+] TrojanDropper/VBS.Starter.b!crit!submit [+] TrojanDropper/W32.Agent.c!crit!submit [+] TrojanDropper/W32.Agent.d!crit!submit [+] TrojanSpy/MSIL.Keylogger.d!crit!submit [+] TrojanSpy/MSIL.Stealer.cdd!crit!submit [+] TrojanSpy/PS.Stealer.k!crit!submit [+] TrojanSpy/W32.Keylogger.d!crit!submit [+] TrojanSpy/W64.Keylogger.a!crit!submit [-] Adware/W32.Xra.a!crit!submit [-] Backdoor/W32.Lotok.ab!crit!submit [-] HackTool/Linux.CoinMiner.b!crit!submit [-] Trojan/HTML.Phishing.or!crit!submit [-] Trojan/Linux.Mirai.b!crit!submit [-] Trojan/SCR.Agent.e!crit!submit [-] Trojan/W32.CrazyScreen.e!crit!submit [-] Trojan/W32.CrazyScreen.f!crit!submit [-] Trojan/W32.FakeApp.f!crit!submit [-] Trojan/W32.FakeApp.h!crit!submit [-] Trojan/W32.HiJack.j!crit!submit [-] Trojan/W64.Agent.j!crit!submit [-] TrojanDownloader/LNK.Agent.d!crit!submit [-] TrojanDownloader/LNK.Agent.e!crit!submit [-] TrojanDownloader/Linux.Agent.f!crit!submit [-] TrojanDownloader/Linux.Agent.g!crit!submit [-] TrojanDownloader/PS.Agent.bo!crit!submit [-] TrojanDropper/W32.Agent.b!submit [-] TrojanSpy/MSIL.Keylogger.c!crit!submit [-] TrojanSpy/OSX.Stealer.b!crit!submit [-] TrojanSpy/W64.Noon.s!crit!submit ```1768481840 - 2026-01-15 12:57:20 UTC
#### 特征项变更 ([pset.txt](data/1768481840.pset.txt))新增正式定义: 32
``` [+] Backdoor/Agent.re [+] HEUR:Backdoor/JSP.WebShell.q [+] HEUR:TrojanDownloader/Maloader.d [+] OMacro/Dropper.gu [+] Trojan/AutoIT.Injector.fd [+] Trojan/BAT.Injector.f [+] Trojan/BAT.Runner.bp [+] Trojan/BAT.Runner.bq [+] Trojan/JS.Obfuscated.de [+] Trojan/JS.Obfuscated.df [+] Trojan/JS.Obfuscated.dg [+] Trojan/Linux.CoinMiner.dw [+] Trojan/Linux.Mirai.gm [+] Trojan/MSIL.Obfuscated.jz [+] Trojan/PS.Loader.p [+] Trojan/ShellLoader.ahm [+] Trojan/ShellLoader.ahn [+] Trojan/ShellLoader.aho [+] Trojan/ShellLoader.ahp [+] Trojan/ShellLoader.ahq [+] Trojan/ShellLoader.ahr [+] TrojanDownloader/Agent.blu [+] TrojanDownloader/BAT.Agent.gd [+] TrojanDownloader/JS.Agent.ig [+] TrojanDownloader/Linux.Agent.dx [+] TrojanDownloader/Linux.Agent.dy [+] TrojanDownloader/Maloader.bq [+] TrojanDownloader/VBS.Agent.ke [+] TrojanDropper/Agent.akx [+] TrojanDropper/Agent.aky [+] TrojanDropper/BAT.Agent.bo [+] TrojanSpy/ClipBanker.aq ```新增遥测定义: 35 | 移除遥测定义: 35
``` [+] HEUR:Trojan/Injector.clm!submit [+] HVM:Backdoor/Lotok.ci!submit [+] HVM:Backdoor/Lotok.cj!submit [+] HVM:Backdoor/Lotok.ck!submit [+] Trojan/BAT.Runner.br!submit [+] Trojan/FakeApp.aay!submit [+] Trojan/HiJack.yl!submit [+] Trojan/Injector.clj!submit [+] Trojan/Injector.clk!submit [+] Trojan/Injector.cll!submit [+] Trojan/JS.Obfuscated.dh!submit [+] Trojan/LNK.Runner.bq!submit [+] Trojan/Linux.DDos.bf!submit [+] Trojan/Linux.DDos.bg!submit [+] Trojan/Linux.Mirai.gn!submit [+] Trojan/Loader.mv!submit [+] Trojan/MSIL.Obfuscated.ka!submit [+] Trojan/PS.Injector.c!submit [+] Trojan/Runner.fm!submit [+] Trojan/ShellLoader.ahs!submit [+] Trojan/ShellLoader.aht!submit [+] Trojan/ShellLoader.ahu!submit [+] Trojan/W64.Agent.gl!submit [+] Trojan/W64.ShellLoader.n!submit [+] TrojanDownloader/Agent.blv!submit [+] TrojanDownloader/Agent.blw!submit [+] TrojanDownloader/JS.Agent.ih!submit [+] TrojanDownloader/Linux.Agent.dz!submit [+] TrojanDownloader/PS.Agent.fc!submit [+] TrojanDownloader/PS.Agent.fd!submit [+] TrojanDropper/BAT.Agent.bp!submit [+] TrojanSpy/MSIL.Formbook.bh!submit [+] TrojanSpy/MSIL.Formbook.bi!submit [+] TrojanSpy/Stealer.tj!submit [+] TrojanSpy/W64.LummaStealer.a!submit [-] Backdoor/Agent.re!submit [-] HEUR:Backdoor/JSP.WebShell.q!submit [-] HEUR:TrojanDownloader/Maloader.d!submit [-] OMacro/Dropper.gu!submit [-] Trojan/AutoIT.Injector.fd!submit [-] Trojan/BAT.Injector.f!submit [-] Trojan/BAT.Runner.bp!submit [-] Trojan/BAT.Runner.bq!submit [-] Trojan/FakeApp.aaj!submit [-] Trojan/JS.Obfuscated.dd!submit [-] Trojan/JS.Obfuscated.de!submit [-] Trojan/JS.Obfuscated.df!submit [-] Trojan/JS.Obfuscated.dg!submit [-] Trojan/Linux.CoinMiner.dw!submit [-] Trojan/Linux.Mirai.gm!submit [-] Trojan/Loader.mu!submit [-] Trojan/MSIL.Obfuscated.jz!submit [-] Trojan/PS.Loader.p!submit [-] Trojan/ShellLoader.ahm!submit [-] Trojan/ShellLoader.ahn!submit [-] Trojan/ShellLoader.aho!submit [-] Trojan/ShellLoader.ahp!submit [-] Trojan/ShellLoader.ahq!submit [-] Trojan/ShellLoader.ahr!submit [-] TrojanDownloader/Agent.blu!submit [-] TrojanDownloader/BAT.Agent.gd!submit [-] TrojanDownloader/JS.Agent.ig!submit [-] TrojanDownloader/Linux.Agent.dx!submit [-] TrojanDownloader/Linux.Agent.dy!submit [-] TrojanDownloader/Maloader.bq!submit [-] TrojanDownloader/VBS.Agent.ke!submit [-] TrojanDropper/Agent.akx!submit [-] TrojanDropper/Agent.aky!submit [-] TrojanDropper/BAT.Agent.bo!submit [-] TrojanSpy/ClipBanker.aq!submit ```新增正式定义: 16
``` [+] Backdoor/JSP.WebShell.r [+] Trojan/HTML.Phishing.op!crit [+] Trojan/Linux.DDos.a!crit [+] Trojan/MSIL.Inoci.c!crit [+] Trojan/MSIL.Loader.at!crit [+] Trojan/SCR.Runner.fm!crit [+] Trojan/SCR.Runner.fn!crit [+] Trojan/SCR.Runner.fo!crit [+] Trojan/W32.HiJack.y!crit [+] Trojan/W32.Loader.i!crit [+] TrojanDownloader/HTML.Agent.c!crit [+] TrojanDownloader/HTML.Agent.d!crit [+] TrojanDownloader/PS.Agent.bm!crit [+] TrojanDropper/JAVA.Agent.a!crit [+] TrojanDropper/W32.Agent.n!crit [+] TrojanSpy/W32.Tepfer.f!crit ```新增遥测定义: 42 | 移除遥测定义: 19
``` [+] Backdoor/PHP.Injector.a!crit!submit [+] Backdoor/PS.ReverseShell.g!crit!submit [+] Backdoor/W32.Lotok.ab!crit!submit [+] HackTool/Linux.CoinMiner.b!crit!submit [+] HackTool/PHP.Botsant.a!crit!submit [+] Joke/MSIL.CrazyScreen.a!crit!submit [+] Joke/VBS.Shutdown.b!crit!submit [+] Ransom/MSIL.LockFile.e!crit!submit [+] Ransom/MSIL.LockFile.f!crit!submit [+] Ransom/VBS.LockFile.a!crit!submit [+] Ransom/VBS.LockFile.c!crit!submit [+] Trojan/BAT.KillAV.e!crit!submit [+] Trojan/HTML.Phishing.or!crit!submit [+] Trojan/Linux.Mirai.b!crit!submit [+] Trojan/MSIL.Injector.h!crit!submit [+] Trojan/MSIL.Injector.i!crit!submit [+] Trojan/MSIL.Injector.j!crit!submit [+] Trojan/SCR.Agent.e!crit!submit [+] Trojan/SCR.ShellLoader.b!submit [+] Trojan/W32.CrazyScreen.e!crit!submit [+] Trojan/W32.CrazyScreen.f!crit!submit [+] Trojan/W32.FakeApp.f!crit!submit [+] Trojan/W32.FakeApp.g!crit!submit [+] Trojan/W32.FakeApp.h!crit!submit [+] Trojan/W32.HiJack.j!crit!submit [+] Trojan/W64.Agent.j!crit!submit [+] TrojanDownloader/LNK.Agent.d!crit!submit [+] TrojanDownloader/LNK.Agent.e!crit!submit [+] TrojanDownloader/Linux.Agent.f!crit!submit [+] TrojanDownloader/Linux.Agent.g!crit!submit [+] TrojanDownloader/MSIL.Starter.a!crit!submit [+] TrojanDownloader/PS.Agent.bo!crit!submit [+] TrojanDownloader/PS.Runner.q!crit!submit [+] TrojanDownloader/PS.Starter.a!crit!submit [+] TrojanDownloader/PS.Starter.c!crit!submit [+] TrojanDownloader/PS.Starter.d!crit!submit [+] TrojanDownloader/W32.Rugmi.ac!crit!submit [+] TrojanDropper/W32.Agent.b!submit [+] TrojanSpy/MSIL.Stealer.cdc!crit!submit [+] TrojanSpy/OSX.Stealer.b!crit!submit [+] TrojanSpy/PS.Stealer.j!crit!submit [+] TrojanSpy/W64.Noon.s!crit!submit [-] Backdoor/JSP.WebShell.r!submit [-] Backerdoor/PHP.Injector.a!crit!submit [-] Trojan/HTML.Phishing.op!crit!submit [-] Trojan/Linux.DDos.a!crit!submit [-] Trojan/MSIL.Inoci.c!crit!submit [-] Trojan/MSIL.Loader.at!crit!submit [-] Trojan/SCR.Runner.fm!crit!submit [-] Trojan/SCR.Runner.fn!crit!submit [-] Trojan/SCR.Runner.fo!crit!submit [-] Trojan/W32.HiJack.y!crit!submit [-] Trojan/W32.Loader.i!crit!submit [-] Trojan/W32.ShellLoader.o!crit!submit [-] Trojan/W32.ShellLoader.p!crit!submit [-] TrojanDownloader/HTML.Agent.c!crit!submit [-] TrojanDownloader/HTML.Agent.d!crit!submit [-] TrojanDownloader/PS.Agent.bm!crit!submit [-] TrojanDownloader/VBS.Obfuscated.c!crit!submit [-] TrojanDropper/JAVA.Agent.a!crit!submit [-] TrojanSpy/W32.Tepfer.f!crit!submit ```1768390311 - 2026-01-14 11:31:51 UTC
#### 特征项变更 ([pset.txt](data/1768390311.pset.txt))新增正式定义: 42 | 移除正式定义: 2
``` [+] Backdoor/Agent.rd [+] Backdoor/Linux.Sliver.c [+] Backdoor/Lotok.oe [+] Backdoor/Lotok.ok [+] Exploit/Vulndriver.t [+] HEUR:Trojan/HTML.FakeCaptcha.b [+] HEUR:Trojan/JS.Agent.gr [+] HVM:Backdoor/Lotok.cf [+] HVM:TrojanDropper/W64.Agent.cb [+] Trojan/BAT.Loader.k [+] Trojan/FakeApp.aaj [+] Trojan/FakeApp.xp [+] Trojan/FakeApp.yl [+] Trojan/JS.Agent.gr [+] Trojan/JS.Agent.gs [+] Trojan/JS.Injector.s [+] Trojan/JS.Runner.s [+] Trojan/LUA.Agent.g [+] Trojan/Linux.Mirai.fn [+] Trojan/Linux.Mirai.gk [+] Trojan/Loader.mu [+] Trojan/PS.Loader.o [+] Trojan/Python.CoinMiner.k [+] Trojan/ShellLoader.ahk [+] Trojan/ShellLoader.ahl [+] Trojan/W64.Loader.aj [+] Trojan/W64.ShellLoader.j [+] TrojanDownloader/Agent.blt [+] TrojanDownloader/BAT.Agent.gc [+] TrojanDownloader/MSIL.Agent.ajk [+] TrojanDownloader/Maloader.bo [+] TrojanDownloader/Maloader.bp [+] TrojanDownloader/OSX.Agent.h [+] TrojanDownloader/W64.Agent.cp [+] TrojanDropper/Agent.aku [+] TrojanDropper/Agent.akv [+] TrojanDropper/Agent.akw [+] TrojanDropper/BAT.Agent.bn [+] TrojanSpy/MSIL.Formbook.bg [+] TrojanSpy/Python.Stealer.cp [+] TrojanSpy/Python.Stealer.cq [+] TrojanSpy/W64.Stealer.z [-] Trojan/GenCBL.a [-] Trojan/GenCBL.b ```新增遥测定义: 33 | 移除遥测定义: 41
``` [+] Backdoor/Agent.re!submit [+] HEUR:Backdoor/JSP.WebShell.q!submit [+] HEUR:TrojanDownloader/Maloader.d!submit [+] OMacro/Dropper.gu!submit [+] Trojan/AutoIT.Injector.fd!submit [+] Trojan/BAT.Injector.f!submit [+] Trojan/BAT.Runner.bp!submit [+] Trojan/BAT.Runner.bq!submit [+] Trojan/JS.Obfuscated.de!submit [+] Trojan/JS.Obfuscated.df!submit [+] Trojan/JS.Obfuscated.dg!submit [+] Trojan/Linux.CoinMiner.dw!submit [+] Trojan/Linux.Mirai.gm!submit [+] Trojan/Loader.mu!submit [+] Trojan/MSIL.Obfuscated.jz!submit [+] Trojan/PS.Loader.p!submit [+] Trojan/ShellLoader.ahm!submit [+] Trojan/ShellLoader.ahn!submit [+] Trojan/ShellLoader.aho!submit [+] Trojan/ShellLoader.ahp!submit [+] Trojan/ShellLoader.ahq!submit [+] Trojan/ShellLoader.ahr!submit [+] TrojanDownloader/Agent.blu!submit [+] TrojanDownloader/BAT.Agent.gd!submit [+] TrojanDownloader/JS.Agent.ig!submit [+] TrojanDownloader/Linux.Agent.dx!submit [+] TrojanDownloader/Linux.Agent.dy!submit [+] TrojanDownloader/Maloader.bq!submit [+] TrojanDownloader/VBS.Agent.ke!submit [+] TrojanDropper/Agent.akx!submit [+] TrojanDropper/Agent.aky!submit [+] TrojanDropper/BAT.Agent.bo!submit [+] TrojanSpy/ClipBanker.aq!submit [-] Backdoor/Agent.rd!submit [-] Backdoor/Linux.Sliver.c!submit [-] Backdoor/Lotok.oe!submit [-] Backdoor/Lotok.ok!submit [-] Exploit/Vulndriver.t!submit [-] HEUR:Trojan/HTML.FakeCaptcha.b!submit [-] HEUR:Trojan/JS.Agent.gr!submit [-] HVM:Backdoor/Lotok.cf!submit [-] HVM:TrojanDropper/W64.Agent.cb!submit [-] Trojan/Autoit.Injector.ds!submit [-] Trojan/BAT.Loader.k!submit [-] Trojan/FakeApp.abb!submit [-] Trojan/FakeApp.xp!submit [-] Trojan/FakeApp.yl!submit [-] Trojan/JS.GenCBL.a!submit [-] Trojan/JS.GenCBL.b!submit [-] Trojan/JS.Injector.s!submit [-] Trojan/JS.Runner.s!submit [-] Trojan/LUA.Agent.g!submit [-] Trojan/Linux.Mirai.fn!submit [-] Trojan/Linux.Mirai.gk!submit [-] Trojan/PS.Loader.o!submit [-] Trojan/Python.CoinMiner.k!submit [-] Trojan/ShellLoader.ahk!submit [-] Trojan/ShellLoader.ahl!submit [-] Trojan/W64.Loader.aj!submit [-] Trojan/W64.ShellLoader.j!submit [-] TrojanDownloader/Agent.blt!submit [-] TrojanDownloader/BAT.Agent.gc!submit [-] TrojanDownloader/MSIL.Agent.ajk!submit [-] TrojanDownloader/Maloader.bo!submit [-] TrojanDownloader/OSX.Agent.h!submit [-] TrojanDownloader/W64.Agent.cp!submit [-] TrojanDropper/Agent.aku!submit [-] TrojanDropper/Agent.akv!submit [-] TrojanDropper/Agent.akw!submit [-] TrojanDropper/BAT.Agent.bn!submit [-] TrojanSpy/MSIL.Formbook.bg!submit [-] TrojanSpy/Python.Stealer.cp!submit [-] TrojanSpy/Python.Stealer.cq!submit [-] TrojanSpy/W64.Stealer.z!submit ```新增正式定义: 11
``` [+] Backdoor/Linux.Mirai.c!crit [+] Backdoor/W32.Lotok.xx!crit [+] Trojan/JS.ChatgptStealer.a!crit [+] Trojan/JS.ChatgptStealer.b!crit [+] Trojan/SCR.Agent.clr!crit [+] Trojan/W32.HiJack.x!crit [+] Trojan/W32.Injector.clj!crit [+] Trojan/W32.ProxyChanger.a!crit [+] TrojanDownloader/Linux.Agent.e!crit [+] TrojanSpy/Linux.Agent.a!crit [+] TrojanSpy/W64.Stealer.tj!crit ```新增遥测定义: 30 | 移除遥测定义: 13
``` [+] Adware/W32.Xra.a!crit!submit [+] Backdoor/JSP.WebShell.r!submit [+] Backdoor/MSIL.ReverseShell.c!crit!submit [+] Backdoor/PHP.WebShell.t!crit!submit [+] Exploit/PS.CVE-2016-9192.b!crit!submit [+] HackTool/PS.BypassUAC.b!crit!submit [+] Trojan/Linux.DDos.a!crit!submit [+] Trojan/MSIL.Inoci.c!crit!submit [+] Trojan/MSIL.Loader.at!crit!submit [+] Trojan/SCR.Runner.fm!crit!submit [+] Trojan/SCR.Runner.fn!crit!submit [+] Trojan/SCR.Runner.fo!crit!submit [+] Trojan/SCR.ShellCode.j!crit!submit [+] Trojan/W32.HiJack.y!crit!submit [+] Trojan/W32.Loader.i!crit!submit [+] Trojan/W32.ShellLoader.o!crit!submit [+] Trojan/W32.ShellLoader.p!crit!submit [+] Trojan/W64.KillWin.a!crit!submit [+] Trojan/W64.KillWin.b!crit!submit [+] Trojan/W64.KillWin.d!crit!submit [+] TrojanDownloader/HTML.Agent.c!crit!submit [+] TrojanDownloader/HTML.Agent.d!crit!submit [+] TrojanDownloader/MSIL.Starter.b!crit!submit [+] TrojanDownloader/PS.Agent.bm!crit!submit [+] TrojanDropper/JAVA.Agent.a!crit!submit [+] TrojanSpy/MSIL.Keylogger.c!crit!submit [+] TrojanSpy/MSIL.Keylogger.e!crit!submit [+] TrojanSpy/MSIL.Keylogger.f!crit!submit [+] TrojanSpy/MSIL.Stealer.cdb!crit!submit [+] TrojanSpy/W32.Tepfer.f!crit!submit [-] Backdoor/Linux.Mirai.c!crit!submit [-] Backdoor/W32.Lotok.x!crit!submit [-] Backdoor/W32.Lotok.xx!crit!submit [-] Backdoor/W32.Lotok.y!crit!submit [-] Trojan/JS.ChatgptStealer.a!crit!submit [-] Trojan/JS.ChatgptStealer.b!crit!submit [-] Trojan/SCR.Agent.clr!crit!submit [-] Trojan/W32.HiJack.x!crit!submit [-] Trojan/W32.Injector.clj!crit!submit [-] Trojan/W32.ProxyChanger.a!crit!submit [-] TrojanDownloader/Linux.Agent.e!crit!submit [-] TrojanSpy/Linux.Agent.a!crit!submit [-] TrojanSpy/W64.Stealer.tj!crit!submit ```新增: 1
``` [+] Ransom/LockFile.SA!submit ```1768303271 - 2026-01-13 11:21:11 UTC
#### 特征项变更 ([pset.txt](data/1768303271.pset.txt))新增正式定义: 51 | 移除正式定义: 10
``` [+] Backdoor/Linux.Mirai.kx [+] Backdoor/Lotok.od [+] Backdoor/Lotok.oi [+] Backdoor/Lotok.oj [+] Backdoor/PHP.WebShell.cz [+] Backdoor/PHP.WebShell.da [+] Backdoor/PHP.WebShell.fk [+] Backdoor/PHP.WebShell.fm [+] HEUR:Backdoor/PHP.WebShell.ab [+] HEUR:Backdoor/PHP.WebShell.ae [+] HEUR:Trojan/FakeApp.au [+] HEUR:Trojan/Injector.clj [+] HEUR:Trojan/KillWin.g [+] HEUR:TrojanDownloader/Linux.Mirai.bv [+] HVM:Backdoor/Lotok.ce [+] HVM:Trojan/ShellLoader.cj [+] Hacktool/CookieKatz [+] Trojan/BAT.Agent.gq [+] Trojan/BAT.Runner.bn [+] Trojan/BAT.Runner.bo [+] Trojan/Clipboard.c [+] Trojan/DLLHijack.z [+] Trojan/DllHijack.aa [+] Trojan/DllHijack.z [+] Trojan/FakeApp.abm [+] Trojan/FakeApp.abn [+] Trojan/HiJack.yk [+] Trojan/JS.Obfuscated.dc [+] Trojan/KillMBR.cm [+] Trojan/Linux.Mirai.fu [+] Trojan/Linux.Mirai.fx [+] Trojan/Linux.Mirai.gi [+] Trojan/Linux.Mirai.gj [+] Trojan/Loader.mt [+] Trojan/MSIL.Obfuscated.jy [+] Trojan/OSX.Agent.q [+] Trojan/Obfuscated.nv [+] Trojan/PS.Loader.n [+] Trojan/ShellLoader.ahi [+] Trojan/ShellLoader.ahj [+] Trojan/W64.Agent.gk [+] Trojan/W64.Rozena.p [+] TrojanDownloader/HTML.Agent.bi [+] TrojanDownloader/Linux.Agent.dv [+] TrojanDropper/Maloader.n [+] TrojanDropper/VBS.Agent.eg [+] TrojanDropper/W64.Agent.ca [+] TrojanSpy/OSX.Stealer.r [+] TrojanSpy/Stealer.ti [+] TrojanSpy/W64.PwStealer.e [+] TrojanSpy/W64.Stealer.y [-] Backdoor/PHP.Webshell.cz [-] Backdoor/PHP.Webshell.da [-] Backdoor/PHP.Webshell.fk [-] Backdoor/PHP.Webshell.fm [-] HEUR:Backdoor/PHP.Webshell.ab [-] HEUR:Backdoor/PHP.Webshell.ae [-] Trojan/FakeApp.aaj [-] Trojan/FakeApp.aay [-] Trojan/FakeApp.xp [-] Trojan/FakeApp.yl ```新增遥测定义: 40 | 移除遥测定义: 45
``` [+] Backdoor/Agent.rd!submit [+] Backdoor/Linux.Sliver.c!submit [+] Backdoor/Lotok.ok!submit [+] Exploit/Vulndriver.t!submit [+] HEUR:Trojan/HTML.FakeCaptcha.b!submit [+] HVM:Backdoor/Lotok.cf!submit [+] HVM:Trojan/Injector.dt!submit [+] HVM:TrojanDropper/W64.Agent.cb!submit [+] Trojan/BAT.Loader.k!submit [+] Trojan/FakeApp.aaj!submit [+] Trojan/FakeApp.xp!submit [+] Trojan/FakeApp.yl!submit [+] Trojan/JS.GenCBL.a!submit [+] Trojan/JS.GenCBL.b!submit [+] Trojan/JS.Injector.s!submit [+] Trojan/JS.Obfuscated.dd!submit [+] Trojan/JS.Runner.s!submit [+] Trojan/LUA.Agent.g!submit [+] Trojan/Linux.Mirai.gk!submit [+] Trojan/Linux.Mirai.gl!submit [+] Trojan/PS.Loader.o!submit [+] Trojan/Python.CoinMiner.k!submit [+] Trojan/ShellLoader.ahk!submit [+] Trojan/ShellLoader.ahl!submit [+] Trojan/W64.Loader.aj!submit [+] Trojan/W64.ShellLoader.j!submit [+] TrojanDownloader/BAT.Agent.gc!submit [+] TrojanDownloader/LNK.Agent.hc!submit [+] TrojanDownloader/Linux.Agent.dw!submit [+] TrojanDownloader/MSIL.Agent.ajk!submit [+] TrojanDownloader/Maloader.bo!submit [+] TrojanDownloader/W64.Agent.cp!submit [+] TrojanDropper/Agent.aku!submit [+] TrojanDropper/Agent.akv!submit [+] TrojanDropper/Agent.akw!submit [+] TrojanDropper/BAT.Agent.bn!submit [+] TrojanSpy/MSIL.Formbook.bg!submit [+] TrojanSpy/Python.Stealer.cp!submit [+] TrojanSpy/Python.Stealer.cq!submit [+] TrojanSpy/W64.Stealer.z!submit [-] Backdoor/Linux.Mirai.kx!submit [-] Backdoor/Lotok.od!submit [-] Backdoor/Lotok.oi!submit [-] Backdoor/Lotok.oj!submit [-] HEUR:Trojan/Injector.clj!submit [-] HEUR:Trojan/KillWin.g!submit [-] HEUR:TrojanDownloader/Linux.Mirai.bv!submit [-] HVM:Backdoor/Lotok.ce!submit [-] HVM:Trojan/ShellLoader.cj!submit [-] Rootkit/Agent!submit [-] Trojan/BAT.Agent.gq!submit [-] Trojan/BAT.Runner.bn!submit [-] Trojan/BAT.Runner.bo!submit [-] Trojan/Clipboard.c!submit [-] Trojan/DLLHijack.z!submit [-] Trojan/DllHijack.aa!submit [-] Trojan/DllHijack.z!submit [-] Trojan/FakeApp.abm!submit [-] Trojan/FakeApp.abn!submit [-] Trojan/HiJack.yk!submit [-] Trojan/JS.Obfuscated.dc!submit [-] Trojan/KillMBR.cm!submit [-] Trojan/Linux.Mirai.fu!submit [-] Trojan/Linux.Mirai.fx!submit [-] Trojan/Linux.Mirai.gi!submit [-] Trojan/Linux.Mirai.gj!submit [-] Trojan/Loader.mt!submit [-] Trojan/MSIL.Obfuscated.jy!submit [-] Trojan/OSX.Agent.q!submit [-] Trojan/Obfuscated.nv!submit [-] Trojan/PS.Loader.n!submit [-] Trojan/ShellLoader.ahi!submit [-] Trojan/ShellLoader.ahj!submit [-] Trojan/W64.Agent.gk!submit [-] Trojan/W64.Rozena.p!submit [-] TrojanDownloader/HTML.Agent.bi!submit [-] TrojanDownloader/JS.Agent.gc!submit [-] TrojanDownloader/Linux.Agent.dv!submit [-] TrojanDropper/Maloader.n!submit [-] TrojanDropper/VBS.Agent.eg!submit [-] TrojanDropper/W64.Agent.ca!submit [-] TrojanSpy/OSX.Stealer.r!submit [-] TrojanSpy/Stealer.ti!submit [-] TrojanSpy/W64.PwStealer.e!submit [-] TrojanSpy/W64.Stealer.y!submit ```新增正式定义: 151 | 移除正式定义: 140
``` [+] Adware/Android.PornTool.i!crit [+] Backdoor/W32.Lotok.aa!crit [+] Exploit/SCR.CVE-2017-0199.a!crit [+] HackTool/W32.Scrambler.a!crit [+] Trojan/MSIL.Obfuscated.ao!crit [+] Trojan/PS.Loader.d!crit [+] Trojan/SCR.Obfuscator.aa!crit [+] Trojan/SCR.Obfuscator.ab!crit [+] Trojan/SCR.Obfuscator.ac!crit [+] Trojan/SCR.Obfuscator.ad!crit [+] Trojan/SCR.Obfuscator.ae!crit [+] Trojan/SCR.Obfuscator.af!crit [+] Trojan/SCR.Obfuscator.ag!crit [+] Trojan/SCR.Obfuscator.ah!crit [+] Trojan/SCR.Obfuscator.ai!crit [+] Trojan/SCR.Obfuscator.aj!crit [+] Trojan/SCR.Obfuscator.ak!crit [+] Trojan/SCR.Obfuscator.al!crit [+] Trojan/SCR.Obfuscator.am!crit [+] Trojan/SCR.Obfuscator.an!crit [+] Trojan/SCR.Obfuscator.ao!crit [+] Trojan/SCR.Obfuscator.ap!crit [+] Trojan/SCR.Obfuscator.aq!crit [+] Trojan/SCR.Obfuscator.ar!crit [+] Trojan/SCR.Obfuscator.as!crit [+] Trojan/SCR.Obfuscator.at!crit [+] Trojan/SCR.Obfuscator.au!crit [+] Trojan/SCR.Obfuscator.av!crit [+] Trojan/SCR.Obfuscator.aw!crit [+] Trojan/SCR.Obfuscator.ax!crit [+] Trojan/SCR.Obfuscator.ay!crit [+] Trojan/SCR.Obfuscator.az!crit [+] Trojan/SCR.Obfuscator.ba!crit [+] Trojan/SCR.Obfuscator.bb!crit [+] Trojan/SCR.Obfuscator.bc!crit [+] Trojan/SCR.Obfuscator.bd!crit [+] Trojan/SCR.Obfuscator.be!crit [+] Trojan/SCR.Obfuscator.bf!crit [+] Trojan/SCR.Obfuscator.bg!crit [+] Trojan/SCR.Obfuscator.bh!crit [+] Trojan/SCR.Obfuscator.bi!crit [+] Trojan/SCR.Obfuscator.bj!crit [+] Trojan/SCR.Obfuscator.bk!crit [+] Trojan/SCR.Obfuscator.bl!crit [+] Trojan/SCR.Obfuscator.bm!crit [+] Trojan/SCR.Obfuscator.bn!crit [+] Trojan/SCR.Obfuscator.bo!crit [+] Trojan/SCR.Obfuscator.bp!crit [+] Trojan/SCR.Obfuscator.bq!crit [+] Trojan/SCR.Obfuscator.br!crit [+] Trojan/SCR.Obfuscator.bs!crit [+] Trojan/SCR.Obfuscator.bt!crit [+] Trojan/SCR.Obfuscator.bu!crit [+] Trojan/SCR.Obfuscator.bv!crit [+] Trojan/SCR.Obfuscator.bw!crit [+] Trojan/SCR.Obfuscator.bx!crit [+] Trojan/SCR.Obfuscator.by!crit [+] Trojan/SCR.Obfuscator.bz!crit [+] Trojan/SCR.Obfuscator.ca!crit [+] Trojan/SCR.Obfuscator.cb!crit [+] Trojan/SCR.Obfuscator.cc!crit [+] Trojan/SCR.Obfuscator.cd!crit [+] Trojan/SCR.Obfuscator.ce!crit [+] Trojan/SCR.Obfuscator.cf!crit [+] Trojan/SCR.Obfuscator.cg!crit [+] Trojan/SCR.Obfuscator.ch!crit [+] Trojan/SCR.Obfuscator.ci!crit [+] Trojan/SCR.Obfuscator.cj!crit [+] Trojan/SCR.Obfuscator.ck!crit [+] Trojan/SCR.Obfuscator.cl!crit [+] Trojan/SCR.Obfuscator.cm!crit [+] Trojan/SCR.Obfuscator.cn!crit [+] Trojan/SCR.Obfuscator.co!crit [+] Trojan/SCR.Obfuscator.cp!crit [+] Trojan/SCR.Obfuscator.cq!crit [+] Trojan/SCR.Obfuscator.cr!crit [+] Trojan/SCR.Obfuscator.cs!crit [+] Trojan/SCR.Obfuscator.ct!crit [+] Trojan/SCR.Obfuscator.cu!crit [+] Trojan/SCR.Obfuscator.cv!crit [+] Trojan/SCR.Obfuscator.cw!crit [+] Trojan/SCR.Obfuscator.cx!crit [+] Trojan/SCR.Obfuscator.cy!crit [+] Trojan/SCR.Obfuscator.cz!crit [+] Trojan/SCR.Obfuscator.da!crit [+] Trojan/SCR.Obfuscator.db!crit [+] Trojan/SCR.Obfuscator.dc!crit [+] Trojan/SCR.Obfuscator.dd!crit [+] Trojan/SCR.Obfuscator.de!crit [+] Trojan/SCR.Obfuscator.df!crit [+] Trojan/SCR.Obfuscator.dg!crit [+] Trojan/SCR.Obfuscator.dh!crit [+] Trojan/SCR.Obfuscator.di!crit [+] Trojan/SCR.Obfuscator.dj!crit [+] Trojan/SCR.Obfuscator.dk!crit [+] Trojan/SCR.Obfuscator.dl!crit [+] Trojan/SCR.Obfuscator.dm!crit [+] Trojan/SCR.Obfuscator.dn!crit [+] Trojan/SCR.Obfuscator.do!crit [+] Trojan/SCR.Obfuscator.dp!crit [+] Trojan/SCR.Obfuscator.dq!crit [+] Trojan/SCR.Obfuscator.dr!crit [+] Trojan/SCR.Obfuscator.ds!crit [+] Trojan/SCR.Obfuscator.dt!crit [+] Trojan/SCR.Obfuscator.du!crit [+] Trojan/SCR.Obfuscator.dv!crit [+] Trojan/SCR.Obfuscator.dw!crit [+] Trojan/SCR.Obfuscator.dx!crit [+] Trojan/SCR.Obfuscator.dy!crit [+] Trojan/SCR.Obfuscator.dz!crit [+] Trojan/SCR.Obfuscator.ea!crit [+] Trojan/SCR.Obfuscator.eb!crit [+] Trojan/SCR.Obfuscator.ec!crit [+] Trojan/SCR.Obfuscator.ed!crit [+] Trojan/SCR.Obfuscator.ee!crit [+] Trojan/SCR.Obfuscator.ef!crit [+] Trojan/SCR.Obfuscator.eg!crit [+] Trojan/SCR.Obfuscator.eh!crit [+] Trojan/SCR.Obfuscator.ei!crit [+] Trojan/SCR.Obfuscator.ej!crit [+] Trojan/SCR.Obfuscator.ek!crit [+] Trojan/SCR.Obfuscator.el!crit [+] Trojan/SCR.Obfuscator.em!crit [+] Trojan/SCR.Obfuscator.en!crit [+] Trojan/SCR.Obfuscator.eo!crit [+] Trojan/SCR.Obfuscator.ep!crit [+] Trojan/SCR.Obfuscator.eq!crit [+] Trojan/SCR.Obfuscator.er!crit [+] Trojan/SCR.Obfuscator.es!crit [+] Trojan/SCR.Obfuscator.et!crit [+] Trojan/SCR.Obfuscator.eu!crit [+] Trojan/SCR.Obfuscator.ev!crit [+] Trojan/SCR.Obfuscator.ew!crit [+] Trojan/SCR.Obfuscator.ex!crit [+] Trojan/SCR.Obfuscator.ey!crit [+] Trojan/SCR.Obfuscator.ez!crit [+] Trojan/SCR.Obfuscator.fa!crit [+] Trojan/SCR.Obfuscator.fb!crit [+] Trojan/SCR.Obfuscator.fc!crit [+] Trojan/SCR.Obfuscator.fd!crit [+] Trojan/SCR.Obfuscator.w!crit [+] Trojan/SCR.Obfuscator.x!crit [+] Trojan/SCR.Obfuscator.y!crit [+] Trojan/SCR.Obfuscator.z!crit [+] Trojan/SCR.ShellCode.g!crit [+] Trojan/SCR.ShellCode.h!crit [+] Trojan/SCR.ShellCode.i!crit [+] Trojan/SCR.Shellcode.h!crit [+] Trojan/W32.BypassUAC.a!crit [+] Trojan/W64.Agent.gk!crit [+] Trojan/W64.Obfuscated.nw!crit [-] Exploit/Scr.CVE-2017-0199.a!crit [-] Trojan/Scr.Obfuscator.a!crit [-] Trojan/Scr.Obfuscator.aa!crit [-] Trojan/Scr.Obfuscator.ab!crit [-] Trojan/Scr.Obfuscator.ac!crit [-] Trojan/Scr.Obfuscator.ad!crit [-] Trojan/Scr.Obfuscator.ae!crit [-] Trojan/Scr.Obfuscator.af!crit [-] Trojan/Scr.Obfuscator.ag!crit [-] Trojan/Scr.Obfuscator.ah!crit [-] Trojan/Scr.Obfuscator.ai!crit [-] Trojan/Scr.Obfuscator.aj!crit [-] Trojan/Scr.Obfuscator.ak!crit [-] Trojan/Scr.Obfuscator.al!crit [-] Trojan/Scr.Obfuscator.am!crit [-] Trojan/Scr.Obfuscator.an!crit [-] Trojan/Scr.Obfuscator.ao!crit [-] Trojan/Scr.Obfuscator.ap!crit [-] Trojan/Scr.Obfuscator.aq!crit [-] Trojan/Scr.Obfuscator.ar!crit [-] Trojan/Scr.Obfuscator.as!crit [-] Trojan/Scr.Obfuscator.at!crit [-] Trojan/Scr.Obfuscator.au!crit [-] Trojan/Scr.Obfuscator.av!crit [-] Trojan/Scr.Obfuscator.aw!crit [-] Trojan/Scr.Obfuscator.ax!crit [-] Trojan/Scr.Obfuscator.ay!crit [-] Trojan/Scr.Obfuscator.az!crit [-] Trojan/Scr.Obfuscator.ba!crit [-] Trojan/Scr.Obfuscator.bb!crit [-] Trojan/Scr.Obfuscator.bc!crit [-] Trojan/Scr.Obfuscator.bd!crit [-] Trojan/Scr.Obfuscator.be!crit [-] Trojan/Scr.Obfuscator.bf!crit [-] Trojan/Scr.Obfuscator.bg!crit [-] Trojan/Scr.Obfuscator.bh!crit [-] Trojan/Scr.Obfuscator.bi!crit [-] Trojan/Scr.Obfuscator.bj!crit [-] Trojan/Scr.Obfuscator.bk!crit [-] Trojan/Scr.Obfuscator.bl!crit [-] Trojan/Scr.Obfuscator.bm!crit [-] Trojan/Scr.Obfuscator.bn!crit [-] Trojan/Scr.Obfuscator.bo!crit [-] Trojan/Scr.Obfuscator.bp!crit [-] Trojan/Scr.Obfuscator.bq!crit [-] Trojan/Scr.Obfuscator.br!crit [-] Trojan/Scr.Obfuscator.bs!crit [-] Trojan/Scr.Obfuscator.bt!crit [-] Trojan/Scr.Obfuscator.bu!crit [-] Trojan/Scr.Obfuscator.bv!crit [-] Trojan/Scr.Obfuscator.bw!crit [-] Trojan/Scr.Obfuscator.bx!crit [-] Trojan/Scr.Obfuscator.by!crit [-] Trojan/Scr.Obfuscator.bz!crit [-] Trojan/Scr.Obfuscator.ca!crit [-] Trojan/Scr.Obfuscator.cb!crit [-] Trojan/Scr.Obfuscator.cc!crit [-] Trojan/Scr.Obfuscator.cd!crit [-] Trojan/Scr.Obfuscator.ce!crit [-] Trojan/Scr.Obfuscator.cf!crit [-] Trojan/Scr.Obfuscator.cg!crit [-] Trojan/Scr.Obfuscator.ch!crit [-] Trojan/Scr.Obfuscator.ci!crit [-] Trojan/Scr.Obfuscator.cj!crit [-] Trojan/Scr.Obfuscator.ck!crit [-] Trojan/Scr.Obfuscator.cl!crit [-] Trojan/Scr.Obfuscator.cm!crit [-] Trojan/Scr.Obfuscator.cn!crit [-] Trojan/Scr.Obfuscator.co!crit [-] Trojan/Scr.Obfuscator.cp!crit [-] Trojan/Scr.Obfuscator.cq!crit [-] Trojan/Scr.Obfuscator.cr!crit [-] Trojan/Scr.Obfuscator.cs!crit [-] Trojan/Scr.Obfuscator.ct!crit [-] Trojan/Scr.Obfuscator.cu!crit [-] Trojan/Scr.Obfuscator.cv!crit [-] Trojan/Scr.Obfuscator.cw!crit [-] Trojan/Scr.Obfuscator.cx!crit [-] Trojan/Scr.Obfuscator.cy!crit [-] Trojan/Scr.Obfuscator.cz!crit [-] Trojan/Scr.Obfuscator.da!crit [-] Trojan/Scr.Obfuscator.db!crit [-] Trojan/Scr.Obfuscator.dc!crit [-] Trojan/Scr.Obfuscator.dd!crit [-] Trojan/Scr.Obfuscator.de!crit [-] Trojan/Scr.Obfuscator.df!crit [-] Trojan/Scr.Obfuscator.dg!crit [-] Trojan/Scr.Obfuscator.dh!crit [-] Trojan/Scr.Obfuscator.di!crit [-] Trojan/Scr.Obfuscator.dj!crit [-] Trojan/Scr.Obfuscator.dk!crit [-] Trojan/Scr.Obfuscator.dl!crit [-] Trojan/Scr.Obfuscator.dm!crit [-] Trojan/Scr.Obfuscator.dn!crit [-] Trojan/Scr.Obfuscator.do!crit [-] Trojan/Scr.Obfuscator.dp!crit [-] Trojan/Scr.Obfuscator.dq!crit [-] Trojan/Scr.Obfuscator.dr!crit [-] Trojan/Scr.Obfuscator.ds!crit [-] Trojan/Scr.Obfuscator.dt!crit [-] Trojan/Scr.Obfuscator.du!crit [-] Trojan/Scr.Obfuscator.dv!crit [-] Trojan/Scr.Obfuscator.dw!crit [-] Trojan/Scr.Obfuscator.dx!crit [-] Trojan/Scr.Obfuscator.dy!crit [-] Trojan/Scr.Obfuscator.dz!crit [-] Trojan/Scr.Obfuscator.ea!crit [-] Trojan/Scr.Obfuscator.eb!crit [-] Trojan/Scr.Obfuscator.ec!crit [-] Trojan/Scr.Obfuscator.ed!crit [-] Trojan/Scr.Obfuscator.ee!crit [-] Trojan/Scr.Obfuscator.ef!crit [-] Trojan/Scr.Obfuscator.eg!crit [-] Trojan/Scr.Obfuscator.eh!crit [-] Trojan/Scr.Obfuscator.ei!crit [-] Trojan/Scr.Obfuscator.ej!crit [-] Trojan/Scr.Obfuscator.ek!crit [-] Trojan/Scr.Obfuscator.el!crit [-] Trojan/Scr.Obfuscator.em!crit [-] Trojan/Scr.Obfuscator.en!crit [-] Trojan/Scr.Obfuscator.eo!crit [-] Trojan/Scr.Obfuscator.ep!crit [-] Trojan/Scr.Obfuscator.eq!crit [-] Trojan/Scr.Obfuscator.er!crit [-] Trojan/Scr.Obfuscator.es!crit [-] Trojan/Scr.Obfuscator.et!crit [-] Trojan/Scr.Obfuscator.eu!crit [-] Trojan/Scr.Obfuscator.ev!crit [-] Trojan/Scr.Obfuscator.ew!crit [-] Trojan/Scr.Obfuscator.ex!crit [-] Trojan/Scr.Obfuscator.ey!crit [-] Trojan/Scr.Obfuscator.ez!crit [-] Trojan/Scr.Obfuscator.fa!crit [-] Trojan/Scr.Obfuscator.fb!crit [-] Trojan/Scr.Obfuscator.fc!crit [-] Trojan/Scr.Obfuscator.fd!crit [-] Trojan/Scr.Obfuscator.w!crit [-] Trojan/Scr.Obfuscator.x!crit [-] Trojan/Scr.Obfuscator.y!crit [-] Trojan/Scr.Obfuscator.z!crit ```新增遥测定义: 39 | 移除遥测定义: 24
``` [+] Backdoor/Linux.Mirai.c!crit!submit [+] Backdoor/PHP.WebShell.p!crit!submit [+] Backdoor/PHP.WebShell.q!crit!submit [+] Backdoor/PHP.WebShell.r!crit!submit [+] Backdoor/W32.Lotok.xx!crit!submit [+] Backdoor/W64.Lotok.ba!crit!submit [+] Backdoor/W64.Lotok.bb!crit!submit [+] Backerdoor/PHP.Injector.a!crit!submit [+] HackTool/MSIL.BruteForce.a!crit!submit [+] HackTool/MSIL.DDoS.b!crit!submit [+] OMacro/SCR.Downloader.b!crit!submit [+] Ransom/MSIL.LockFile.c!crit!submit [+] Ransom/MSIL.LockFile.d!crit!submit [+] Trojan/BAT.CoinMiner.d!crit!submit [+] Trojan/JS.ChatgptStealer.a!crit!submit [+] Trojan/JS.ChatgptStealer.b!crit!submit [+] Trojan/SCR.Agent.clr!crit!submit [+] Trojan/VBS.KillAV.a!crit!submit [+] Trojan/VBS.KillAV.b!crit!submit [+] Trojan/W32.HiJack.x!crit!submit [+] Trojan/W32.Injector.clj!crit!submit [+] Trojan/W32.Injector.t!crit!submit [+] Trojan/W32.ProxyChanger.a!crit!submit [+] TrojanDownloader/BAT.Runner.g!crit!submit [+] TrojanDownloader/JS.Runner.a!crit!submit [+] TrojanDownloader/JS.Starter.b!crit!submit [+] TrojanDownloader/Linux.Agent.e!crit!submit [+] TrojanDownloader/MSIL.Runner.d!crit!submit [+] TrojanDownloader/MSIL.Runner.e!crit!submit [+] TrojanDownloader/VBS.Runner.e!crit!submit [+] TrojanDownloader/VBS.Runner.f!crit!submit [+] TrojanDropper/BAT.Starter.b!crit!submit [+] TrojanDropper/SCR.Agent.a!crit!submit [+] TrojanSpy/BAT.Stealer.h!crit!submit [+] TrojanSpy/Linux.Agent.a!crit!submit [+] TrojanSpy/W32.Stealer.aa!crit!submit [+] TrojanSpy/W32.Stealer.ac!crit!submit [+] TrojanSpy/W32.Stealer.z!crit!submit [+] TrojanSpy/W64.Stealer.tj!crit!submit [-] Adware/Android.PornTool.i!crit!submit [-] Backdoor/PHP.Webshell.d!crit!submit [-] Backdoor/PHP.Webshell.p!crit!submit [-] Backdoor/PHP.Webshell.q!crit!submit [-] Backdoor/PHP.Webshell.r!crit!submit [-] Backdoor/W32.Lotok.aa!crit!submit [-] Backdoor/W32.Lotok.xe!crit!submit [-] HEUR:Backdoor/W64.Lotok.a!crit!submit [-] HEUR:Trojan/W32.HiJack.b!crit!submit [-] HackTool/W32.Scrambler.a!crit!submit [-] OMacro/Scr.Downloader.b!crit!submit [-] Trojan/MSIL.Obfuscated.ao!crit!submit [-] Trojan/PS.Loader.d!crit!submit [-] Trojan/SCR.CoinMiner.a!crit!submit [-] Trojan/SCR.ShellCode.g!crit!submit [-] Trojan/SCR.ShellCode.h!crit!submit [-] Trojan/SCR.ShellCode.i!crit!submit [-] Trojan/SCR.Shellcode.h!crit!submit [-] Trojan/W32.BypassUAC.a!crit!submit [-] Trojan/W32.ShellLoader.m!crit!submit [-] Trojan/W32.ShellLoader.n!crit!submit [-] Trojan/W64.Agent.gk!crit!submit [-] Trojan/W64.Obfuscated.nw!crit!submit [-] TrojanDropper/Scr.Agent.a!crit!submit ```新增: 2
``` [+] TrojanDropper/MalSetup.OCB!submit [+] TrojanDropper/MalSetup.OCC!submit ```1768217225 - 2026-01-12 11:27:05 UTC
#### 特征项变更 ([pset.txt](data/1768217225.pset.txt))新增正式定义: 36
``` [+] Backdoor/Agent.rc [+] Backdoor/CobaltStrike.oz [+] Backdoor/Ghost.ca [+] Backdoor/Linux.Sliver.b [+] Backdoor/Lotok.of [+] Backdoor/Lotok.oh [+] HEUR:Worm/BAT.Autorun.f [+] HackTool/Linux.BotWarden.a [+] Ransom/Cerber.ak [+] Trojan/Agent.clq [+] Trojan/DLLHijack.y [+] Trojan/FakeApp.abl [+] Trojan/GenCBL.a [+] Trojan/GenCBL.b [+] Trojan/HTML.Phishing.he [+] Trojan/Injector.clh [+] Trojan/Injector.cli [+] Trojan/Linux.Gafgyt.r [+] Trojan/Loader.ms [+] Trojan/MSIL.Obfuscated.jx [+] Trojan/Obfuscated.nt [+] Trojan/Obfuscated.nu [+] Trojan/PS.Runner.u [+] Trojan/ShellLoader.ahg [+] Trojan/ShellLoader.ahh [+] TrojanDownloader/Agent.blq [+] TrojanDownloader/Agent.bls [+] TrojanDownloader/HTML.Agent.bh [+] TrojanDownloader/JS.Agent.if [+] TrojanDownloader/Linux.Agent.du [+] TrojanDownloader/VBS.Agent.kd [+] TrojanDownloader/W64.Agent.co [+] TrojanSpy/JS.Stealer.bh [+] TrojanSpy/MSIL.Formbook.bd [+] TrojanSpy/MSIL.Formbook.be [+] TrojanSpy/MSIL.Formbook.bf ```新增遥测定义: 43 | 移除遥测定义: 37
``` [+] Backdoor/Linux.Mirai.kx!submit [+] Backdoor/Lotok.oi!submit [+] Backdoor/Lotok.oj!submit [+] HEUR:Trojan/Injector.clj!submit [+] HEUR:Trojan/KillWin.g!submit [+] HEUR:TrojanDownloader/Linux.Mirai.bv!submit [+] HEUR:TrojanSpy/OSX.Amos.c!submit [+] HVM:Backdoor/Lotok.ce!submit [+] HVM:Trojan/ShellLoader.cj!submit [+] Trojan/Autoit.Injector.ds!submit [+] Trojan/BAT.Agent.gq!submit [+] Trojan/BAT.Runner.bn!submit [+] Trojan/BAT.Runner.bo!submit [+] Trojan/Clipboard.c!submit [+] Trojan/DLLHijack.z!submit [+] Trojan/DllHijack.aa!submit [+] Trojan/DllHijack.z!submit [+] Trojan/FakeApp.abb!submit [+] Trojan/FakeApp.abm!submit [+] Trojan/FakeApp.abn!submit [+] Trojan/HiJack.yk!submit [+] Trojan/JS.Obfuscated.dc!submit [+] Trojan/KillMBR.cm!submit [+] Trojan/Linux.Mirai.gi!submit [+] Trojan/Linux.Mirai.gj!submit [+] Trojan/Loader.mt!submit [+] Trojan/MSIL.Obfuscated.jy!submit [+] Trojan/Obfuscated.nv!submit [+] Trojan/PS.Loader.n!submit [+] Trojan/ShellLoader.ahi!submit [+] Trojan/ShellLoader.ahj!submit [+] Trojan/W64.Agent.gk!submit [+] Trojan/W64.Rozena.p!submit [+] TrojanDownloader/Agent.blt!submit [+] TrojanDownloader/HTML.Agent.bi!submit [+] TrojanDownloader/JS.Agent.gc!submit [+] TrojanDownloader/Linux.Agent.dv!submit [+] TrojanDropper/Maloader.n!submit [+] TrojanDropper/VBS.Agent.eg!submit [+] TrojanDropper/W64.Agent.ca!submit [+] TrojanSpy/Stealer.ti!submit [+] TrojanSpy/W64.PwStealer.e!submit [+] TrojanSpy/W64.Stealer.y!submit [-] Backdoor/Agent.rc!submit [-] Backdoor/CobaltStrike.oz!submit [-] Backdoor/Ghost.ca!submit [-] Backdoor/Linux.Lotok.a!submit [-] Backdoor/Lotok.of!submit [-] Backdoor/Lotok.og!submit [-] Backdoor/Lotok.oh!submit [-] HEUR:Worm/BAT.Autorun.f!submit [-] HackTool/Linux.BotWarden.a!submit [-] Ransom/Cerber.ak!submit [-] Trojan/Agent.clq!submit [-] Trojan/DLLHijack.y!submit [-] Trojan/FakeApp.abl!submit [-] Trojan/GenCBL.a!submit [-] Trojan/GenCBL.b!submit [-] Trojan/HTML.Phishing.he!submit [-] Trojan/Injector.clh!submit [-] Trojan/Injector.cli!submit [-] Trojan/Linux.Gafgyt.r!submit [-] Trojan/Loader.ms!submit [-] Trojan/MSIL.Obfuscated.jx!submit [-] Trojan/Obfuscated.nt!submit [-] Trojan/Obfuscated.nu!submit [-] Trojan/PS.Runner.u!submit [-] Trojan/ShellLoader.ahg!submit [-] Trojan/ShellLoader.ahh!submit [-] TrojanDownloader/Agent.blq!submit [-] TrojanDownloader/Agent.bls!submit [-] TrojanDownloader/HTML.Agent.bh!submit [-] TrojanDownloader/JS.Agent.if!submit [-] TrojanDownloader/Linux.Agent.du!submit [-] TrojanDownloader/VBS.Agent.kd!submit [-] TrojanDownloader/W64.Agent.co!submit [-] TrojanSpy/JS.Stealer.bh!submit [-] TrojanSpy/MSIL.Formbook.bd!submit [-] TrojanSpy/MSIL.Formbook.be!submit [-] TrojanSpy/MSIL.Formbook.bf!submit ```新增正式定义: 8
``` [+] Backdoor/OSX.NukeSped.a!crit [+] HackTool/Linux.Usurper.a!crit [+] Trojan/Python.Agent.bt!crit [+] Trojan/SCR.ShellCode.e!crit [+] Trojan/SCR.ShellCode.f!crit [+] Trojan/W32.Injector.clh!crit [+] TrojanDownloader/JS.Agent.c!crit [+] Worm/BAT.Runner.bp!crit ```新增遥测定义: 39 | 移除遥测定义: 11
``` [+] Adware/Android.PornTool.i!crit!submit [+] Backdoor/PHP.WebShell.d!crit!submit [+] Backdoor/PHP.WebShell.s!crit!submit [+] Backdoor/PS.ReverseShell.f!crit!submit [+] Backdoor/W32.Lotok.aa!crit!submit [+] Backdoor/W32.Lotok.x!crit!submit [+] Backdoor/W32.Lotok.xe!crit!submit [+] Backdoor/W32.Lotok.y!crit!submit [+] HEUR:Backdoor/W64.Lotok.a!crit!submit [+] HackTool/PS.BruteForce.a!crit!submit [+] HackTool/W32.Scrambler.a!crit!submit [+] Trojan/MSIL.Obfuscated.ao!crit!submit [+] Trojan/PS.CoinMiner.a!crit!submit [+] Trojan/PS.Loader.d!crit!submit [+] Trojan/SCR.CoinMiner.a!crit!submit [+] Trojan/SCR.ShellCode.g!crit!submit [+] Trojan/SCR.ShellCode.h!crit!submit [+] Trojan/SCR.ShellCode.i!crit!submit [+] Trojan/SCR.Shellcode.h!crit!submit [+] Trojan/W32.BypassUAC.a!crit!submit [+] Trojan/W32.Injector.r!crit!submit [+] Trojan/W32.Injector.s!crit!submit [+] Trojan/W32.ShellLoader.m!crit!submit [+] Trojan/W32.ShellLoader.n!crit!submit [+] Trojan/W32.ULPM.a!crit!submit [+] Trojan/W64.Agent.gk!crit!submit [+] Trojan/W64.Injector.a!crit!submit [+] Trojan/W64.Obfuscated.nw!crit!submit [+] TrojanDownloader/MSIL.Runner.c!crit!submit [+] TrojanDownloader/PS.Runner.p!crit!submit [+] TrojanDownloader/VBS.Runner.d!crit!submit [+] TrojanDropper/MSIL.Starter.a!crit!submit [+] TrojanDropper/MSIL.Starter.b!crit!submit [+] TrojanDropper/PS.Runner.c!crit!submit [+] TrojanDropper/VBS.Runner.c!crit!submit [+] TrojanDropper/W64.Runner.b!crit!submit [+] TrojanSpy/PS.Stealer.i!crit!submit [+] TrojanSpy/VBS.Stealer.a!crit!submit [+] TrojanSpy/W32.Banker.b!crit!submit [-] Backdoor/OSX.NukeSped.a!crit!submit [-] Backdoor/W32.Lotok.u!crit!submit [-] Backdoor/W32.Lotok.v!crit!submit [-] HackTool/Linux.Usurper.a!crit!submit [-] Trojan/Python.Agent.bt!crit!submit [-] Trojan/SCR.ShellCode.e!crit!submit [-] Trojan/SCR.ShellCode.f!crit!submit [-] Trojan/W32.Injector.clh!crit!submit [-] Trojan/W32.ShellLoader.l!crit!submit [-] TrojanDownloader/JS.Agent.c!crit!submit [-] Worm/BAT.Runner.bp!crit!submit ```新增: 6 | 移除: 4
``` [+] ADV:Ransom/Genalocker.ZFA!submit [+] ADV:Ransom/Genalocker.ZFB!submit [+] MEMSCAN/Lotok.A!submit [+] MEMSCAN/SpecialDir.C [+] TrojanDropper/MalSetup.OCA!submit [+] TrojanDropper/MalSetup.PB!submit [-] ADV:Ransom/Genalocker.ZEA!submit [-] ADV:Ransom/Genalocker.ZEB!submit [-] TrojanDropper/MalSetup.OA!submit [-] TrojanDropper/MalSetup.PA!submit ```1768128066 - 2026-01-11 10:41:06 UTC
#### 黑名单哈希变更 ([troj.txt](data/1768128066.troj.txt)) 新增: 35 #### 白名单哈希变更 ([hwl.txt](data/1768128066.hwl.txt)) 新增: 121768044761 - 2026-01-10 11:32:41 UTC
#### 黑名单哈希变更 ([troj.txt](data/1768044761.troj.txt)) 新增: 128 #### 白名单哈希变更 ([hwl.txt](data/1768044761.hwl.txt)) 新增: 81767957379 - 2026-01-09 11:16:19 UTC
#### 特征项变更 ([pset.txt](data/1767957379.pset.txt))新增正式定义: 35
``` [+] Backdoor/Agent.rb [+] Backdoor/Lotok.oa [+] Backdoor/Python.Agent.n [+] Backdoor/Remcos.ax [+] Exploit/HTML.CVE-2025-54100 [+] HVM:Backdoor/Lotok.cd [+] HVM:TrojanDropper/W64.Agent.ca [+] HackTool/Rdp2Tcp.a [+] Trojan/AutoIt.Runner.g [+] Trojan/Barys.c [+] Trojan/FakeApp.aar [+] Trojan/FakeApp.abj [+] Trojan/FakeApp.abk [+] Trojan/HTML.Phishing.hd [+] Trojan/MSIL.CoinStealer.g [+] Trojan/MSIL.Obfuscated.jw [+] Trojan/PS.Loader.m [+] Trojan/ShellLoader.ahf [+] Trojan/StrongPity.c [+] Trojan/W64.Agent.gj [+] TrojanDownloader/Agent.blp [+] TrojanDownloader/HTML.Agent.bg [+] TrojanDownloader/MSIL.Agent.ajj [+] TrojanDownloader/VBS.Agent.kc [+] TrojanDropper/Agent.akb [+] TrojanDropper/Agent.akl [+] TrojanDropper/Agent.akm [+] TrojanDropper/Agent.akp [+] TrojanDropper/Agent.akq [+] TrojanDropper/Agent.akr [+] TrojanDropper/Agent.aks [+] TrojanDropper/Agent.akt [+] TrojanSpy/Banker.hm [+] TrojanSpy/Zbot.dj [+] Worm/Autorun.hc ```新增遥测定义: 41 | 移除遥测定义: 36
``` [+] Backdoor/Agent.rc!submit [+] Backdoor/CobaltStrike.oz!submit [+] Backdoor/Ghost.ca!submit [+] Backdoor/Linux.Lotok.a!submit [+] Backdoor/Linux.Mirai.kw!submit [+] Backdoor/Lotok.od!submit [+] Backdoor/Lotok.oe!submit [+] Backdoor/Lotok.of!submit [+] Backdoor/Lotok.og!submit [+] Backdoor/Lotok.oh!submit [+] HEUR:Worm/BAT.Autorun.f!submit [+] HackTool/Linux.BotWarden.a!submit [+] Ransom/Cerber.ak!submit [+] Rootkit/Agent!submit [+] Trojan/Agent.clq!submit [+] Trojan/DLLHijack.y!submit [+] Trojan/FakeApp.abl!submit [+] Trojan/GenCBL.a!submit [+] Trojan/GenCBL.b!submit [+] Trojan/HTML.Phishing.he!submit [+] Trojan/Injector.clh!submit [+] Trojan/Injector.cli!submit [+] Trojan/Linux.Gafgyt.r!submit [+] Trojan/Loader.ms!submit [+] Trojan/MSIL.Obfuscated.jx!submit [+] Trojan/Obfuscated.nt!submit [+] Trojan/Obfuscated.nu!submit [+] Trojan/PS.Runner.u!submit [+] Trojan/ShellLoader.ahg!submit [+] Trojan/ShellLoader.ahh!submit [+] TrojanDownloader/Agent.blq!submit [+] TrojanDownloader/Agent.bls!submit [+] TrojanDownloader/HTML.Agent.bh!submit [+] TrojanDownloader/JS.Agent.if!submit [+] TrojanDownloader/Linux.Agent.du!submit [+] TrojanDownloader/VBS.Agent.kd!submit [+] TrojanDownloader/W64.Agent.co!submit [+] TrojanSpy/JS.Stealer.bh!submit [+] TrojanSpy/MSIL.Formbook.bd!submit [+] TrojanSpy/MSIL.Formbook.be!submit [+] TrojanSpy/MSIL.Formbook.bf!submit [-] Backdoor/Agent.rb!submit [-] Backdoor/Lotok.oa!submit [-] Backdoor/Python.Agent.n!submit [-] Backdoor/Remcos.ax!submit [-] Exploit/HTML.CVE-2025-54100.a!submit [-] HVM:Backdoor/Lotok.cd!submit [-] HVM:TrojanDropper/W64.Agent.ca!submit [-] HackTool/Rdp2Tcp.a!submit [-] Trojan/AutoIt.Runner.g!submit [-] Trojan/Barys.c!submit [-] Trojan/FakeApp.aar!submit [-] Trojan/FakeApp.abb!submit [-] Trojan/FakeApp.abj!submit [-] Trojan/FakeApp.abk!submit [-] Trojan/HTML.Phishing.hd!submit [-] Trojan/MSIL.CoinStealer.g!submit [-] Trojan/MSIL.Obfuscated.jw!submit [-] Trojan/PS.Loader.m!submit [-] Trojan/ShellLoader.ahf!submit [-] Trojan/StrongPity.c!submit [-] Trojan/W64.Agent.gj!submit [-] TrojanDownloader/Agent.blp!submit [-] TrojanDownloader/HTML.Agent.bg!submit [-] TrojanDownloader/MSIL.Agent.ajj!submit [-] TrojanDownloader/VBS.Agent.kc!submit [-] TrojanDropper/Agent.akb!submit [-] TrojanDropper/Agent.akl!submit [-] TrojanDropper/Agent.akm!submit [-] TrojanDropper/Agent.akp!submit [-] TrojanDropper/Agent.akq!submit [-] TrojanDropper/Agent.akr!submit [-] TrojanDropper/Agent.aks!submit [-] TrojanDropper/Agent.akt!submit [-] TrojanSpy/Banker.hm!submit [-] TrojanSpy/Zbot.dj!submit [-] Worm/Autorun.hc!submit ```新增正式定义: 17 | 移除正式定义: 1
``` [+] Backdoor/W32.Agent.e!crit [+] Backdoor/W32.Lotok.af!crit [+] Trojan/MSIL.Agent.aak!crit [+] Trojan/MSIL.Obfuscated.an!crit [+] Trojan/MSIL.Obfuscated.jw!crit [+] Trojan/SCR.Agent.c!crit [+] Trojan/SCR.Agent.d!crit [+] Trojan/W32.FakeApp.e!crit [+] Trojan/W32.Obfuscated.nv!crit [+] Trojan/W32.Obfuscated.nw!crit [+] Trojan/W64.KillWin.dj!crit [+] TrojanDownloader/W32.Agent.blp!crit [+] TrojanDropper/W32.Agent.m!crit [+] TrojanSpy/MSIL.Formbook.a!crit [+] Worm/SCR.Autorun.a!crit [+] Worm/VBS.Capside.a!crit [+] Worm/W32.Capside.a!crit [-] Virus/MAYA.FuckVirus.b!crit ```新增遥测定义: 35 | 移除遥测定义: 19
``` [+] Backdoor/OSX.NukeSped.a!crit!submit [+] Backdoor/PHP.Webshell.p!crit!submit [+] Backdoor/PHP.Webshell.q!crit!submit [+] Backdoor/PHP.Webshell.r!crit!submit [+] Backdoor/PS.GuidPuller.b!crit!submit [+] Backdoor/W32.Lotok.u!crit!submit [+] Backdoor/W32.Lotok.v!crit!submit [+] HackTool/Linux.Usurper.a!crit!submit [+] Trojan/BAT.KillAV.c!crit!submit [+] Trojan/BAT.KillAV.d!crit!submit [+] Trojan/MSIL.Injector.g!crit!submit [+] Trojan/Python.Agent.bt!crit!submit [+] Trojan/SCR.ShellCode.e!crit!submit [+] Trojan/SCR.ShellCode.f!crit!submit [+] Trojan/W32.Injector.clh!crit!submit [+] Trojan/W32.ShellLoader.l!crit!submit [+] TrojanDownloader/JS.Agent.c!crit!submit [+] TrojanDownloader/MSIL.Runner.a!crit!submit [+] TrojanDownloader/MSIL.Runner.b!crit!submit [+] TrojanDownloader/PS.Runner.h!crit!submit [+] TrojanDownloader/PS.Runner.i!crit!submit [+] TrojanDownloader/PS.Runner.j!crit!submit [+] TrojanDownloader/PS.Runner.k!crit!submit [+] TrojanDownloader/PS.Runner.l!crit!submit [+] TrojanDownloader/PS.Runner.m!crit!submit [+] TrojanDownloader/PS.Runner.n!crit!submit [+] TrojanDownloader/PS.Runner.o!crit!submit [+] TrojanDownloader/W32.Runner.c!crit!submit [+] TrojanDownloader/W32.Runner.d!crit!submit [+] TrojanDropper/PS.ShellLoader.c!crit!submit [+] TrojanDropper/VBS.Runner.b!crit!submit [+] TrojanDropper/W64.ShellLoader.b!crit!submit [+] TrojanSpy/MSIL.Stealer.ccz!crit!submit [+] TrojanSpy/MSIL.Stealer.cda!crit!submit [+] Worm/BAT.Runner.bp!crit!submit [-] Backdoor/W32.Agent.e!crit!submit [-] Backdoor/W32.Lotok.af!crit!submit [-] Backdoor/W32.Lotok.ag!crit!submit [-] Trojan/MSIL.Agent.aak!crit!submit [-] Trojan/MSIL.Obfuscated.an!crit!submit [-] Trojan/MSIL.Obfuscated.jw!crit!submit [-] Trojan/SCR.Agent.c!crit!submit [-] Trojan/SCR.Agent.d!crit!submit [-] Trojan/W32.FakeApp.e!crit!submit [-] Trojan/W32.Obfuscated.nv!crit!submit [-] Trojan/W32.Obfuscated.nw!crit!submit [-] Trojan/W32.ShellLoader.k!crit!submit [-] Trojan/W64.KillWin.dj!crit!submit [-] TrojanDownloader/W32.Agent.blp!crit!submit [-] TrojanDroppper/VBS.Runner.a!crit!submit [-] TrojanSpy/MSIL.Formbook.a!crit!submit [-] Worm/SCR.Autorun.a!crit!submit [-] Worm/VBS.Capside.a!crit!submit [-] Worm/W32.Capside.a!crit!submit ```新增: 2 | 移除: 2
``` [+] ADV:Ransom/Genalocker.ZEA!submit [+] ADV:Ransom/Genalocker.ZEB!submit [-] ADV:Ransom/Genalocker.ZCB!submit [-] ADV:Ransom/Genalocker.ZDA!submit ```1767870070 - 2026-01-08 11:01:10 UTC
#### 特征项变更 ([pset.txt](data/1767870070.pset.txt))新增正式定义: 42 | 移除正式定义: 1
``` [+] Backdoor/Lotok.ob [+] Backdoor/W64.AdaptixC2.b [+] Backdoor/W64.Agent.l [+] Backdoor/W64.Agent.m [+] HEUR:Backdoor/MSIL.Bladabindi.bc [+] HEUR:Backdoor/MSIL.Bladabindi.bd [+] HEUR:Trojan/Injector.cp [+] HVM:Backdoor/Lotok.bx [+] HackTool/Python.Winpwnage.a [+] Ransom/LockFile.ri [+] Trojan/Agent.clp [+] Trojan/BAT.Loader.j [+] Trojan/FakeApp.abg [+] Trojan/FakeApp.abh [+] Trojan/FakeApp.abi [+] Trojan/Linux.Mirai.gg [+] Trojan/Linux.Mirai.gh [+] Trojan/Loader.mq [+] Trojan/Loader.mr [+] Trojan/Obfuscated.ns [+] Trojan/Python.DDos.h [+] Trojan/ShellLoader.ahd [+] Trojan/ShellLoader.ahe [+] TrojanDownloader/PS.Agent.fa [+] TrojanDownloader/PS.Agent.fb [+] TrojanDownloader/VBS.Agent.kb [+] TrojanDownloader/W64.Agent.cn [+] TrojanDropper/Agent.akk [+] TrojanDropper/Agent.akn [+] TrojanDropper/Agent.ako [+] TrojanDropper/MSIL.Agent.jx [+] TrojanDropper/Python.Agent.n [+] TrojanDropper/VBS.Agent.ef [+] TrojanDropper/W64.Agent.bz [+] TrojanSpy/HTML.Stealer.c [+] TrojanSpy/Python.Rodico.a [+] VirTool/Obfuscator.aw [+] VirTool/Obfuscator.ay [+] VirTool/Obfuscator.ba [+] VirTool/Obfuscator.bb [+] VirTool/Obfuscator.be [+] VirTool/Obfuscator.db [-] Backdoor/W64.AdaptixC2.a ```新增遥测定义: 33 | 移除遥测定义: 43
``` [+] Backdoor/Agent.rb!submit [+] Backdoor/Lotok.oa!submit [+] Backdoor/Lotok.oc!submit [+] Backdoor/Python.Agent.n!submit [+] Backdoor/Remcos.ax!submit [+] Exploit/HTML.CVE-2025-54100.a!submit [+] HEUR:TrojanDropper/Agent.ar!submit [+] HVM:Backdoor/Lotok.cd!submit [+] HVM:TrojanDropper/W64.Agent.ca!submit [+] HackTool/Rdp2Tcp.a!submit [+] Trojan/AutoIt.Runner.g!submit [+] Trojan/Barys.c!submit [+] Trojan/FakeApp.abj!submit [+] Trojan/FakeApp.abk!submit [+] Trojan/HTML.Phishing.hd!submit [+] Trojan/MSIL.CoinStealer.g!submit [+] Trojan/MSIL.Obfuscated.jw!submit [+] Trojan/PS.Loader.m!submit [+] Trojan/ShellLoader.ahf!submit [+] Trojan/StrongPity.c!submit [+] Trojan/W64.Agent.gj!submit [+] TrojanDownloader/Agent.blp!submit [+] TrojanDownloader/HTML.Agent.bg!submit [+] TrojanDownloader/MSIL.Agent.ajj!submit [+] TrojanDownloader/VBS.Agent.kc!submit [+] TrojanDropper/Agent.akp!submit [+] TrojanDropper/Agent.akq!submit [+] TrojanDropper/Agent.akr!submit [+] TrojanDropper/Agent.aks!submit [+] TrojanDropper/Agent.akt!submit [+] TrojanSpy/Banker.hm!submit [+] TrojanSpy/Zbot.dj!submit [+] Worm/Autorun.hc!submit [-] Backdoor/Lotok.ob!submit [-] Backdoor/W64.AdaptixC2.b!submit [-] Backdoor/W64.Agent.l!submit [-] Backdoor/W64.Agent.m!submit [-] HEUR:Backdoor/MSIL.Bladabindi.bc!submit [-] HEUR:Backdoor/MSIL.Bladabindi.bd!submit [-] HEUR:Trojan/BAT.Loader.j!submit [-] HEUR:Trojan/Injector.cp!submit [-] HEUR:Trojan/KillWin.dj!submit [-] HVM:Backdoor/Lotok.bx!submit [-] Ransom/LockFile.ri!submit [-] Trojan/Agent.clp!submit [-] Trojan/BAT.Loader.j!submit [-] Trojan/FakeApp.abg!submit [-] Trojan/FakeApp.abh!submit [-] Trojan/FakeApp.abi!submit [-] Trojan/Linux.Mirai.gg!submit [-] Trojan/Linux.Mirai.gh!submit [-] Trojan/Loader.mq!submit [-] Trojan/Loader.mr!submit [-] Trojan/Obfuscated.ns!submit [-] Trojan/Python.DDos.h!submit [-] Trojan/ShellLoader.ahd!submit [-] Trojan/ShellLoader.ahe!submit [-] TrojanDownloader/PS.Agent.fa!submit [-] TrojanDownloader/PS.Agent.fb!submit [-] TrojanDownloader/VBS.Agent.kb!submit [-] TrojanDownloader/W64.Agent.cn!submit [-] TrojanDropper/Agent.akk!submit [-] TrojanDropper/Agent.akn!submit [-] TrojanDropper/Agent.ako!submit [-] TrojanDropper/MSIL.Agent.jx!submit [-] TrojanDropper/Python.Agent.n!submit [-] TrojanDropper/VBS.Agent.ef!submit [-] TrojanDropper/W64.Agent.bz!submit [-] TrojanSpy/HTML.Stealer.c!submit [-] TrojanSpy/Python.Rodico.a!submit [-] VirTool/Obfuscator.aw!submit [-] VirTool/Obfuscator.ay!submit [-] VirTool/Obfuscator.ba!submit [-] VirTool/Obfuscator.bb!submit [-] VirTool/Obfuscator.be!submit [-] VirTool/Obfuscator.db!submit ```新增正式定义: 20
``` [+] Adware/Android.PornTool.g!crit [+] Adware/Android.PornTool.h!crit [+] Adware/W32.Agent.da!crit [+] Backdoor/Linux.Mirai.a!crit [+] Backdoor/Linux.Mirai.b!crit [+] Backdoor/Linux.ReverseShell.a!crit [+] Backdoor/W64.Agent.g!crit [+] Backdoor/W64.SparkRAT.a!crit [+] Exploit/W32.CVE-2025-62215.a!crit [+] HEUR:Trojan/W32.HiJack.a!crit [+] HackTool/Linux.CoinMiner.a!crit [+] Trojan/HTML.Phishing.oq!crit [+] Trojan/MSIL.Obfuscated.am!crit [+] Trojan/W32.Obfuscated.nt!crit [+] TrojanDownloader/MSIL.Maloader.j!crit [+] TrojanDownloader/VBS.Obfuscated.c!crit [+] TrojanSpy/Linux.Stealer.b!crit [+] TrojanSpy/W32.Rodico.a!crit [+] TrojanSpy/W64.ClipBanker.b!crit [+] Virus/MAYA.FuckVirus.b!crit ```新增遥测定义: 41 | 移除遥测定义: 19
``` [+] Backdoor/PS.ReverseShell.d!crit!submit [+] Backdoor/PS.ReverseShell.e!crit!submit [+] Backdoor/W32.Agent.e!crit!submit [+] Backdoor/W32.Lotok.af!crit!submit [+] Backdoor/W32.Lotok.ag!crit!submit [+] HEUR:Trojan/W32.HiJack.b!crit!submit [+] Joke/MSIL.Agent.a!crit!submit [+] Ransom/MSIL.LockFile.b!crit!submit [+] Ransom/W64.LockFilet.a!crit!submit [+] Trojan/MSIL.Agent.aak!crit!submit [+] Trojan/MSIL.Injector.c!crit!submit [+] Trojan/MSIL.Injector.d!crit!submit [+] Trojan/MSIL.Injector.e!crit!submit [+] Trojan/MSIL.Injector.f!crit!submit [+] Trojan/MSIL.Obfuscated.an!crit!submit [+] Trojan/MSIL.Obfuscated.jw!crit!submit [+] Trojan/SCR.Agent.c!crit!submit [+] Trojan/SCR.Agent.d!crit!submit [+] Trojan/W32.FakeApp.e!crit!submit [+] Trojan/W32.Injector.q!crit!submit [+] Trojan/W32.Obfuscated.nv!crit!submit [+] Trojan/W32.Obfuscated.nw!crit!submit [+] Trojan/W32.ShellLoader.k!crit!submit [+] Trojan/W64.KillWin.dj!crit!submit [+] TrojanDownloader/BAT.Runner.e!crit!submit [+] TrojanDownloader/BAT.Runner.f!crit!submit [+] TrojanDownloader/PS.Runner.g!crit!submit [+] TrojanDownloader/W32.Agent.blp!crit!submit [+] TrojanDropper/MSIL.Agent.b!crit!submit [+] TrojanDropper/MSIL.Agent.c!crit!submit [+] TrojanDropper/MSIL.Agent.d!crit!submit [+] TrojanDropper/W32.Agent.ah!crit!submit [+] TrojanDropper/W32.DDoS.a!crit!submit [+] TrojanDroppper/VBS.Runner.a!crit!submit [+] TrojanSpy/MSIL.Formbook.a!crit!submit [+] TrojanSpy/MSIL.Keylogger.b!crit!submit [+] TrojanSpy/MSIL.Stealer.ccx!crit!submit [+] TrojanSpy/MSIL.Stealer.ccy!crit!submit [+] Worm/SCR.Autorun.a!crit!submit [+] Worm/VBS.Capside.a!crit!submit [+] Worm/W32.Capside.a!crit!submit [-] Adware/Android.PornTool.g!crit!submit [-] Adware/Android.PornTool.h!crit!submit [-] Adware/W32.Agent.da!crit!submit [-] Backdoor/Linux.Mirai.a!crit!submit [-] Backdoor/Linux.Mirai.b!crit!submit [-] Backdoor/Linux.ReverseShell.a!crit!submit [-] Backdoor/W64.Agent.g!crit!submit [-] Backdoor/W64.SparkRAT.a!crit!submit [-] Exploit/W32.CVE-2025-62215.a!crit!submit [-] HEUR:Trojan/W32.HiJack.a!crit!submit [-] HackTool/Linux.CoinMiner.a!crit!submit [-] Trojan/HTML.Phishing.oq!crit!submit [-] Trojan/MSIL.Obfuscated.am!crit!submit [-] Trojan/W32.Obfuscated.nt!crit!submit [-] TrojanDownloader/MSIL.Maloader.j!crit!submit [-] TrojanSpy/Linux.Stealer.b!crit!submit [-] TrojanSpy/W32.Rodico.a!crit!submit [-] TrojanSpy/W64.ClipBanker.b!crit!submit [-] Virus/MAYA.FuckVirus.b!crit!submit ```新增: 2 | 移除: 1
``` [+] Backdoor/Lotok.DA!submit [+] Software:GM/NN.A#NN加速器 [-] Software:GM/NN.A#NN加速器!submit ```1767782775 - 2026-01-07 10:46:15 UTC
#### 特征项变更 ([pset.txt](data/1767782775.pset.txt))新增正式定义: 77
``` [+] Backdoor/Agent.ra [+] Backdoor/Linux.Gafgyt.by [+] Backdoor/Lotok.nz [+] Backdoor/W64.Agent.k [+] Backdoor/Xkcp.a [+] Exploit/VulnDriver.s [+] HEUR:Backdoor/Linux.Mirai.ku [+] HEUR:Trojan/BAT.Loader.j [+] HEUR:Trojan/BAT.Loader.k [+] HEUR:Trojan/Injector.co [+] HEUR:Trojan/JS.Obfuscated.db [+] HEUR:Trojan/KillMBR.cm [+] HEUR:Trojan/KillWin.f [+] HEUR:Trojan/Runner.fm [+] HEUR:TrojanDownloader/Agent.blo [+] HEUR:TrojanDownloader/VBS.Agent.gc [+] HVM:TrojanDropper/W64.Agent.bz [+] Hacktool/ConnectWise [+] Rootkit/W64.Agent.l [+] Trojan/Agent.clo [+] Trojan/BAT.Loader.i [+] Trojan/BAT.Pwrsvc.bv [+] Trojan/DDOS.ae [+] Trojan/DLLHijack.x [+] Trojan/DllHijack.x [+] Trojan/FakeApp.aax [+] Trojan/FakeApp.aay [+] Trojan/FakeApp.aaz [+] Trojan/FakeApp.aba [+] Trojan/FakeApp.abc [+] Trojan/FakeApp.abd [+] Trojan/FakeApp.abe [+] Trojan/FakeApp.abf [+] Trojan/FakeApp.zi [+] Trojan/HiJack.yj [+] Trojan/JS.Obfuscated.da [+] Trojan/KillAV.dc [+] Trojan/Linux.Mirai.fq [+] Trojan/Linux.Mirai.fv [+] Trojan/Linux.Mirai.gc [+] Trojan/Linux.Mirai.gd [+] Trojan/Linux.Mirai.ge [+] Trojan/Linux.Mirai.gf [+] Trojan/Loader.mo [+] Trojan/Loader.mp [+] Trojan/MSIL.Injector.qg [+] Trojan/MSIL.Obfuscated.jv [+] Trojan/NSIS.Injector.f [+] Trojan/Runner.fl [+] Trojan/ShellLoader.aha [+] Trojan/ShellLoader.ahb [+] Trojan/ShellLoader.ahc [+] Trojan/ShellcodeRunner.b [+] Trojan/W64.Injector.bz [+] Trojan/W64.Injector.ca [+] TrojanDownloader/Agent.bln [+] TrojanDownloader/Agent.blo [+] TrojanDownloader/BAT.Agent.gb [+] TrojanDownloader/Linux.Agent.dp [+] TrojanDownloader/Linux.Mozi.c [+] TrojanDownloader/Maloader.bn [+] TrojanDropper/Agent.akf [+] TrojanDropper/Agent.akg [+] TrojanDropper/Agent.akh [+] TrojanDropper/Agent.aki [+] TrojanDropper/Agent.akj [+] TrojanDropper/BAT.Agent.bm [+] TrojanDropper/Maloader.m [+] TrojanSpy/MSIL.ClipBanker.av [+] TrojanSpy/Stealer.th [+] TrojanSpy/W64.ClipBanker.e [+] TrojanSpy/W64.PwStealer.d [+] TrojanSpy/W64.Stealer.x [+] Virus/MAYA.FuckVirus.a [+] Worm/Autorun.ha [+] Worm/Autorun.hb [+] Worm/Phorpiex.o ```新增遥测定义: 47 | 移除遥测定义: 47
``` [+] Backdoor/Lotok.ob!submit [+] Backdoor/W64.Agent.l!submit [+] Backdoor/W64.Agent.m!submit [+] HEUR:Backdoor/MSIL.Bladabindi.bc!submit [+] HEUR:Backdoor/MSIL.Bladabindi.bd!submit [+] HEUR:Trojan/Injector.cp!submit [+] HEUR:Trojan/JS.Agent.gr!submit [+] HEUR:Trojan/KillWin.dj!submit [+] HVM:Backdoor/Lotok.bx!submit [+] HVM:Trojan/Injector.ah!submit [+] HVM:Trojan/Injector.cn!submit [+] HVM:Trojan/SelfDel.e!submit [+] Ransom/LockFile.ri!submit [+] Trojan/Agent.clp!submit [+] Trojan/BAT.Loader.j!submit [+] Trojan/FakeApp.aar!submit [+] Trojan/FakeApp.abg!submit [+] Trojan/FakeApp.abh!submit [+] Trojan/FakeApp.abi!submit [+] Trojan/Linux.Mirai.gg!submit [+] Trojan/Linux.Mirai.gh!submit [+] Trojan/Loader.mq!submit [+] Trojan/Loader.mr!submit [+] Trojan/Obfuscated.ns!submit [+] Trojan/Python.DDos.h!submit [+] Trojan/ShellLoader.ahd!submit [+] Trojan/ShellLoader.ahe!submit [+] TrojanDownloader/PS.Agent.fa!submit [+] TrojanDownloader/PS.Agent.fb!submit [+] TrojanDownloader/VBS.Agent.kb!submit [+] TrojanDownloader/W64.Agent.cn!submit [+] TrojanDropper/Agent.akk!submit [+] TrojanDropper/Agent.akl!submit [+] TrojanDropper/Agent.akm!submit [+] TrojanDropper/Agent.akn!submit [+] TrojanDropper/Agent.ako!submit [+] TrojanDropper/MSIL.Agent.jx!submit [+] TrojanDropper/Python.Agent.n!submit [+] TrojanDropper/VBS.Agent.ef!submit [+] TrojanDropper/W64.Agent.bz!submit [+] TrojanSpy/Python.Rodico.a!submit [+] VirTool/Obfuscator.aw!submit [+] VirTool/Obfuscator.ay!submit [+] VirTool/Obfuscator.ba!submit [+] VirTool/Obfuscator.bb!submit [+] VirTool/Obfuscator.be!submit [+] VirTool/Obfuscator.db!submit [-] Backdoor/Agent.ra!submit [-] Backdoor/Linux.Gafgyt.by!submit [-] Backdoor/Lotok.nz!submit [-] Backdoor/W64.Agent.k!submit [-] Backdoor/Xkcp.a!submit [-] HEUR:Backdoor/Linux.Mirai.ku!submit [-] HEUR:Trojan/BAT.Loader.k!submit [-] HEUR:Trojan/Injector.co!submit [-] HEUR:TrojanDownloader/Agent.blo!submit [-] HVM:Trojan/Hook.a!submit [-] Rootkit/W64.Agent.l!submit [-] Trojan/BAT.Loader.i!submit [-] Trojan/FakeApp.aax!submit [-] Trojan/FakeApp.aay!submit [-] Trojan/FakeApp.aaz!submit [-] Trojan/FakeApp.aba!submit [-] Trojan/FakeApp.abc!submit [-] Trojan/FakeApp.abd!submit [-] Trojan/FakeApp.abe!submit [-] Trojan/FakeApp.zi!submit [-] Trojan/Linux.Mirai.fq!submit [-] Trojan/Linux.Mirai.fv!submit [-] Trojan/Linux.Mirai.gc!submit [-] Trojan/Linux.Mirai.gd!submit [-] Trojan/Linux.Mirai.ge!submit [-] Trojan/Linux.Mirai.gf!submit [-] Trojan/Loader.mo!submit [-] Trojan/MSIL.Injector.qg!submit [-] Trojan/MSIL.Obfuscated.jv!submit [-] Trojan/NSIS.Injector.f!submit [-] Trojan/Runner.fl!submit [-] Trojan/ShellLoader.aha!submit [-] Trojan/ShellLoader.ahb!submit [-] Trojan/ShellcodeRunner.b!submit [-] Trojan/W64.Injector.bz!submit [-] TrojanDownloader/Agent.bln!submit [-] TrojanDownloader/Linux.Agent.dp!submit [-] TrojanDownloader/Linux.Mozi.c!submit [-] TrojanDropper/Agent.akf!submit [-] TrojanDropper/Agent.akg!submit [-] TrojanSpy/MSIL.ClipBanker.av!submit [-] TrojanSpy/Stealer.th!submit [-] TrojanSpy/W64.ClipBanker.e!submit [-] TrojanSpy/W64.PwStealer.d!submit [-] TrojanSpy/W64.Stealer.x!submit [-] Virus/MAYA.FuckVirus.a!submit [-] Worm/Autorun.ha!submit ```新增正式定义: 18
``` [+] Backdoor/W32.Lotok.ae!crit [+] Backdoor/W64.Havoc.a!crit [+] Ransom/W32.BTCware.i!crit [+] Ransom/W64.Filecoder.b!crit [+] Trojan/Android.Harly.a!crit [+] Trojan/Android.Winge.a!crit [+] Trojan/MSIL.Agent.aaj!crit [+] Trojan/MSIL.Androm.a!crit [+] Trojan/OSX.TrojanDownloader.a!crit [+] Trojan/SCR.FakeApp.b!crit [+] Trojan/SCR.Loader.a!crit [+] Trojan/SCR.Loader.mp!crit [+] Trojan/W32.HiJack.w!crit [+] Trojan/W32.Loader.mp!crit [+] TrojanDropper/W32.Agent.l!crit [+] TrojanSpy/SCR.Stealer.b!crit [+] TrojanSpy/SCR.Stealer.c!crit [+] TrojanSpy/W64.ClipBanker.a!crit ```新增遥测定义: 19 | 移除遥测定义: 14
``` [+] Adware/Android.PornTool.g!crit!submit [+] Adware/Android.PornTool.h!crit!submit [+] Adware/W32.Agent.da!crit!submit [+] Backdoor/Linux.Mirai.b!crit!submit [+] Backdoor/Linux.ReverseShell.a!crit!submit [+] Backdoor/W64.Agent.g!crit!submit [+] Backdoor/W64.SparkRAT.a!crit!submit [+] Exploit/W32.CVE-2025-62215.a!crit!submit [+] HEUR:Trojan/W32.HiJack.a!crit!submit [+] HackTool/Linux.CoinMiner.a!crit!submit [+] Trojan/HTML.Phishing.oq!crit!submit [+] Trojan/MSIL.Obfuscated.am!crit!submit [+] Trojan/W32.Obfuscated.nt!crit!submit [+] TrojanDownloader/MSIL.Maloader.j!crit!submit [+] TrojanDownloader/VBS.Obfuscated.c!crit!submit [+] TrojanSpy/Linux.Stealer.b!crit!submit [+] TrojanSpy/W32.Rodico.a!crit!submit [+] TrojanSpy/W64.ClipBanker.b!crit!submit [+] Virus/MAYA.FuckVirus.b!crit!submit [-] Backdoor/W32.Lotok.ae!crit!submit [-] Backdoor/W64.Havoc.a!crit!submit [-] Ransom/W32.BTCware.i!crit!submit [-] Trojan/Android.Harly.a!crit!submit [-] Trojan/Android.Winge.a!crit!submit [-] Trojan/MSIL.Agent.aaj!crit!submit [-] Trojan/SCR.FakeApp.a!crit!submit [-] Trojan/SCR.Loader.mp!crit!submit [-] Trojan/W32.HiJack.w!crit!submit [-] Trojan/W32.Loader.mp!crit!submit [-] Trojan/W32.ShellLoader.j!crit!submit [-] TrojanSpy/SCR.Stealer.b!crit!submit [-] TrojanSpy/SCR.Stealer.c!crit!submit [-] TrojanSpy/W64.ClipBanker.a!crit!submit ```新增: 2 | 移除: 1
``` [+] Software:GM/NN.A#NN加速器!submit [+] Software:OS/Gooxion.AA#固信终端 [-] Software:OS/Gooxion.AA#固信终端安全!submit ```1767697383 - 2026-01-06 11:03:03 UTC
#### 黑名单哈希变更 ([troj.txt](data/1767697383.troj.txt)) 新增: 125 | 移除: 11767610360 - 2026-01-05 10:52:40 UTC
#### 特征项变更 ([pset.txt](data/1767610360.pset.txt))新增正式定义: 34 | 移除正式定义: 6
``` [+] Backdoor/Linux.Mirai.kv [+] Backdoor/Lotok.ny [+] Backdoor/MSIL.AsyncRAT.ab [+] HEUR:Ransom/Filecoder.ek [+] HVM:Backdoor/Lotok.cg [+] HVM:Backdoor/Lotok.ch [+] HVM:Trojan/MalBehav.gen!AM [+] HVM:TrojanDownloader/Small.dq [+] HackTool/ConnectWiseControl.h [+] Trojan/BAT.Shutdown.e [+] Trojan/FakeApp.aav [+] Trojan/FakeApp.aaw [+] Trojan/Injector.clg [+] Trojan/KillDisk.eb [+] Trojan/Loader.mn [+] Trojan/MSIL.Obfuscated.jt [+] Trojan/MSIL.Obfuscated.ju [+] Trojan/ShellLoader.agx [+] Trojan/ShellLoader.agy [+] Trojan/ShellLoader.agz [+] Trojan/W64.Injector.bx [+] Trojan/W64.Injector.by [+] Trojan/W64.Rhadamanthys.a [+] TrojanDownloader/JS.Agent.ie [+] TrojanDownloader/Maloader.bm [+] TrojanDropper/Agent.ajt [+] TrojanDropper/Agent.akc [+] TrojanDropper/Agent.akd [+] TrojanDropper/Agent.ake [+] TrojanDropper/JS.Agent.cc [+] TrojanDropper/LNK.Agent.q [+] TrojanDropper/PS.Agent.y [+] TrojanDropper/W64.Agent.bx [+] TrojanSpy/Keylogger.fd [-] HVM:Backdoor/Lotok.bx [-] HVM:Backdoor/Lotok.cd [-] HVM:Backdoor/Lotok.ce [-] HVM:Backdoor/Lotok.cf [-] Trojan/FakeApp.aar [-] Trojan/FakeApp.zi ```新增遥测定义: 41 | 移除遥测定义: 34
``` [+] Backdoor/Agent.ra!submit [+] Backdoor/Lotok.nz!submit [+] Backdoor/W64.AdaptixC2.b!submit [+] Backdoor/W64.Agent.k!submit [+] Backdoor/Xkcp.a!submit [+] HEUR:Trojan/Injector.co!submit [+] HEUR:TrojanDownloader/Agent.blo!submit [+] Rootkit/StartPage.ad!submit [+] Rootkit/W64.Agent.l!submit [+] Trojan/BAT.Loader.i!submit [+] Trojan/FakeApp.aay!submit [+] Trojan/FakeApp.aaz!submit [+] Trojan/FakeApp.aba!submit [+] Trojan/FakeApp.abb!submit [+] Trojan/FakeApp.abc!submit [+] Trojan/FakeApp.abd!submit [+] Trojan/FakeApp.abe!submit [+] Trojan/FakeApp.zi!submit [+] Trojan/Linux.Mirai.gd!submit [+] Trojan/Linux.Mirai.ge!submit [+] Trojan/Linux.Mirai.gf!submit [+] Trojan/Loader.mo!submit [+] Trojan/MSIL.Injector.qg!submit [+] Trojan/MSIL.Obfuscated.jv!submit [+] Trojan/NSIS.Injector.f!submit [+] Trojan/Runner.fl!submit [+] Trojan/ShellLoader.aha!submit [+] Trojan/ShellLoader.ahb!submit [+] Trojan/ShellcodeRunner.b!submit [+] Trojan/StartPage.lj!submit [+] Trojan/W64.Injector.bz!submit [+] TrojanDownloader/Agent.bln!submit [+] TrojanDropper/Agent.akf!submit [+] TrojanDropper/Agent.akg!submit [+] TrojanSpy/MSIL.ClipBanker.av!submit [+] TrojanSpy/Stealer.th!submit [+] TrojanSpy/W64.ClipBanker.e!submit [+] TrojanSpy/W64.PwStealer.d!submit [+] TrojanSpy/W64.Stealer.x!submit [+] Virus/MAYA.FuckVirus.a!submit [+] Worm/Autorun.ha!submit [-] Backdoor/Linux.Mirai.kv!submit [-] Backdoor/Lotok.ny!submit [-] Backdoor/MSIL.AsyncRAT.ab!submit [-] HEUR:Ransom/Filecoder.ek!submit [-] HEUR:Trojan/FakeApp.doi!submit [-] HVM:Backdoor/Lotok.cg!submit [-] HVM:Backdoor/Lotok.ch!submit [-] HackTool/ConnectWiseControl.h!submit [-] Rootkit/Hook.at!submit [-] Trojan/BAT.Shutdown.e!submit [-] Trojan/FakeApp.aav!submit [-] Trojan/FakeApp.aaw!submit [-] Trojan/Injector.clg!submit [-] Trojan/KillDisk.eb!submit [-] Trojan/Loader.mn!submit [-] Trojan/MSIL.Obfuscated.jt!submit [-] Trojan/MSIL.Obfuscated.ju!submit [-] Trojan/ShellLoader.agx!submit [-] Trojan/ShellLoader.agy!submit [-] Trojan/ShellLoader.agz!submit [-] Trojan/W64.Injector.bx!submit [-] Trojan/W64.Injector.by!submit [-] Trojan/W64.Rhadamanthys.a!submit [-] TrojanDownloader/JS.Agent.ie!submit [-] TrojanDownloader/Maloader.bm!submit [-] TrojanDropper/Agent.ajt!submit [-] TrojanDropper/Agent.akc!submit [-] TrojanDropper/Agent.akd!submit [-] TrojanDropper/Agent.ake!submit [-] TrojanDropper/JS.Agent.cc!submit [-] TrojanDropper/LNK.Agent.q!submit [-] TrojanDropper/PS.Agent.y!submit [-] TrojanDropper/W64.Agent.bx!submit [-] TrojanSpy/Keylogger.fd!submit ```新增正式定义: 11
``` [+] Trojan/BAT.Runner.bn!crit [+] Trojan/MSIL.Obfuscated.al!crit [+] Trojan/SCR.KillLinux.b!crit [+] Trojan/SCR.ShellCode.d!crit [+] Trojan/W32.FakeApp.d!crit [+] Trojan/W64.Loader.aj!crit [+] Trojan/W64.Loader.ak!crit [+] Trojan/W64.ShellLoader.k!crit [+] TrojanDownloader/PS.Agent.bn!crit [+] TrojanDownloader/XML.Agent.a!crit [+] TrojanDropper/W64.Maloader.m!crit ```新增遥测定义: 13 | 移除遥测定义: 14
``` [+] Backdoor/W32.Lotok.ae!crit!submit [+] Backdoor/W64.Havoc.a!crit!submit [+] Ransom/W32.BTCware.i!crit!submit [+] Trojan/Android.Harly.a!crit!submit [+] Trojan/Android.Winge.a!crit!submit [+] Trojan/HTML.Phishing.op!crit!submit [+] Trojan/MSIL.Agent.aaj!crit!submit [+] Trojan/SCR.FakeApp.a!crit!submit [+] Trojan/SCR.Loader.mp!crit!submit [+] Trojan/W32.HiJack.w!crit!submit [+] Trojan/W32.Loader.mp!crit!submit [+] Trojan/W32.ShellLoader.j!crit!submit [+] TrojanSpy/SCR.Stealer.c!crit!submit [-] Trojan/BAT.Runner.bn!crit!submit [-] Trojan/MSIL.Obfuscated.al!crit!submit [-] Trojan/SCR.KillLinux.b!crit!submit [-] Trojan/SCR.ShellCode.d!crit!submit [-] Trojan/W32.Agent.gj!crit!submit [-] Trojan/W32.Agent.x!crit!submit [-] Trojan/W32.FakeApp.d!crit!submit [-] Trojan/W32.ShellLoader.i!crit!submit [-] Trojan/W64.Loader.aj!crit!submit [-] Trojan/W64.Loader.ak!crit!submit [-] Trojan/W64.ShellLoader.jaaa!crit!submit [-] TrojanDownloader/PS.Agent.bn!crit!submit [-] TrojanDownloader/XML.Agent.a!crit!submit [-] TrojanDropper/W64.Maloader.m!crit!submit ```1767527465 - 2026-01-04 11:51:05 UTC
#### 特征项变更 ([pset.txt](data/1767527465.pset.txt))新增正式定义: 34 | 移除正式定义: 1
``` [+] Adware/Android.PornTool.m [+] Backdoor/Linux.Gafgyt.bz [+] Backdoor/Linux.Mirai.ku [+] Backdoor/W64.AdaptixC2.a [+] HEUR:Trojan/BAT.Loader.i [+] HEUR:Trojan/FakeApp.aam [+] Joke/BAT.ForkBomb.d [+] Ransom/Filecoder.ei [+] Trojan/Agent.cln [+] Trojan/FakeApp.aam [+] Trojan/FakeApp.aau [+] Trojan/HTML.Injector.n [+] Trojan/Injector.ckx [+] Trojan/Injector.cle [+] Trojan/Injector.clf [+] Trojan/KillMBR.cl [+] Trojan/Loader.mc [+] Trojan/MSIL.Obfuscated.js [+] Trojan/MSIL.Runner.l [+] Trojan/MSIL.Runner.m [+] Trojan/ReverseShell.x [+] Trojan/ShellLoader.agw [+] Trojan/W64.Injector.bw [+] TrojanDownloader/Agent.blm [+] TrojanDownloader/JS.Agent.id [+] TrojanDownloader/Maloader.bl [+] TrojanDropper/Agent.ajx [+] TrojanDropper/Agent.ajy [+] TrojanDropper/Agent.ajz [+] TrojanDropper/Agent.aka [+] TrojanDropper/BAT.Maloader.e [+] TrojanDropper/W64.Agent.bw [+] TrojanSpy/KeyLogger.fc [+] TrojanSpy/MSIL.Stealer.kt [-] TrojanDropper/Agent.ajt ```新增遥测定义: 38 | 移除遥测定义: 35
``` [+] Backdoor/Linux.Mirai.kv!submit [+] Backdoor/Lotok.ny!submit [+] Backdoor/MSIL.AsyncRAT.ab!submit [+] HEUR:Ransom/Filecoder.ek!submit [+] HVM:Backdoor/Lotok.cg!submit [+] HVM:Backdoor/Lotok.ch!submit [+] HVM:Trojan/MalBehav.h!submit [+] HVM:TrojanDownloader/Small.dq!submit [+] HackTool/ConnectWiseControl.h!submit [+] Ransom/LockFile.qw!submit [+] Rootkit/Hook.at!submit [+] Trojan/BAT.Shutdown.e!submit [+] Trojan/FakeApp.aav!submit [+] Trojan/FakeApp.aaw!submit [+] Trojan/FakeApp.aax!submit [+] Trojan/Injector.clg!submit [+] Trojan/KillDisk.eb!submit [+] Trojan/Loader.mn!submit [+] Trojan/MSIL.Obfuscated.jt!submit [+] Trojan/MSIL.Obfuscated.ju!submit [+] Trojan/ShellLoader.agx!submit [+] Trojan/ShellLoader.agy!submit [+] Trojan/ShellLoader.agz!submit [+] Trojan/W64.Injector.bx!submit [+] Trojan/W64.Injector.by!submit [+] Trojan/W64.Rhadamanthys.a!submit [+] TrojanDownloader/JS.Agent.ie!submit [+] TrojanDownloader/Maloader.bm!submit [+] TrojanDropper/Agent.ajt!submit [+] TrojanDropper/Agent.akb!submit [+] TrojanDropper/Agent.akc!submit [+] TrojanDropper/Agent.akd!submit [+] TrojanDropper/Agent.ake!submit [+] TrojanDropper/JS.Agent.cc!submit [+] TrojanDropper/LNK.Agent.q!submit [+] TrojanDropper/PS.Agent.y!submit [+] TrojanDropper/W64.Agent.bx!submit [+] TrojanSpy/Keylogger.fd!submit [-] Adware/Android.PornTool.m!submit [-] Backdoor/Linux.Gafgyt.bz!submit [-] Backdoor/Linux.Mirai.ku!submit [-] Backdoor/W64.AdaptixC2.a!submit [-] HEUR:Trojan/BAT.Loader.i!submit [-] HEUR:Trojan/FakeApp.aam!submit [-] Joke/BAT.ForkBomb.d!submit [-] Ransom/Filecoder.ei!submit [-] Trojan/Agent.cln!submit [-] Trojan/FakeApp.aam!submit [-] Trojan/FakeApp.aau!submit [-] Trojan/HTML.Injector.n!submit [-] Trojan/Injector.ckx!submit [-] Trojan/Injector.cle!submit [-] Trojan/Injector.clf!submit [-] Trojan/KillMBR.cl!submit [-] Trojan/Loader.mc!submit [-] Trojan/MSIL.Obfuscated.js!submit [-] Trojan/MSIL.Runner.l!submit [-] Trojan/MSIL.Runner.m!submit [-] Trojan/ReverseShell.x!submit [-] Trojan/ShellLoader.agv!submit [-] Trojan/ShellLoader.agw!submit [-] Trojan/W64.Injector.bw!submit [-] TrojanDownloader/Agent.blm!submit [-] TrojanDownloader/JS.Agent.id!submit [-] TrojanDownloader/Maloader.bl!submit [-] TrojanDropper/Agent.ajx!submit [-] TrojanDropper/Agent.ajy!submit [-] TrojanDropper/Agent.ajz!submit [-] TrojanDropper/Agent.aka!submit [-] TrojanDropper/BAT.Maloader.e!submit [-] TrojanDropper/W64.Agent.bw!submit [-] TrojanSpy/KeyLogger.fc!submit [-] TrojanSpy/MSIL.Stealer.kt!submit ```新增正式定义: 14
``` [+] Adware/Android.PornTool.e!crit [+] Adware/Android.PornTool.f!crit [+] Backdoor/MSIL.Bladabindi.bc!crit [+] Trojan/MSIL.ClipBanker.l!crit [+] Trojan/MSIL.Obfuscated.js!crit [+] Trojan/Python.Obfuscated.i!crit [+] Trojan/SCR.ShellCode.c [+] Trojan/W32.HiJack.v!crit [+] Trojan/W32.RigelMiner.a!crit [+] Trojan/W32.RigelMiner.b!crit [+] TrojanDownloader/Linux.Agent.d!crit [+] TrojanDownloader/W32.ShellLoader.a!crit [+] TrojanDownloader/W64.Agent.b!crit [+] TrojanDownloader/W64.ShellcodeRunner.a!crit ```新增遥测定义: 41 | 移除遥测定义: 15
``` [+] Backdoor/Linux.Mirai.a!crit!submit [+] Backdoor/MSIL.ReverseShell.a!crit!submit [+] Backdoor/MSIL.ReverseShell.b!crit!submit [+] Backdoor/PHP.WebShell.g!crit!submit [+] Backdoor/PHP.WebShell.h!crit!submit [+] Backdoor/PHP.WebShell.i!crit!submit [+] Backdoor/PHP.WebShell.j!crit!submit [+] Backdoor/PHP.WebShell.k!crit!submit [+] Backdoor/PHP.WebShell.l!crit!submit [+] Backdoor/PHP.WebShell.m!crit!submit [+] Backdoor/PHP.WebShell.n!crit!submit [+] Backdoor/PHP.WebShell.o!crit!submit [+] HEUR:Trojan/W32.Obfuscated.a!crit!submit [+] Joke/BAT.KeyJammer.a!crit!submit [+] Joke/BAT.KillWin.a!crit!submit [+] Ransom/MSIL.LockFile.a!crit!submit [+] Ransom/MSIL.LockScreen.a!crit!submit [+] Trojan/BAT.Runner.bn!crit!submit [+] Trojan/MSIL.Agent.a!crit!submit [+] Trojan/MSIL.Injector.a!crit!submit [+] Trojan/MSIL.Injector.b!crit!submit [+] Trojan/MSIL.Obfuscated.al!crit!submit [+] Trojan/SCR.KillLinux.b!crit!submit [+] Trojan/SCR.ShellCode.d!crit!submit [+] Trojan/W32.Agent.gj!crit!submit [+] Trojan/W32.Agent.x!crit!submit [+] Trojan/W32.FakeApp.d!crit!submit [+] Trojan/W32.ShellLoader.i!crit!submit [+] Trojan/W64.Loader.aj!crit!submit [+] Trojan/W64.Loader.ak!crit!submit [+] Trojan/W64.ShellLoader.jaaa!crit!submit [+] TrojanDownloader/PS.Agent.bn!crit!submit [+] TrojanDownloader/XML.Agent.a!crit!submit [+] TrojanDropper/MSIL.ShellLoader.b!crit!submit [+] TrojanDropper/W64.Maloader.m!crit!submit [+] TrojanSpy/MSIL.Keylogger.a!crit!submit [+] TrojanSpy/MSIL.Stealer.ccu!crit!submit [+] TrojanSpy/MSIL.Stealer.ccv!crit!submit [+] TrojanSpy/MSIL.Stealer.ccw!crit!submit [+] TrojanSpy/SCR.Stealer.b!crit!submit [+] TrojanSpy/W64.ClipBanker.a!crit!submit [-] Adware/Android.PornTool.e!crit!submit [-] Adware/Android.PornTool.f!crit!submit [-] Backdoor/MSIL.Bladabindi.bc!crit!submit [-] Backdoor/W32.Lotok.r!crit!submit [-] Trojan/MSIL.ClipBanker.l!crit!submit [-] Trojan/MSIL.Obfuscated.js!crit!submit [-] Trojan/Python.Obfuscated.i!crit!submit [-] Trojan/SCR.ShellCode.c!crit!submit [-] Trojan/W32.HiJack.v!crit!submit [-] Trojan/W32.RigelMiner.a!crit!submit [-] Trojan/W32.RigelMiner.b!crit!submit [-] TrojanDownloader/Linux.Agent.d!crit!submit [-] TrojanDownloader/W32.ShellLoader.a!crit!submit [-] TrojanDownloader/W64.Agent.b!crit!submit [-] TrojanDownloader/W64.ShellcodeRunner.a!crit!submit ```新增: 2 | 移除: 1
``` [+] Backdoor/Lotok.P [+] TrojanDropper/MalSetup.OB!submit [-] Backdoor/Lotok.ZAB!submit ```1767443553 - 2026-01-03 12:32:33 UTC
#### 黑名单哈希变更 ([troj.txt](data/1767443553.troj.txt)) 新增: 411767352866 - 2026-01-02 11:21:06 UTC
#### 黑名单哈希变更 ([troj.txt](data/1767352866.troj.txt)) 新增: 61 | 移除: 11767267452 - 2026-01-01 11:37:32 UTC
#### 黑名单哈希变更 ([troj.txt](data/1767267452.troj.txt)) 新增: 86 | 移除: 2 #### 白名单哈希变更 ([hwl.txt](data/1767267452.hwl.txt)) 新增: 41767177959 - 2025-12-31 10:45:59 UTC
#### 特征项变更 ([pset.txt](data/1767177959.pset.txt))新增正式定义: 31
``` [+] Backdoor/Lotok.nq [+] HEUR:Trojan/ShellLoader.agv [+] HVM:Backdoor/Lotok.cf [+] Rootkit/MiniFilter.b [+] Trojan/BAT.KillWin.bd [+] Trojan/BAT.Runner.bm [+] Trojan/Bladabindi.e [+] Trojan/CoinMiner.la [+] Trojan/FakeApp.aap [+] Trojan/FakeApp.aaq [+] Trojan/FakeApp.aar [+] Trojan/FakeApp.aas [+] Trojan/FakeApp.aat [+] Trojan/Injector.cld [+] Trojan/MSIL.Obfuscated.jr [+] Trojan/Python.CoinMiner.j [+] Trojan/Python.Popups.b [+] Trojan/Runner.fk [+] Trojan/ShellLoader.agv [+] Trojan/VBS.Agent.em [+] Trojan/W64.Loader.ae [+] Trojan/W64.Loader.af [+] Trojan/W64.Loader.ag [+] Trojan/W64.Loader.ah [+] Trojan/W64.Loader.ai [+] Trojan/W64.ReverseShell.a [+] TrojanDownloader/JS.Agent.ic [+] TrojanDownloader/MSIL.Agent.aji [+] TrojanDownloader/PS.Agent.ey [+] TrojanDownloader/PS.Agent.ez [+] TrojanDropper/Agent.ajw ```新增遥测定义: 30 | 移除遥测定义: 30
``` [+] Adware/Android.PornTool.m!submit [+] Backdoor/Linux.Gafgyt.bz!submit [+] Backdoor/Linux.Mirai.ku!submit [+] HEUR:Trojan/BAT.Loader.k!submit [+] HVM:Trojan/Injector.bo!submit [+] Ransom/Filecoder.ei!submit [+] Trojan/Agent.cln!submit [+] Trojan/FakeApp.aam!submit [+] Trojan/FakeApp.aau!submit [+] Trojan/Injector.cle!submit [+] Trojan/Injector.clf!submit [+] Trojan/KillMBR.cl!submit [+] Trojan/Linux.Mirai.gc!submit [+] Trojan/MSIL.Obfuscated.js!submit [+] Trojan/MSIL.Runner.l!submit [+] Trojan/MSIL.Runner.m!submit [+] Trojan/ReverseShell.x!submit [+] Trojan/ShellLoader.agw!submit [+] Trojan/W64.Injector.bw!submit [+] TrojanDownloader/Agent.blm!submit [+] TrojanDownloader/JS.Agent.id!submit [+] TrojanDownloader/Maloader.bl!submit [+] TrojanDropper/Agent.ajx!submit [+] TrojanDropper/Agent.ajy!submit [+] TrojanDropper/Agent.ajz!submit [+] TrojanDropper/Agent.aka!submit [+] TrojanDropper/BAT.Maloader.e!submit [+] TrojanDropper/W64.Agent.bw!submit [+] TrojanSpy/KeyLogger.fc!submit [+] TrojanSpy/MSIL.Stealer.kt!submit [-] Backdoor/Lotok.nq!submit [-] HEUR:Trojan/ShellLoader.agv!submit [-] HVM:Backdoor/Lotok.cf!submit [-] Rootkit/MiniFilter.b!submit [-] Trojan/BAT.KillWin.bd!submit [-] Trojan/BAT.Runner.bm!submit [-] Trojan/Bladabindi.e!submit [-] Trojan/CoinMiner.la!submit [-] Trojan/FakeApp.aap!submit [-] Trojan/FakeApp.aaq!submit [-] Trojan/FakeApp.aar!submit [-] Trojan/FakeApp.aas!submit [-] Trojan/FakeApp.aat!submit [-] Trojan/Injector.cld!submit [-] Trojan/MSIL.Obfuscated.jr!submit [-] Trojan/Python.CoinMiner.j!submit [-] Trojan/Python.Popups.b!submit [-] Trojan/Runner.fk!submit [-] Trojan/VBS.Agent.em!submit [-] Trojan/W64.Loader.ae!submit [-] Trojan/W64.Loader.af!submit [-] Trojan/W64.Loader.ag!submit [-] Trojan/W64.Loader.ah!submit [-] Trojan/W64.Loader.ai!submit [-] Trojan/W64.ReverseShell.a!submit [-] TrojanDownloader/JS.Agent.ic!submit [-] TrojanDownloader/MSIL.Agent.aji!submit [-] TrojanDownloader/PS.Agent.ey!submit [-] TrojanDownloader/PS.Agent.ez!submit [-] TrojanDropper/Agent.ajw!submit ```新增正式定义: 5
``` [+] Trojan/SCR.ShellCode.b!crit [+] Trojan/VBS.Loader.e [+] Trojan/W32.HiJack.u!crit [+] Trojan/W64.Agent.gj!crit [+] TrojanSpy/SCR.Stealer.a!crit ```新增遥测定义: 16 | 移除遥测定义: 8
``` [+] Adware/Android.PornTool.e!crit!submit [+] Adware/Android.PornTool.f!crit!submit [+] Backdoor/MSIL.Bladabindi.bc!crit!submit [+] Backdoor/W32.Lotok.r!crit!submit [+] Trojan/MSIL.ClipBanker.l!crit!submit [+] Trojan/MSIL.Obfuscated.js!crit!submit [+] Trojan/Python.Obfuscated.i!crit!submit [+] Trojan/SCR.ShellCode.c!crit!submit [+] Trojan/SCR.ShellLoader.a!crit!submit [+] Trojan/W32.HiJack.v!crit!submit [+] Trojan/W32.RigelMiner.a!crit!submit [+] Trojan/W32.RigelMiner.b!crit!submit [+] TrojanDownloader/Linux.Agent.d!crit!submit [+] TrojanDownloader/W32.ShellLoader.a!crit!submit [+] TrojanDownloader/W64.Agent.b!crit!submit [+] TrojanDownloader/W64.ShellcodeRunner.a!crit!submit [-] Trojan/SCR.Loader.a!crit!submit [-] Trojan/SCR.ShellCode.b!crit!submit [-] Trojan/W32.Agent.w!crit!submit [-] Trojan/W32.HiJack.u!crit!submit [-] Trojan/W64.Agent.gj!crit!submit [-] Trojan/W64.ShellLoader.j!crit!submit [-] TrojanDownloader/W32.Maloader.bl!crit!submit [-] TrojanSpy/SCR.Stealer.a!crit!submit ```新增: 4 | 移除: 3
``` [+] ADV:Ransom/Genalocker.ZDA!submit [+] Backdoor/Lotok.QDA [+] Backdoor/Lotok.QDB [+] TrojanDropper/MalSetup.P [-] ADV:Ransom/Genalocker.ZCA!submit [-] Backdoor/Lotok.QDA!submit [-] Backdoor/Lotok.QDB!submit ```1767093364 - 2025-12-30 11:16:04 UTC
#### 特征项变更 ([pset.txt](data/1767093364.pset.txt))新增正式定义: 56
``` [+] Backdoor/Agent.nf [+] Backdoor/Agent.od [+] Backdoor/JS.Webshell.l [+] Backdoor/Lotok.nw [+] Backdoor/Lotok.nx [+] Backdoor/W64.Agent.i [+] HEUR:Trojan/Agent.clm [+] HEUR:Trojan/BAT.KillWin.bc [+] HEUR:Trojan/FakeApp.at [+] HEUR:Trojan/KillWin.e [+] HVM:Backdoor/Lotok.cd [+] HVM:Backdoor/Lotok.ce [+] HVM:Trojan/ShellLoader.ci [+] HackTool/Python.RemoteExec.a [+] Hacktool/CoinMiner [+] Rootkit/Inject.b [+] Trojan/Agent.clm [+] Trojan/BAT.Agent.gp [+] Trojan/BAT.Injector.d [+] Trojan/BAT.Injector.e [+] Trojan/BAT.KillWin.ba [+] Trojan/BAT.Loader.h [+] Trojan/FakeApp.aal [+] Trojan/FakeApp.aan [+] Trojan/FakeApp.aao [+] Trojan/JS.Agent.gp [+] Trojan/JS.Agent.gq [+] Trojan/JS.Loader.d [+] Trojan/KillAV.db [+] Trojan/Linux.CoinMiner.dt [+] Trojan/Linux.CoinMiner.du [+] Trojan/Linux.CoinMiner.dv [+] Trojan/Linux.DDoS.be [+] Trojan/Linux.Mirai.fz [+] Trojan/Linux.Mirai.ga [+] Trojan/Linux.Mirai.gb [+] Trojan/Loader.mm [+] Trojan/MSIL.Injector.qf [+] Trojan/MSIL.Obfuscated.jq [+] Trojan/Python.KillDisk.e [+] Trojan/ShellLoader.agr [+] Trojan/ShellLoader.ags [+] Trojan/ShellLoader.agt [+] Trojan/ShellLoader.agu [+] Trojan/W64.Loader.ab [+] Trojan/W64.Loader.ac [+] Trojan/W64.Loader.ad [+] Trojan/W64.Merlin.a [+] TrojanDownloader/JS.Agent.ib [+] TrojanDownloader/Linux.Hajime.b [+] TrojanDownloader/PS.Agent.ex [+] TrojanDownloader/Rugmi.ab [+] TrojanDropper/Agent.ajt [+] TrojanDropper/Agent.aju [+] TrojanDropper/Agent.ajv [+] TrojanSpy/MSIL.Stealer.ks ```新增遥测定义: 35 | 移除遥测定义: 55
``` [+] Backdoor/Linux.Gafgyt.by!submit [+] Backdoor/Lotok.nq!submit [+] Backdoor/W64.AdaptixC2.a!submit [+] HEUR:Backdoor/Linux.Mirai.ku!submit [+] HEUR:Trojan/BAT.Loader.j!submit [+] HEUR:Trojan/FakeApp.aam!submit [+] HEUR:Trojan/ShellLoader.agv!submit [+] HVM:Backdoor/Lotok.cf!submit [+] Rootkit/MiniFilter.b!submit [+] Trojan/BAT.KillWin.bd!submit [+] Trojan/BAT.Runner.bm!submit [+] Trojan/Bladabindi.e!submit [+] Trojan/FakeApp.aap!submit [+] Trojan/FakeApp.aaq!submit [+] Trojan/FakeApp.aar!submit [+] Trojan/FakeApp.aas!submit [+] Trojan/FakeApp.aat!submit [+] Trojan/Injector.cld!submit [+] Trojan/MSIL.Obfuscated.jr!submit [+] Trojan/Python.CoinMiner.j!submit [+] Trojan/Python.Popups.b!submit [+] Trojan/Runner.fk!submit [+] Trojan/ShellLoader.agv!submit [+] Trojan/VBS.Agent.em!submit [+] Trojan/W64.Loader.ae!submit [+] Trojan/W64.Loader.af!submit [+] Trojan/W64.Loader.ag!submit [+] Trojan/W64.Loader.ah!submit [+] Trojan/W64.Loader.ai!submit [+] Trojan/W64.ReverseShell.a!submit [+] TrojanDownloader/JS.Agent.ic!submit [+] TrojanDownloader/MSIL.Agent.aji!submit [+] TrojanDownloader/PS.Agent.ey!submit [+] TrojanDownloader/PS.Agent.ez!submit [+] TrojanDropper/Agent.ajw!submit [-] Backdoor/Agent.nf!submit [-] Backdoor/Agent.od!submit [-] Backdoor/JS.Webshell.l!submit [-] Backdoor/Lotok.nw!submit [-] Backdoor/Lotok.nx!submit [-] Backdoor/W64.Agent.i!submit [-] Exploit/Vulndriver.s!submit [-] HEUR:Trojan/Agent.clm!submit [-] HEUR:Trojan/BAT.KillWin.bc!submit [-] HEUR:Trojan/FakeApp.at!submit [-] HEUR:Trojan/KillWin.e!submit [-] HVM:Backdoor/Lotok.cd!submit [-] HVM:Backdoor/Lotok.ce!submit [-] HVM:Trojan/ShellLoader.ci!submit [-] HackTool/Python.RemoteExec.a!submit [-] Rootkit/Inject.b!submit [-] Trojan/Agent.clm!submit [-] Trojan/BAT.Agent.gp!submit [-] Trojan/BAT.Injector.d!submit [-] Trojan/BAT.Injector.e!submit [-] Trojan/BAT.Loader.h!submit [-] Trojan/FakeApp.aal!submit [-] Trojan/FakeApp.aam!submit [-] Trojan/FakeApp.aan!submit [-] Trojan/FakeApp.aao!submit [-] Trojan/JS.Agent.gp!submit [-] Trojan/JS.Agent.gq!submit [-] Trojan/JS.Loader.d!submit [-] Trojan/KillAV.db!submit [-] Trojan/Linux.CoinMiner.du!submit [-] Trojan/Linux.CoinMiner.dv!submit [-] Trojan/Linux.DDoS.be!submit [-] Trojan/Linux.Mirai.fz!submit [-] Trojan/Linux.Mirai.ga!submit [-] Trojan/Linux.Mirai.gb!submits [-] Trojan/Loader.mm!submit [-] Trojan/MSIL.Injector.qf!submit [-] Trojan/MSIL.Obfuscated.jq!submit [-] Trojan/Python.KillDisk.e!submit [-] Trojan/ShellLoader.agr!submit [-] Trojan/ShellLoader.ags!submit [-] Trojan/ShellLoader.agt!submit [-] Trojan/ShellLoader.agu!submit [-] Trojan/W64.Loader.ab!submit [-] Trojan/W64.Loader.ac!submit [-] Trojan/W64.Loader.ad!submit [-] Trojan/W64.Merlin.a!submit [-] TrojanDownloader/JS.Agent.ib!submit [-] TrojanDownloader/Linux.Hajime.b!submit [-] TrojanDownloader/PS.Agent.ex!submit [-] TrojanDownloader/Rugmi.ab!submit [-] TrojanDropper/Agent.ajt!submit [-] TrojanDropper/Agent.aju!submit [-] TrojanDropper/Agent.ajv!submit [-] TrojanSpy/MSIL.Stealer.ks!submit ```新增正式定义: 8
``` [+] Backdoor/W32.Small.z!crit [+] Backdoor/W64.Agent.f!crit [+] Exploit/SCR.CVE-2017-0199.b!crit [+] Trojan/MSIL.Obfuscated.aj!crit [+] Trojan/MSIL.Obfuscated.ak!crit [+] Trojan/MSIL.ShellLoader.a!crit [+] Trojan/W32.Scar.d!crit [+] TrojanDropper/W32.Tedy.a!crit ```新增遥测定义: 8 | 移除遥测定义: 12
``` [+] Trojan/SCR.Loader.a!crit!submit [+] Trojan/SCR.ShellCode.b!crit!submit [+] Trojan/W32.Agent.w!crit!submit [+] Trojan/W32.HiJack.u!crit!submit [+] Trojan/W64.Agent.gj!crit!submit [+] Trojan/W64.ShellLoader.j!crit!submit [+] TrojanDownloader/W32.Maloader.bl!crit!submit [+] TrojanSpy/SCR.Stealer.a!crit!submit [-] Backdoor/W32.Lotok.q!crit!submit [-] Backdoor/W32.Small.z!crit!submit [-] Backdoor/W64.Agent.f!crit!submit [-] Exploit/SCR.CVE-2017-0199.b!crit!submit [-] Trojan/MSIL.Obfuscated.aj!crit!submit [-] Trojan/MSIL.Obfuscated.ak!crit!submit [-] Trojan/MSIL.ShellLoader.a!crit!submit [-] Trojan/W32.Agent.cln!crit!submit [-] Trojan/W32.Agent.v!crit!submit [-] Trojan/W32.Scar.d!crit!submit [-] Trojan/W32.ShellLoader.h!crit!submit [-] TrojanDropper/W32.Tedy.a!crit!submit ```新增: 5 | 移除: 2
``` [+] ADV:Ransom/Genalocker.ZCA!submit [+] ADV:Ransom/Genalocker.ZCB!submit [+] Backdoor/Lotok.QDA!submit [+] Backdoor/Lotok.QDB!submit [+] TrojanDropper/MalSetup.PA!submit [-] ADV:Ransom/Genalocker.ZBA!submit [-] ADV:Ransom/Genalocker.ZBB!submit ```1767007867 - 2025-12-29 11:31:07 UTC
#### 特征项变更 ([pset.txt](data/1767007867.pset.txt))新增正式定义: 49 | 移除正式定义: 1
``` [+] Backdoor/JSP.WebShell.bw [+] Backdoor/Linux.Gafgyt.bx [+] Backdoor/Lotok.nr [+] Backdoor/Lotok.ns [+] Backdoor/Lotok.nt [+] Backdoor/Lotok.nu [+] Backdoor/Python.Agent.m [+] Exploit/CVE-2016-0099.c [+] HEUR:Trojan/ShellLoader.az [+] HEUR:TrojanDownloader/Maloader.bl [+] HEUR:TrojanDropper/Agent.aq [+] HEUR:Worm/Autorun.ak [+] HVM:Trojan/ShellLoader.ch [+] HVM:TrojanSpy/Stealer.p [+] HackTool/ProxyTool.i [+] HackTool/W64.Merlin.a [+] OMacro/Downloader.bov [+] Rootkit/Injecter [+] Trojan/BAT.Runner.bl [+] Trojan/FakeApp.aaf [+] Trojan/FakeApp.aag [+] Trojan/FakeApp.aah [+] Trojan/FakeApp.aai [+] Trojan/FakeApp.aaj [+] Trojan/FakeApp.aak [+] Trojan/HTML.Obfuscator.b [+] Trojan/HiJack.yh [+] Trojan/Hijack.yh [+] Trojan/Hijack.yi [+] Trojan/Linux.Merlin.b [+] Trojan/Linux.Mirai.fy [+] Trojan/Loader.mj [+] Trojan/Loader.mk [+] Trojan/Loader.ml [+] Trojan/Merlin.b [+] Trojan/Merlin.c [+] Trojan/PS.Loader.l [+] Trojan/Runner.fj [+] Trojan/ShellLoader.agp [+] Trojan/Sonbokli.a [+] TrojanDownloader/Linux.Hajime.c [+] TrojanDownloader/PS.Agent.ew [+] TrojanDownloader/Python.Netloader.h [+] TrojanDownloader/VBS.Agent.ka [+] TrojanDropper/Agent.ajr [+] TrojanDropper/Agent.ajs [+] TrojanDropper/Linux.Exploit.a [+] TrojanSpy/AutoIt.Stealer.k [+] TrojanSpy/Python.SteamStealer.a [-] Backdoor/Lotok.nq ```新增遥测定义: 56 | 移除遥测定义: 59
``` [+] Backdoor/Agent.nf!submit [+] Backdoor/Agent.od!submit [+] Backdoor/JS.Webshell.l!submit [+] Backdoor/Linux.Mirai.ko!submit [+] Backdoor/Lotok.nw!submit [+] Backdoor/Lotok.nx!submit [+] Backdoor/W64.Agent.i!submit [+] Exploit/Vulndriver.s!submit [+] HEUR:Trojan/Agent.clm!submit [+] HEUR:Trojan/BAT.KillWin.bc!submit [+] HEUR:Trojan/BAT.Loader.i!submit [+] HEUR:Trojan/FakeApp.at!submit [+] HEUR:Trojan/KillWin.e!submit [+] HVM:Backdoor/Lotok.cd!submit [+] HVM:Backdoor/Lotok.ce!submit [+] HVM:Trojan/ShellLoader.ci!submit [+] HackTool/Python.RemoteExec.a!submit [+] Rootkit/Inject.b!submit [+] Trojan/Agent.clm!submit [+] Trojan/BAT.Agent.gp!submit [+] Trojan/BAT.Injector.d!submit [+] Trojan/BAT.Injector.e!submit [+] Trojan/BAT.Loader.h!submit [+] Trojan/CoinMiner.la!submit [+] Trojan/FakeApp.aal!submit [+] Trojan/FakeApp.aam!submit [+] Trojan/FakeApp.aan!submit [+] Trojan/FakeApp.aao!submit [+] Trojan/JS.Agent.gp!submit [+] Trojan/JS.Agent.gq!submit [+] Trojan/JS.Loader.d!submit [+] Trojan/KillAV.db!submit [+] Trojan/Linux.CoinMiner.du!submit [+] Trojan/Linux.CoinMiner.dv!submit [+] Trojan/Linux.DDoS.be!submit [+] Trojan/Linux.Mirai.fz!submit [+] Trojan/Linux.Mirai.ga!submit [+] Trojan/Linux.Mirai.gb!submits [+] Trojan/Loader.mm!submit [+] Trojan/MSIL.Injector.qf!submit [+] Trojan/MSIL.Obfuscated.jq!submit [+] Trojan/Python.KillDisk.e!submit [+] Trojan/ShellLoader.agr!submit [+] Trojan/ShellLoader.ags!submit [+] Trojan/ShellLoader.agt!submit [+] Trojan/ShellLoader.agu!submit [+] Trojan/W64.Loader.ab!submit [+] Trojan/W64.Loader.ac!submit [+] Trojan/W64.Loader.ad!submit [+] Trojan/W64.Merlin.a!submit [+] TrojanDownloader/JS.Agent.ib!submit [+] TrojanDownloader/PS.Agent.ex!submit [+] TrojanDownloader/Rugmi.ab!submit [+] TrojanDropper/Agent.ajt!submit [+] TrojanDropper/Agent.aju!submit [+] TrojanDropper/Agent.ajv!submit [-] Backdoor/JSP.WebShell.bw!submit [-] Backdoor/Kingsoft.c!submit [-] Backdoor/Linux.Gafgyt.bx!submit [-] Backdoor/Lotok.nr!submit [-] Backdoor/Lotok.ns!submit [-] Backdoor/Lotok.nt!submit [-] Backdoor/Lotok.nu!submit [-] Exploit/CVE-2016-0099.c!submit [-] HEUR:Trojan/ShellLoader.az!submit [-] HEUR:TrojanDownloader/Maloader.bl!submit [-] HEUR:TrojanDropper/Agent.aq!submit [-] HEUR:Worm/Autorun.ak!submit [-] HVM:Trojan/ShellLoader.ch!submit [-] HVM:TrojanSpy/Stealer.p!submit [-] HackTool/CoinMiner!submit [-] HackTool/ProxyTool.i!submit [-] HackTool/W64.Merlin.a!submit [-] OMacro/Downloader.bov!submit [-] Rootkit/Injecter!submit [-] Trojan/BAT.Runner.bl!submit [-] Trojan/CowLock.a!submit [-] Trojan/FakeApp.aaf!submit [-] Trojan/FakeApp.aag!submit [-] Trojan/FakeApp.aah!submit [-] Trojan/FakeApp.aai!submit [-] Trojan/FakeApp.aaj!submit [-] Trojan/FakeApp.aak!submit [-] Trojan/Gooxion.a!submit [-] Trojan/HTML.Obfuscator.b!submit [-] Trojan/HiJack.yh!submit [-] Trojan/Hijack.yh!submit [-] Trojan/Hijack.yi!submit [-] Trojan/Linux.Merlin.b!submit [-] Trojan/Linux.Mirai.fy!submit [-] Trojan/Loader.mj!submit [-] Trojan/Loader.mk!submit [-] Trojan/Loader.ml!submit [-] Trojan/Merlin.b!submit [-] Trojan/Merlin.c!submit [-] Trojan/PS.Loader.l!submit [-] Trojan/Runner.fj!submit [-] Trojan/ShellLoader.agf!submit [-] Trojan/ShellLoader.agm!submit [-] Trojan/ShellLoader.agp!submit [-] Trojan/Sonbokli.a!submit [-] Trojan/VBS.Agent.bv!submit [-] TrojanClicker/Agent.by!submit [-] TrojanDownloader/Linux.Hajime.c!submit [-] TrojanDownloader/PS.Agent.ew!submit [-] TrojanDownloader/Python.Netloader.h!submit [-] TrojanDownloader/VBS.Agent.ka!submit [-] TrojanDropper/Agent.ajr!submit [-] TrojanDropper/Agent.ajs!submit [-] TrojanDropper/Linux.Exploit.a!submit [-] TrojanDropper/Spacecolon.a!submit [-] TrojanSpy/AutoIt.Stealer.k!submit [-] TrojanSpy/Delf.ad!submit [-] TrojanSpy/MSIL.Agent.da!submit [-] TrojanSpy/Python.SteamStealer.a!submit ```新增正式定义: 9
``` [+] Backdoor/W64.Agent.d!crit [+] Backdoor/W64.Agent.e!crit [+] Joke/Python.Agent.b!crit [+] Joke/W64.Agent.az!crit [+] Trojan/MSIL.Obfuscated.ai!crit [+] Trojan/MSIL.PureLogStealer.a!crit [+] Trojan/W64.Agent.clm!crit [+] Trojan/W64.CoinMiner.a!crit [+] Trojan/W64.Loader.b!crit ```新增遥测定义: 11 | 移除遥测定义: 12
``` [+] Backdoor/W32.Lotok.q!crit!submit [+] Backdoor/W32.Small.z!crit!submit [+] Backdoor/W64.Agent.f!crit!submit [+] Exploit/SCR.CVE-2017-0199.b!crit!submit [+] Trojan/MSIL.Obfuscated.aj!crit!submit [+] Trojan/MSIL.Obfuscated.ak!crit!submit [+] Trojan/MSIL.ShellLoader.a!crit!submit [+] Trojan/W32.Agent.cln!crit!submit [+] Trojan/W32.Agent.v!crit!submit [+] Trojan/W32.ShellLoader.h!crit!submit [+] TrojanDropper/W32.Tedy.a!crit!submit [-] Backdoor/W32.Lotok.p!crit!submit [-] Backdoor/W64.Agent.d!crit!submit [-] Backdoor/W64.Agent.e!crit!submit [-] Joke/Python.Agent.b!crit!submit [-] Joke/W64.Agent.az!crit!submit [-] Trojan/MSIL.Obfuscated.ai!crit!submit [-] Trojan/MSIL.PureLogStealer.a!crit!submit [-] Trojan/W32.Agent.clm!crit!submit [-] Trojan/W32.Agent.u!crit!submit [-] Trojan/W64.Agent.clm!crit!submit [-] Trojan/W64.CoinMiner.a!crit!submit [-] Trojan/W64.Loader.b!crit!submit ```新增: 1 | 移除: 1
``` [+] TrojanDropper/MalSetup.OA!submit [-] TrojanDropper/MalSetup.O!submit ```1766920695 - 2025-12-28 11:18:15 UTC
#### 黑哈希变更 ([troj.txt](data/1766920695.troj.txt)) 新增: 111 #### 白名单哈希变更 ([hwl.txt](data/1766920695.hwl.txt)) 新增: 11766836824 - 2025-12-27 12:00:24 UTC
#### 黑名单哈希变更 ([troj.txt](data/1766836824.troj.txt)) 新增: 99 | 移除: 11766750454 - 2025-12-26 12:00:54 UTC
#### 特征项变更 ([pset.txt](data/1766750454.pset.txt))新增正式定义: 51 | 移除正式定义: 3
``` [+] Backdoor/Agent.mv [+] Backdoor/Lotok.nk [+] Backdoor/Lotok.nl [+] Backdoor/Lotok.nm [+] Backdoor/Lotok.nn [+] Backdoor/Lotok.no [+] Backdoor/Lotok.np [+] Backdoor/Lotok.nq [+] Backdoor/Lotok.nv [+] Backdoor/Python.ReverseRAT.c [+] HEUR:Trojan/Agent.ea [+] HEUR:Trojan/Injector.cn [+] HEUR:Trojan/MSIL.Obfuscated.jp [+] HEUR:Worm/AutoRun.aj [+] HVM:Backdoor/Lotok.bz [+] HVM:Backdoor/Lotok.ca [+] HVM:Backdoor/Lotok.cb [+] HVM:Backdoor/Lotok.cc [+] HVM:Trojan/ShellLoader.cg [+] HackTool/GodPotato.b [+] Ransom/Filecoder.eg [+] Trojan/FakeApp.aab [+] Trojan/FakeApp.aac [+] Trojan/FakeApp.aad [+] Trojan/FakeApp.aae [+] Trojan/Glupteba.c [+] Trojan/Injector.clc [+] Trojan/LNK.Starter.cv [+] Trojan/Linux.Mirai.fw [+] Trojan/Loader.mh [+] Trojan/Loader.mi [+] Trojan/MSIL.Obfuscated.jp [+] Trojan/PS.Loader.k [+] Trojan/Python.Obfuscator.d [+] Trojan/Runner.fi [+] Trojan/ShellLoader.agm [+] Trojan/ShellLoader.agn [+] Trojan/ShellLoader.ago [+] Trojan/ShellLoader.agq [+] Trojan/VBS.Obfuscator.q [+] Trojan/W64.Loader.aa [+] Trojan/W64.Loader.z [+] TrojanDownloader/Agent.bjw [+] TrojanDownloader/Agent.bll [+] TrojanDownloader/PS.Agent.et [+] TrojanDownloader/PS.Agent.eu [+] TrojanDownloader/PS.Agent.ev [+] TrojanDownloader/W64.Agent.cl [+] TrojanDownloader/W64.Agent.cm [+] TrojanDropper/BAT.Agent.bl [+] TrojanDropper/Maloader.l [-] HEUR:OMacro/Downloader.cu [-] TrojanDownloader/Linux.Netloader.f [-] TrojanDropper/Linux.Exploit.a ```新增遥测定义: 57 | 移除遥测定义: 50
``` [+] Backdoor/JSP.WebShell.bw!submit [+] Backdoor/Linux.Gafgyt.bx!submit [+] Backdoor/Lotok.nr!submit [+] Backdoor/Lotok.ns!submit [+] Backdoor/Lotok.nt!submit [+] Backdoor/Lotok.nu!submit [+] Backdoor/Python.ReverseRAT.d!submit [+] Exploit/CVE-2016-0099.c!submit [+] HEUR:Trojan/ShellLoader.az!submit [+] HEUR:TrojanDownloader/Maloader.bl!submit [+] HEUR:TrojanDropper/Agent.aq!submit [+] HEUR:Worm/Autorun.ak!submit [+] HVM:Trojan/ShellLoader.ch!submit [+] HVM:TrojanSpy/Stealer.p!submit [+] HackTool/CoinMiner!submit [+] HackTool/ProxyTool.i!submit [+] HackTool/W64.Merlin.a!submit [+] OMacro/Downloader.bov!submit [+] Rootkit/Injecter!submit [+] Trojan/BAT.Runner.bk!submit [+] Trojan/BAT.Runner.bl!submit [+] Trojan/FakeApp.aag!submit [+] Trojan/FakeApp.aah!submit [+] Trojan/FakeApp.aai!submit [+] Trojan/FakeApp.aaj!submit [+] Trojan/FakeApp.aak!submit [+] Trojan/Gooxion.a!submit [+] Trojan/HTML.Injector.n!submit [+] Trojan/HTML.Obfuscator.b!submit [+] Trojan/HiJack.yh!submit [+] Trojan/Hijack.yh!submit [+] Trojan/Hijack.yi!submit [+] Trojan/Linux.CoinMiner.dt!submit [+] Trojan/Linux.Merlin.b!submit [+] Trojan/Loader.mj!submit [+] Trojan/Loader.mk!submit [+] Trojan/Loader.ml!submit [+] Trojan/Merlin.b!submit [+] Trojan/Merlin.c!submit [+] Trojan/PS.Loader.l!submit [+] Trojan/Runner.fj!submit [+] Trojan/ShellLoader.agf!submit [+] Trojan/ShellLoader.agp!submit [+] Trojan/Sonbokli.a!submit [+] TrojanDownloader/Linux.Hajime.b!submit [+] TrojanDownloader/Linux.Hajime.c!submit [+] TrojanDownloader/Linux.Mozi.c!submit [+] TrojanDownloader/Linux.Netloader.f!submit [+] TrojanDownloader/PS.Agent.ew!submit [+] TrojanDownloader/Python.Netloader.h!submit [+] TrojanDownloader/VBS.Agent.ka!submit [+] TrojanDropper/Agent.ajr!submit [+] TrojanDropper/Agent.ajs!submit [+] TrojanDropper/Linux.Exploit.a!submit [+] TrojanSpy/AutoIt.Stealer.k!submit [+] TrojanSpy/MSIL.Stealer.ks!submit [+] TrojanSpy/Python.SteamStealer.a!submit [-] Backdoor/Agent.mv!submit [-] Backdoor/Lotok.nk!submit [-] Backdoor/Lotok.nl!submit [-] Backdoor/Lotok.nm!submit [-] Backdoor/Lotok.nn!submit [-] Backdoor/Lotok.no!submit [-] Backdoor/Lotok.np!submit [-] Backdoor/Lotok.nq!submit [-] Backdoor/Python.ReverseRAT.c!submit [-] HEUR:Trojan/Agent.ea!submit [-] HEUR:Trojan/Injector.cn!submit [-] HEUR:Trojan/MSIL.Obfuscated.jp!submit [-] HEUR:Worm/AutoRun.aj!submit [-] HVM:Backdoor/Lotok.bz!submit [-] HVM:Backdoor/Lotok.ca!submit [-] HVM:Backdoor/Lotok.cb!submit [-] HVM:Backdoor/Lotok.cc!submit [-] HVM:Trojan/ShellLoader.cg!submit [-] HackTool/GodPotato.b!submit [-] Ransom/Filecoder.eg!submit [-] Trojan/Agent.cll!submit [-] Trojan/FakeApp.aab!submit [-] Trojan/FakeApp.aac!submit [-] Trojan/FakeApp.aad!submit [-] Trojan/FakeApp.aae!submit [-] Trojan/Glupteba.c!submit [-] Trojan/Injector.clc!submit [-] Trojan/LNK.Starter.cv!submit [-] Trojan/Linux.Mirai.fw!submit [-] Trojan/Loader.mh!submit [-] Trojan/Loader.mi!submit [-] Trojan/MSIL.Obfuscated.jm!submit [-] Trojan/MSIL.Obfuscated.jp!submit [-] Trojan/PS.Loader.k!submit [-] Trojan/Python.Obfuscator.d!submit [-] Trojan/Runner.fi!submit [-] Trojan/ShellLoader.agn!submit [-] Trojan/ShellLoader.ago!submit [-] Trojan/VBS.Obfuscator.q!submit [-] Trojan/W64.Loader.aa!submit [-] Trojan/W64.Loader.z!submit [-] TrojanDownloader/Agent.bjw!submit [-] TrojanDownloader/Agent.bll!submit [-] TrojanDownloader/PS.Agent.et!submit [-] TrojanDownloader/PS.Agent.eu!submit [-] TrojanDownloader/PS.Agent.ev!submit [-] TrojanDownloader/W64.Agent.cl!submit [-] TrojanDownloader/W64.Agent.cm!submit [-] TrojanDropper/BAT.Agent.bl!submit [-] TrojanDropper/Maloader.l!submit ```新增正式定义: 9
``` [+] Trojan/MSIL.Obfuscated.ah!crit [+] Trojan/SCR.CoinMiner.b!crit [+] Trojan/W32.CoinMiner.la!crit [+] Trojan/W64.ShellLoader.c!crit [+] TrojanDownloader/AutoIT.Maloader.a!crit [+] TrojanDownloader/JS.Agent.b!crit [+] TrojanDownloader/JS.Netloader.f!crit [+] TrojanDropper/W32.Agent.ag!crit [+] TrojanDropper/W32.Agent.k!crit ```新增遥测定义: 38 | 移除遥测定义: 11
``` [+] Backdoor/BAT.ReverseShell.a!crit!submit [+] Backdoor/W32.Lotok.o!crit!submit [+] Backdoor/W32.Lotok.p!crit!submit [+] Backdoor/W64.Agent.d!crit!submit [+] Backdoor/W64.Agent.e!crit!submit [+] HackTool/PHP.Botsant.b!crit!submit [+] Joke/BAT.Qhost.a!crit!submit [+] Joke/Python.Agent.b!crit!submit [+] Joke/W64.Agent.az!crit!submit [+] Ransom/PS.HideFile.a!crit!submit [+] Trojan/BAT.CoinMiner.b!crit!submit [+] Trojan/MSIL.Coinminer.a!crit!submit [+] Trojan/MSIL.Obfuscated.ai!crit!submit [+] Trojan/MSIL.PureLogStealer.a!crit!submit [+] Trojan/PS.LockFile.a!crit!submit [+] Trojan/W32.Agent.clm!crit!submit [+] Trojan/W32.Agent.u!crit!submit [+] Trojan/W32.Injector.p!crit!submit [+] Trojan/W32.Scar.d!crit!submit [+] Trojan/W64.Agent.clm!crit!submit [+] Trojan/W64.CoinMiner.a!crit!submit [+] Trojan/W64.Loader.b!crit!submit [+] TrojanDownloader/BAT.Runner.a!crit!submit [+] TrojanDownloader/BAT.Runner.c!crit!submit [+] TrojanDownloader/BAT.Runner.d!crit!submit [+] TrojanDownloader/PS.Agent.a!crit!submit [+] TrojanDownloader/PS.Runner.d!crit!submit [+] TrojanDownloader/PS.Runner.e!crit!submit [+] TrojanDownloader/PS.Runner.f!crit!submit [+] TrojanDownloader/W32.Runner.b!crit!submit [+] TrojanDownloader/W64.Maloader.a!crit!submit [+] TrojanDropper/MSIL.Agent.a!crit!submit [+] TrojanDropper/PS.Runner.b!crit!submit [+] TrojanSpy/PS.Stealer.h!crit!submit [+] TrojanSpy/W32.Keylogger.b!crit!submit [+] TrojanSpy/W32.Stealer.y!crit!submit [+] TrojanSpy/W64.Stealer.b!crit!submit [+] TrojanSpy/W64.Stealer.c!crit!submit [-] BackDoor/BAT.ReverseShell.a!crit!submit [-] Backdoor/W32.Lotok.l!crit!submit [-] Hacktool/PHP.Botsant.b!crit!submit [-] Trojan/MSIL.Obfuscated.ah!crit!submit [-] Trojan/W32.CoinMiner.la!crit!submit [-] Trojan/W32.Obfuscated.ns!crit!submit [-] Trojan/W64.ShellLoader.c!crit!submit [-] TrojanDownloader/AutoIT.Maloader.a!crit!submit [-] TrojanDownloader/JS.Agent.b!crit!submit [-] TrojanDownloader/JS.Netloader.f!crit!submit [-] TrojanDropper/W32.Agent.ag!crit!submit ```新增: 1
``` [+] Software:OS/Gooxion.AA#固信终端安全!submit ```1766655657 - 2025-12-25 09:40:57 UTC
#### 特征项变更 ([pset.txt](data/1766655657.pset.txt)) 新增正式定义: 65,357 新增遥测定义: 881 #### 关键哈希特征项变更 ([crithash.txt](data/1766655657.crithash.txt)) 新增正式定义: 74,410 新增遥测定义: 5,883 #### 行为特征项变更 ([behav.txt](data/1766655657.behav.txt)) 新增: 896 #### 黑名单哈希变更 ([troj.txt](data/1766655657.troj.txt)) 新增: 186,016 #### 白名单哈希变更 ([hwl.txt](data/1766655657.hwl.txt)) 新增: 141,833标签:AMSI绕过, DAST, Huorong, pset.db, troj.db, 免杀对抗, 勒索病毒, 后门检测, 威胁检测, 安全情报, 恶意软件分析, 数据库解析, 木马查杀, 样本分析, 火绒安全, 病毒库更新, 白名单哈希, 网络安全, 网络安全研究, 逆向工具, 隐私保护, 黑名单哈希