瑞星网站每日安全播报(2011年5月26日) bbs.ikaka.com

networkedition - 2011-5-26 13:31:00

引用:

网址均来自瑞星每日安全播报，我们详细分析其中所挂恶意网址，对于已失效的恶意网址就不再分析。

引用:

注：以下分析出的恶意网址均包含有真实网马下载地址，请勿直接下载并运行，以免系统中招。

引用:

1. http://eco.btbu.edu.cn/(北京工商大学)
2. http://www.scinfo.gov.cn/(遂昌科技信息网--您身边的网上科普学校)
3. http://www.scta.gov.cn/(四川旅游政务网)
4. http://dbyb.zqu.edu.cn/(广东省肇庆学院)
5. http://www.cxkx.gov.cn/(长兴农民致富网)

用户系统信息：Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727)

networkedition - 2011-5-26 13:32:00

Log generated by networkedition use mdecoder 0.67
[root]http://eco.btbu.edu.cn/images/ie.htm
[script]http://eco.btbu.edu.cn/images/hm.baidu.com/h.js?a3748f59cb5d70137101fb041e498cdb
[script]http://eco.btbu.edu.cn/images/party.css
[virus]http://125.223.1.135/newspic/dd.exe
[script]http://eco.btbu.edu.cn/images/css.css
[script]http://eco.btbu.edu.cn/images/js.css

networkedition - 2011-5-26 13:32:00

Log generated by networkedition use mdecoder 0.67
[root]http://www.scinfo.gov.cn/zhutan/class1/Index.html(遂昌科技信息网 >> 竹炭类专利大全 >> 中国竹炭类专利)
[flash]http:///zhutan/images/top.swf
[script]http://www.scinfo.gov.cn/zhutan/JS/Article_Hot2.js
[iframe]http://www.hb600.com/Inc/DEEPSNOW/Evil.htm
[iframe]http://www.hb600.com/Inc/DEEPSNOW/Flash.htm
[exp]http://www.hb600.com/Inc/DEEPSNOW/Ms06014.htm(Exploit.Ms06014.a)
[virus]http://www.hb600.com/Inc/DEEPSNOW/DEEP.exe
[iframe]http://www.hb600.com/Inc/DEEPSNOW/Lz.htm
[iframe]http://www.hb600.com/Inc/DEEPSNOW/Bfyy.htm
[iframe]http://www.hb600.com/Inc/DEEPSNOW/MsAccess.htm
[iframe]http://www.hb600.com/Inc/DEEPSNOW/Cx.htm
[iframe]http://www.hb600.com/Inc/DEEPSNOW/Real.htm
[iframe]http://www.hb600.com/Inc/DEEPSNOW/Real.htm
[iframe]http://www.hb600.com/Inc/DEEPSNOW/bfyy.htm
[exp]http://www.hb600.com/Inc/DEEPSNOW/Ms06014.htm(Exploit.Ms06014.a)
[iframe]http://www.hb600.com/Inc/DEEPSNOW/Ms08011.htm
[iframe]http://www.hb600.com/Inc/DEEPSNOW/MsAccess.htm
[iframe]http://www.hb600.com/Inc/DEEPSNOW/Cx.htm
[iframe]http://www.hb600.com/Inc/DEEPSNOW/Lz.htm
[exp]http://www.hb600.com/Inc/DEEPSNOW/MS07004.htm(Exploit.Ms07004.c)
[virus]http://www.hb600.com/Inc/DEEPSNOW/DEEP.exe
[iframe]http://www.hb600.com/Inc/DEEPSNOW/Ms08053.htm
[iframe]http://www.hb600.com/Inc/DEEPSNOW/Real.htm

networkedition - 2011-5-26 13:32:00

Log generated by networkedition use mdecoder 0.67
[root]http://www.scta.gov.cn/v/lzgdz.html?vip.bokee.com
[exp]http://www.scta.gov.cn/v/lzg.htm(Exploit.Ie0dayCVE0806.a)
[virus]http://www.scta.gov.cn/v/lzg.exe
[exp]http://www.scta.gov.cn/v/lzg.html(Exploit.Ie0dayCVE0806.a)
[virus]http://www.scta.gov.cn/v/lzg.exe
[script]http://js.users.51.la/4568890.js

networkedition - 2011-5-26 13:33:00

Log generated by networkedition use mdecoder 0.67
[root]http://dbyb.zqu.edu.cn/Edit/uploadfile/ie.htm
[script]http://dbyb.zqu.edu.cn/Edit/uploadfile/party.css
[virus]http://dbyb.zqu.edu.cn/Edit/uploadfile/bb.exe
[script]http://dbyb.zqu.edu.cn/Edit/uploadfile/css.css
[script]http://dbyb.zqu.edu.cn/Edit/uploadfile/js.css

networkedition - 2011-5-26 13:33:00

Log generated by networkedition use mdecoder 0.67
[root]http://www.cxkx.gov.cn/editor/css/best/lzg.htm?from=pjdrc.gov.cn
[script]http://www.cxkx.gov.cn/editor/css/best/lzg.js
[script]http://js.users.51.la/4036725.js
[exp]http://www.cxkx.gov.cn/editor/css/mm/wmdn.html(Exploit.Ie0dayCVE0806.a)
[virus]http://www.bjsjwmz.com/upload_files/dn.exe
[exp]http://www.cxkx.gov.cn/editor/css/mm/wmdn1.html(Exploit.Ie0dayCVE0806.a)
[virus]http://www.bjsjwmz.com/upload_files/lzg.exe

瑞星卡卡安全论坛