記事表示
Trojan:HTML/FakeCaptcha.HNA!MTB - -
2024/12/30 (Mon) 20:15:02
Verify You Are Human
Please verify that you are a human to continue.
I'm not a robot
→ Verification Steps
→ 1.
→ 2.
→ 3.
[OK]を押した結果
Windows セキュリティ
ウイルスと脅威の防止
見つかった脅威の数
Microsoft Defender ウイルス対策で脅威が見つかりま
した。詳細をご確認ください。
Trojan:Script/Wacatac.H!ml
file: C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\IE\YJ38P715\web44[1].mp4
文字が、マルウェア↓として反応?される為 修正して画像に移します
web44.mp4 (<script●?)
www.virustotal.com/gui/url/82a238bf4f5d618063813b35f65727441d7c6f634a860be51eac3127fac4047a
5/96
Please verify that you are a human to continue.
I'm not a robot
→ Verification Steps
→ 1.
→ 2.
→ 3.
[OK]を押した結果
Windows セキュリティ
ウイルスと脅威の防止
見つかった脅威の数
Microsoft Defender ウイルス対策で脅威が見つかりま
した。詳細をご確認ください。
Trojan:Script/Wacatac.H!ml
file: C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\IE\YJ38P715\web44[1].mp4
文字が、マルウェア↓として反応?される為 修正して画像に移します
web44.mp4 (<script●?)
www.virustotal.com/gui/url/82a238bf4f5d618063813b35f65727441d7c6f634a860be51eac3127fac4047a
5/96
Lumma Stealer - -
2025/01/05 (Sun) 20:02:00
20250102
web44.mp4
www.virustotal.com/gui/url/4864e60175ec2fb6f2724c0830c3bf09c043d327c5824e77c8c2a8b2e077fdcf
7/96
20250103 Trojan Matryoshka系に変化?
web55.mp4 1.22 MB (1,286,784 バイト)
www.virustotal.com/gui/file/f55ef67ede333666d3ea6eb9538aa7f6b4266c108fcbebeae218cab939392e03
0/ 61
上部を削除&保存↓の結果
web55s.mp4 1.25 MB (1,311,144 バイト)
www.virustotal.com/gui/file/7630f5bdc94852db54b38c55029a3a0bb141296e81c7c8ee698bd13720fa0494
1/61 Kaspersky HEUR:Trojan.HTA.SAgent.gen
web44.mp4
www.virustotal.com/gui/url/4864e60175ec2fb6f2724c0830c3bf09c043d327c5824e77c8c2a8b2e077fdcf
7/96
20250103 Trojan Matryoshka系に変化?
web55.mp4 1.22 MB (1,286,784 バイト)
www.virustotal.com/gui/file/f55ef67ede333666d3ea6eb9538aa7f6b4266c108fcbebeae218cab939392e03
0/ 61
上部を削除&保存↓の結果
web55s.mp4 1.25 MB (1,311,144 バイト)
www.virustotal.com/gui/file/7630f5bdc94852db54b38c55029a3a0bb141296e81c7c8ee698bd13720fa0494
1/61 Kaspersky HEUR:Trojan.HTA.SAgent.gen
難読化?Trojan Matryoshka系2? - -
2025/01/07 (Tue) 20:15:04
20250104
reCAPTCHA Verification
□ I'm not a robot に☑を入れるとダウンロードが始まるみたいですね・・・
Document Done Your file is ready for download...
C:\Users\User\Downloads
1694_pattern_any.zip
any.hta 1.36 KB (1,397 バイト)
www.virustotal.com/gui/file/3124d7d4d26bfdd7358e23dcf8835e47510c35bd4163ca2ec5bad4c765cc6e0b
0/61
20250105
Deobfuscator:
any_d.hta 2.33 KB (2,388 バイト)
www.virustotal.com/gui/file/adc7be7ea8f664d5c391bda7be87501da6e9ec1db0fe120198ab0e361702b014
2/61
web55.json 987 KB (1,011,109 バイト)
www.virustotal.com/gui/file/aeb685edd91ecc75d752c35bba7da3feb3f3c09ef5bd81de83cb919d41adf521
0/61
各部を削除&保存↓の結果
web55s.json 301 KB (308,727 バイト)
www.virustotal.com/gui/file/b94b02504f7fd950a1bec25b7c8c23e7822a77c9eaf5f9966cefcffff2ee37ba
12/61
reCAPTCHA Verification
□ I'm not a robot に☑を入れるとダウンロードが始まるみたいですね・・・
Document Done Your file is ready for download...
C:\Users\User\Downloads
1694_pattern_any.zip
any.hta 1.36 KB (1,397 バイト)
www.virustotal.com/gui/file/3124d7d4d26bfdd7358e23dcf8835e47510c35bd4163ca2ec5bad4c765cc6e0b
0/61
20250105
Deobfuscator:
any_d.hta 2.33 KB (2,388 バイト)
www.virustotal.com/gui/file/adc7be7ea8f664d5c391bda7be87501da6e9ec1db0fe120198ab0e361702b014
2/61
web55.json 987 KB (1,011,109 バイト)
www.virustotal.com/gui/file/aeb685edd91ecc75d752c35bba7da3feb3f3c09ef5bd81de83cb919d41adf521
0/61
各部を削除&保存↓の結果
web55s.json 301 KB (308,727 バイト)
www.virustotal.com/gui/file/b94b02504f7fd950a1bec25b7c8c23e7822a77c9eaf5f9966cefcffff2ee37ba
12/61
recAPTCHA V5 demo - -
2025/04/27 (Sun) 20:10:03
URL:
www.virustotal.com/gui/url/015a2217a2550448af554b182c79d2628d585de64e92c05bc2abbfbd94755d8a?nocache=1
2/ 97
Netcraft : Malicious
Trustwave : Phishing
HTMLファイル:
www.virustotal.com/gui/file/dfbc083f02c2e8c74bb6dccb674bfeaa3e72b1125a1477e60960d4d536fc07a2?nocache=1
7/ 61
Avast : HTML:FakeCaptcha-AG [Fake]
AVG : HTML:FakeCaptcha-AG [Fake]
ESET-NOD32 : HTML/FakeCaptcha.U
GData : HTML.Malware.ClickFix.C
Google : Detected
Ikarus : Trojan.JS.Cryxos
Varist : HTML/FakeCha.A
HTMLファイルの一部を切り取りの結果:
www.virustotal.com/gui/file/e7fd9fc832678498cc031c213a469c148fbd89050560576021ae95ab31767ec6?nocache=1
3/ 60
Google : Detected
Ikarus : Trojan.JS.Cryxos
Kaspersky : HEUR:Trojan.Script.Generic
www.virustotal.com/gui/url/015a2217a2550448af554b182c79d2628d585de64e92c05bc2abbfbd94755d8a?nocache=1
2/ 97
Netcraft : Malicious
Trustwave : Phishing
HTMLファイル:
www.virustotal.com/gui/file/dfbc083f02c2e8c74bb6dccb674bfeaa3e72b1125a1477e60960d4d536fc07a2?nocache=1
7/ 61
Avast : HTML:FakeCaptcha-AG [Fake]
AVG : HTML:FakeCaptcha-AG [Fake]
ESET-NOD32 : HTML/FakeCaptcha.U
GData : HTML.Malware.ClickFix.C
Google : Detected
Ikarus : Trojan.JS.Cryxos
Varist : HTML/FakeCha.A
HTMLファイルの一部を切り取りの結果:
www.virustotal.com/gui/file/e7fd9fc832678498cc031c213a469c148fbd89050560576021ae95ab31767ec6?nocache=1
3/ 60
Google : Detected
Ikarus : Trojan.JS.Cryxos
Kaspersky : HEUR:Trojan.Script.Generic
reCAPTCHA Verification の変化 - -
2025/05/24 (Sat) 20:10:56
www.virustotal.com/gui/url/b7c7c1d3bedcb55a58f1c71b8c20f63377da3d8cc4ccefd84728bce4e95bb59c?nocache=1
1/ 97
Kaspersky : Malware
□ I'm not a robot ←☑でダウンロード
2439_folder_cheatsheet.rar 3.50 KB (3,590 バイト)
folder.zip 1.64 KB (1,681 バイト) ←folder(.rar)拡張子をzipに変更
folder.hta 1.32 MB (1,393,043 バイト)
www.virustotal.com/gui/file/57a391b0db0132ff578dfee22aa4bea4b8255e7b6e9cbd26348523d598277f62?nocache=1
0/ 62
Deobfuscator:
folder_sd16.hta 4.84 KB (4,964 バイト) ←UTF-16LE
www.virustotal.com/gui/file/e915e1bba86af16d18b3f3d73c4f8e04462d6b1b1d367b45764ab0495f864e7d?nocache=1
1/ 62
Ikarus : Trojan.JS.Cryxos
1/ 97
Kaspersky : Malware
□ I'm not a robot ←☑でダウンロード
2439_folder_cheatsheet.rar 3.50 KB (3,590 バイト)
folder.zip 1.64 KB (1,681 バイト) ←folder(.rar)拡張子をzipに変更
folder.hta 1.32 MB (1,393,043 バイト)
www.virustotal.com/gui/file/57a391b0db0132ff578dfee22aa4bea4b8255e7b6e9cbd26348523d598277f62?nocache=1
0/ 62
Deobfuscator:
folder_sd16.hta 4.84 KB (4,964 バイト) ←UTF-16LE
www.virustotal.com/gui/file/e915e1bba86af16d18b3f3d73c4f8e04462d6b1b1d367b45764ab0495f864e7d?nocache=1
1/ 62
Ikarus : Trojan.JS.Cryxos
recAPTCHA V7 - -
2025/05/29 (Thu) 20:05:09
www.virustotal.com/gui/url/8f34633b0eeba2d91db93b06a34819dcd6330c296348188b9a67b99aaa6d56ed
1/ 97
Trustwave : Phishing
URLQuery : Suspicious
x5Strs8Hx.txt 355 バイト (355 バイト)
www.virustotal.com/gui/file/40a760a957a42a966a06d6a3d8674576e8c4f090b29e439ad91a059edbc553ec?nocache=1
1/ 62
Symantec : ISB.Downloadergen68
1/ 97
Trustwave : Phishing
URLQuery : Suspicious
x5Strs8Hx.txt 355 バイト (355 バイト)
www.virustotal.com/gui/file/40a760a957a42a966a06d6a3d8674576e8c4f090b29e439ad91a059edbc553ec?nocache=1
1/ 62
Symantec : ISB.Downloadergen68
Trojan:HTML/FakeCaptcha.HNA!MTB? - -
2025/06/04 (Wed) 21:15:02
文字が、
マルウェアとして反応?される為 画像に移しました
注意:
画像の文字をテキストにして修正前に戻すとセキュリティが反応します
マルウェアとして反応?される為 画像に移しました
注意:
画像の文字をテキストにして修正前に戻すとセキュリティが反応します
Verification Required - -
2025/06/27 (Fri) 20:10:05
その他の名称 6月:
Competibility Check
reCAPTCHA
Verification Required
recAPTCHA Ⅴ7
(reCAPTCHA Ⅴ8)
20250627
10.0 MB (10,566,041 バイト)
www.virustotal.com/gui/file/efae4d064179b77d9d7de0f246e7b83d6b8e2988a92991b8033eedd328349665?nocache=1
2/ 63
Microsoft : Trojan:Script/Wacatac.Bml
Skyhigh (SWG) : BehavesLike.PS.Dropper.vx
20250626
9.99 MB (10,481,341 バイト)
www.virustotal.com/gui/file/049e3645ff59b9e95132781f5e829699c9995d7e9cba67460cc7d431a6a15d25?nocache=1
1/ 63
Skyhigh (SWG) : BehavesLike.PS.Dropper.tx
20250625
2.17 MB (2,281,801 バイト)
www.virustotal.com/gui/file/047b955d2324791f62a4cad26d48dab8e5d899b120b330e1d08dec281adc5a46?nocache=1
14/ 62
Arcabit : Trojan.Mardom.MN.24
BitDefender : Gen:Trojan.Mardom.MN.24
CTX : Powershell.trojan.mardom
Emsisoft : Gen:Trojan.Mardom.MN.24 (B)
eScan : Gen:Trojan.Mardom.MN.24
ESET-NOD32 : A Variant Of MSIL/Kryptik.ANVF
GData : Gen:Trojan.Mardom.MN.24
Google : Detected
Huorong : Trojan/PS.Encpe.a
Ikarus : Trojan.MSIL.Crypt
20250624
9.26 MB (9,712,639 バイト)
www.virustotal.com/gui/file/534ef77b114135541c726095ded42ffe77ecd5c2aed0595ccdf76cbc7b907a7a?nocache=1
1/ 63
Skyhigh (SWG) : BehavesLike.PS.Dropper.tx
20250619
2.03 MB (2,130,221 バイト)
www.virustotal.com/gui/file/a1147bcd5c9427b4b15d601de8acf7727f5510fb1c33981609d29dfd1bb69bda?nocache=1
8/ 62
ESET-NOD32 : Win32/Spy.LummaStealer.T
Google : Detected
Huorong : Trojan/PS.Encpe.a
Ikarus : Trojan.MSIL.Crypt
Kaspersky : HEUR:Trojan-PSW.MSIL.Lumma.gen
Microsoft : Trojan:Script/Wacatac.Bml
Skyhigh (SWG) : BehavesLike.PS.Dropper.vn
Symantec : ML.Attribute.HighConfidence
Competibility Check
reCAPTCHA
Verification Required
recAPTCHA Ⅴ7
(reCAPTCHA Ⅴ8)
20250627
10.0 MB (10,566,041 バイト)
www.virustotal.com/gui/file/efae4d064179b77d9d7de0f246e7b83d6b8e2988a92991b8033eedd328349665?nocache=1
2/ 63
Microsoft : Trojan:Script/Wacatac.Bml
Skyhigh (SWG) : BehavesLike.PS.Dropper.vx
20250626
9.99 MB (10,481,341 バイト)
www.virustotal.com/gui/file/049e3645ff59b9e95132781f5e829699c9995d7e9cba67460cc7d431a6a15d25?nocache=1
1/ 63
Skyhigh (SWG) : BehavesLike.PS.Dropper.tx
20250625
2.17 MB (2,281,801 バイト)
www.virustotal.com/gui/file/047b955d2324791f62a4cad26d48dab8e5d899b120b330e1d08dec281adc5a46?nocache=1
14/ 62
Arcabit : Trojan.Mardom.MN.24
BitDefender : Gen:Trojan.Mardom.MN.24
CTX : Powershell.trojan.mardom
Emsisoft : Gen:Trojan.Mardom.MN.24 (B)
eScan : Gen:Trojan.Mardom.MN.24
ESET-NOD32 : A Variant Of MSIL/Kryptik.ANVF
GData : Gen:Trojan.Mardom.MN.24
Google : Detected
Huorong : Trojan/PS.Encpe.a
Ikarus : Trojan.MSIL.Crypt
20250624
9.26 MB (9,712,639 バイト)
www.virustotal.com/gui/file/534ef77b114135541c726095ded42ffe77ecd5c2aed0595ccdf76cbc7b907a7a?nocache=1
1/ 63
Skyhigh (SWG) : BehavesLike.PS.Dropper.tx
20250619
2.03 MB (2,130,221 バイト)
www.virustotal.com/gui/file/a1147bcd5c9427b4b15d601de8acf7727f5510fb1c33981609d29dfd1bb69bda?nocache=1
8/ 62
ESET-NOD32 : Win32/Spy.LummaStealer.T
Google : Detected
Huorong : Trojan/PS.Encpe.a
Ikarus : Trojan.MSIL.Crypt
Kaspersky : HEUR:Trojan-PSW.MSIL.Lumma.gen
Microsoft : Trojan:Script/Wacatac.Bml
Skyhigh (SWG) : BehavesLike.PS.Dropper.vn
Symantec : ML.Attribute.HighConfidence
Checking if you are human (→msiexec) - -
2025/07/31 (Thu) 21:07:01
インストールされるマルウェア名 :
"verfy.msi"
"vrfy.msi"
"vrf.msi"
その他の名称 7月
Google Security Verification (→PowerShell)
I am not a robot (→mshta)
Loading... (→PowerShell)
Waiting for Verification (→PowerShell)
Just a moment (→PowerShell)
recAPTCHA V 5 (→PowerShell)
Browser Compatibility V2 (→PowerShell)
"verfy.msi"
"vrfy.msi"
"vrf.msi"
その他の名称 7月
Google Security Verification (→PowerShell)
I am not a robot (→mshta)
Loading... (→PowerShell)
Waiting for Verification (→PowerShell)
Just a moment (→PowerShell)
recAPTCHA V 5 (→PowerShell)
Browser Compatibility V2 (→PowerShell)
Verify Your Request (→powershell) - -
2025/09/29 (Mon) 21:05:01
URL
www.virustotal.com/gui/url/3e9a27ae7a51614818eef1a268d0e3de0aa7f8aa060a8ad330643b3955d2283c?nocache=1
5/ 98
ダウンローダー(webfile)
→powershell →nonco.txt 8.25 KB (8,453 バイト)
www.virustotal.com/gui/file/e657c4d9d4d39c76b71f248128c2b816b1d2bd021e383f89b049f0da85dd4fb8?nocache=1
2/ 63
本体のファイル(webfile)
→noncoloring.exe 3.62 MB (3,804,312 バイト) =SketchUpStudio.exeに偽装?
www.virustotal.com/gui/file/c86b385b5888d3af31bb3dee8fa5ce4bce83bd46ff403e4c6698c7cae48e2c4d?nocache=1
2/ 72
Elastic : Malicious (high Confidence)
Kaspersky : VHO:Trojan-PSW.Win32.Vidar.gen
www.virustotal.com/gui/url/3e9a27ae7a51614818eef1a268d0e3de0aa7f8aa060a8ad330643b3955d2283c?nocache=1
5/ 98
ダウンローダー(webfile)
→powershell →nonco.txt 8.25 KB (8,453 バイト)
www.virustotal.com/gui/file/e657c4d9d4d39c76b71f248128c2b816b1d2bd021e383f89b049f0da85dd4fb8?nocache=1
2/ 63
本体のファイル(webfile)
→noncoloring.exe 3.62 MB (3,804,312 バイト) =SketchUpStudio.exeに偽装?
www.virustotal.com/gui/file/c86b385b5888d3af31bb3dee8fa5ce4bce83bd46ff403e4c6698c7cae48e2c4d?nocache=1
2/ 72
Elastic : Malicious (high Confidence)
Kaspersky : VHO:Trojan-PSW.Win32.Vidar.gen
Xhamster (→mshta →powershell) - -
2025/10/20 (Mon) 21:11:10
1st:
画像
2nd-1:
Icontrols2[.]ru 全画面表示を終了するには、 Esc を押します
Working on updates. Please do not turn off your computer.
Part 1 of 3: Installing features and drivers
49% complete
2nd-2:
Working on updates. Please do not turn off your computer.
Part 1 of 3: Installing features and drivers
100% complete
2nd-3:
Working on updates. Please do not turn off your computer.
Part 2 of 3: Installing updates
70% complete
2nd-4:
Working on updates. Please do not turn off your computer.
Part 3 of 3: Check security
95% complete
Attention!
To complete the update, install
the critical Security Update
1.
2.
3.
roxy
www.virustotal.com/gui/file/72a8e045ab466d8ee3f2471f827def9f08dfac78beaeeea0481b3fc78fd43d02
1/ 62
Skyhigh (SWG) : BehavesLike.PS.Dropper.rg
画像
2nd-1:
Icontrols2[.]ru 全画面表示を終了するには、 Esc を押します
Working on updates. Please do not turn off your computer.
Part 1 of 3: Installing features and drivers
49% complete
2nd-2:
Working on updates. Please do not turn off your computer.
Part 1 of 3: Installing features and drivers
100% complete
2nd-3:
Working on updates. Please do not turn off your computer.
Part 2 of 3: Installing updates
70% complete
2nd-4:
Working on updates. Please do not turn off your computer.
Part 3 of 3: Check security
95% complete
Attention!
To complete the update, install
the critical Security Update
1.
2.
3.
roxy
www.virustotal.com/gui/file/72a8e045ab466d8ee3f2471f827def9f08dfac78beaeeea0481b3fc78fd43d02
1/ 62
Skyhigh (SWG) : BehavesLike.PS.Dropper.rg
Verify Your Request (powershell →powershell) - -
2026/01/14 (Wed) 22:05:53
*.txt →*.txt →*.msi
Just a moment..- (→mshta) - -
2026/02/06 (Fri) 20:10:01
hou.zip 128 KB (131,351 バイト)
www.virustotal.com/gui/file/20bb32431ed06610f81aa3e527bc6e733bf6f54865cf536acb293f06c0481ff5?nocache=1
10/ 62
sharp3.rar 63.9 KB (65,461 バイト)
www.virustotal.com/gui/file/5dd74c337a87bee508f36ace1b4de9f49d1aeb049d4fa9382461588f6104d6c8?nocache=1
1/ 63
bin3.zip 28.6 MB (30,067,833 バイト)
www.virustotal.com/gui/file/c1c3ca45738027a8e2b520157bddf582c3b9b6795447cbe40aac65f1f409797e
14/ 58
www.virustotal.com/gui/file/20bb32431ed06610f81aa3e527bc6e733bf6f54865cf536acb293f06c0481ff5?nocache=1
10/ 62
sharp3.rar 63.9 KB (65,461 バイト)
www.virustotal.com/gui/file/5dd74c337a87bee508f36ace1b4de9f49d1aeb049d4fa9382461588f6104d6c8?nocache=1
1/ 63
bin3.zip 28.6 MB (30,067,833 バイト)
www.virustotal.com/gui/file/c1c3ca45738027a8e2b520157bddf582c3b9b6795447cbe40aac65f1f409797e
14/ 58
Google reCAPTCHA Verification (→cmd) - -
2026/02/08 (Sun) 20:05:01
www.virustotal.com/gui/url/a34993f2e8028f35a48239f6b5629c7cdb7e1176253ff5a07c2c29fb7f798301?nocache=1
1/ 94
cloud.rsp 60 バイト (60 バイト)
www.virustotal.com/gui/file/ebde6d430cba7680c1b5675ce7e1f111f6217c209bed65afb2a4d5eb8bc754f4?nocache=1
0/ 62
falcony_wrapper_normal.dll 252 KB (258,334 バイト)
www.virustotal.com/gui/file/417bccffc8c5af4efd8cfb380dc6cb2b0be2d0a3ed9448e1be56ee2ec457e882?nocache=1
3/ 72
1/ 94
cloud.rsp 60 バイト (60 バイト)
www.virustotal.com/gui/file/ebde6d430cba7680c1b5675ce7e1f111f6217c209bed65afb2a4d5eb8bc754f4?nocache=1
0/ 62
falcony_wrapper_normal.dll 252 KB (258,334 バイト)
www.virustotal.com/gui/file/417bccffc8c5af4efd8cfb380dc6cb2b0be2d0a3ed9448e1be56ee2ec457e882?nocache=1
3/ 72
