瑞星网站每日安全播报(2011年1月11日) bbs.ikaka.com

networkedition - 2011-1-11 13:06:00

引用:

网址均来自瑞星每日安全播报，我们详细分析其中所挂恶意网址，对于已失效的恶意网址就不再分析。

引用:

注：以下分析出的恶意网址均包含有真实网马下载地址，请勿直接下载并运行，以免系统中招。

引用:

1. http://astro.ustc.edu.cn/(中国科学技术大学天文学系)
2. http://yudi.jnu.edu.cn/(暨南大学)
3. http://www.ntkfqzg.gov.cn/（南通开发区组工网）
4. http://www.scinfo.gov.cn/(遂昌科技信息网--您身边的网上科普学校)
5. http://www.xyfgj.gov.cn/（荥阳市房地产信息网）

用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; InfoPath.2)

networkedition - 2011-1-11 13:07:00

Log generated by networkedition use mdecoder 0.67
[root]http://astro.ustc.edu.cn/cache/w.htm?bbs.jbzyw.com
[exp]http://www.teamgo.com.cn/eWebEditor/db/w12/ie.html(Exploit.Ie0dayCVE0806.a)
[virus]http://www.hzinfo.com/www/186/n20.exe
[iframe]http://www.teamgo.com.cn/eWebEditor/db/w12/q.html
[script]http://www.teamgo.com.cn/eWebEditor/db/w12/scvhost.txt

networkedition - 2011-1-11 13:07:00

Log generated by networkedition use mdecoder 0.67
[root]http://yudi.jnu.edu.cn/Inc/wen.html
[script]http://serv.ahau.edu.cn/inc/wd/wd.js
[iframe]http://serv.ahau.edu.cn/inc/wd/18.htm
[script]http://serv.ahau.edu.cn/inc/wd/party.css
[exp]http://serv.ahau.edu.cn/inc/wd/19.htm(Exploit.Ie0dayCVE0806.a)
[virus]http://serv.ahau.edu.cn/inc/wd/1.exe
[exp]http://serv.ahau.edu.cn/inc/wd/of.htm(Exploit.OfficeSpreadsheet.a)
[script]http://serv.ahau.edu.cn/inc/wd/bgg.jpg
[script]http://serv.ahau.edu.cn/inc/wd/agg.jpg
[virus]http://serv.ahau.edu.cn/inc/wd/1.exe
[script]http://js.users.51.la/4176960.js

networkedition - 2011-1-11 13:07:00

Log generated by networkedition use mdecoder 0.67
[root]http://www.ntkfqzg.gov.cn/(南通开发区组工网)
[flash]http://www.ntkfqzg.gov.cn/flash/top.swf
[iframe]http://www.ntkfqzg.gov.cn/gundong.asp
[script]http://www.ntkfqzg.gov.cn/count/count.asp
[iframe]http://vsdfscv890.8866.org:8843/AM01/index.html
[exp]http://vsdfscv890.8866.org:8843/AM01/360.html(Exploit.Ie0dayCVE0806.a)
[virus]http://58.221.36.243:8843/xx/am01.css
[script]http://vsdfscv890.8866.org:8843/AM01/yt.jpg

networkedition - 2011-1-11 13:08:00

Log generated by networkedition use mdecoder 0.67
[root]http://www.scinfo.gov.cn/zhutan/class1/Index.html(遂昌科技信息网 >> 竹炭类专利大全 >> 中国竹炭类专利)
[flash]http:///zhutan/images/top.swf
[script]http://www.scinfo.gov.cn/zhutan/JS/Article_Hot2.js
[iframe]http://www.hb600.com/Inc/DEEPSNOW/Evil.htm
[iframe]http://www.hb600.com/Inc/DEEPSNOW/Flash.htm
[exp]http://www.hb600.com/Inc/DEEPSNOW/Ms06014.htm(Exploit.Ms06014.a)
[virus]http://www.hb600.com/Inc/DEEPSNOW/DEEP.exe
[iframe]http://www.hb600.com/Inc/DEEPSNOW/Lz.htm
[iframe]http://www.hb600.com/Inc/DEEPSNOW/Bfyy.htm
[iframe]http://www.hb600.com/Inc/DEEPSNOW/MsAccess.htm
[iframe]http://www.hb600.com/Inc/DEEPSNOW/Cx.htm
[iframe]http://www.hb600.com/Inc/DEEPSNOW/Real.htm
[iframe]http://www.hb600.com/Inc/DEEPSNOW/Real.htm
[iframe]http://www.hb600.com/Inc/DEEPSNOW/bfyy.htm
[exp]http://www.hb600.com/Inc/DEEPSNOW/Ms06014.htm(Exploit.Ms06014.a)
[iframe]http://www.hb600.com/Inc/DEEPSNOW/Ms08011.htm
[iframe]http://www.hb600.com/Inc/DEEPSNOW/MsAccess.htm
[iframe]http://www.hb600.com/Inc/DEEPSNOW/Cx.htm
[iframe]http://www.hb600.com/Inc/DEEPSNOW/Lz.htm
[exp]http://www.hb600.com/Inc/DEEPSNOW/MS07004.htm(Exploit.Ms07004.c)
[virus]http://www.hb600.com/Inc/DEEPSNOW/DEEP.exe
[iframe]http://www.hb600.com/Inc/DEEPSNOW/Ms08053.htm
[iframe]http://www.hb600.com/Inc/DEEPSNOW/Real.htm

networkedition - 2011-1-11 13:08:00

Log generated by networkedition use mdecoder 0.67
[root]http://www.xyfgj.gov.cn/Bargain/Manage/MHouse/HouseEdit.aspx?type=view&corpedit=0&corpcode=1§ioncode=6&buildingcode=34&housecode=1359&housename=商业
[script]http://www.xyfgj.gov.cn/aspnet_client/system_web/1_1_4322/WebUIValidation.js
[exp]http://www.gzxguan.com/imgback/xgz.htm(Exploit.IEAurora.a)
[virus]http://www.gzxguan.com/imgback/xgz.exe

瑞星卡卡安全论坛