瑞星网站每日安全播报(2011年9月14日) bbs.ikaka.com

networkedition - 2011-9-14 10:33:00

引用:

网址均来自瑞星每日安全播报，我们详细分析其中所挂恶意网址，对于已失效的恶意网址就不再分析。

引用:

注：以下分析出的恶意网址均包含有真实网马下载地址，请勿直接下载并运行，以免系统中招。

引用:

1. http://pet.zyhs.cn/(尊贵宠物网)
2. http://www.51juben.com.cn/(无忧小品剧本网)
3. http://www.gdfi.com.cn/(广东省财政职业技术学校)
4. http://www.hainane.info/(海南e时代)

用户系统信息：Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB6.5; .NET CLR 2.0.50727)

networkedition - 2011-9-14 10:34:00

Log generated by networkedition use mdecoder 0.67
[root]http://pet.zyhs.cn/data/js/b6.htm(Exploit.Ie0dayCVE0806.a)
[script]http://pet.zyhs.cn/data/js/b1.txt
[script]http://pet.zyhs.cn/data/js/b2.txt
[script]http://pet.zyhs.cn/data/js/b3.txt
[script]http://pet.zyhs.cn/data/js/b4.txt
[script]http://pet.zyhs.cn/data/js/b5.txt
[virus]http://pet.zyhs.cn/data/js/upx.exe

networkedition - 2011-9-14 10:34:00

Log generated by networkedition use mdecoder 0.67
[root]http://www.51juben.com.cn/
[script]http://www.51juben.com.cn/script/common.js
[script]http://:
[script]http://www.51juben.com.cn/themes/delicious/script/pngfix.js
[script]http://js.users.51.la/2408111.js
[exp]http://www.51juben.com.cn/CUTE-IE.html(Exploit.Ie0dayCVE0806.c)
[script]http://www.51juben.com.cn/pack.js
[script]http://www.51juben.com.cn/pack.css
[virus]http://www.51juben.com.cn/51.exe
[iframe]http://kkwt00.3322.org:8832/GwN1/index.html
[iframe]http://aa82.8866.org:8832/GwN1/index.html
[iframe]http://aa82.8866.org:8832/GwN1/2.htm
[flash]http://aa82.8866.org:8832/GwN1/nb.swf
[flash]http://aa82.8866.org:8832/GwN1/nb.swf
[exp]http://aa82.8866.org:8832/GwN1/b6.htm(Exploit.Ie0dayCVE0806.a)
[script]http://aa82.8866.org:8832/GwN1/b1.txt
[script]http://aa82.8866.org:8832/GwN1/b2.txt
[script]http://aa82.8866.org:8832/GwN1/b3.txt
[script]http://aa82.8866.org:8832/GwN1/b4.txt
[script]http://aa82.8866.org:8832/GwN1/b5.txt
[iframe]http://ccta88.8800.org:8832/GwN1/index.html
[iframe]http://ccta88.8800.org:8832/GwN1/2.htm
[flash]http://ccta88.8800.org:8832/GwN1/nb.swf
[flash]http://ccta88.8800.org:8832/GwN1/nb.swf
[exp]http://ccta88.8800.org:8832/GwN1/b6.htm(Exploit.Ie0dayCVE0806.a)
[script]http://ccta88.8800.org:8832/GwN1/b1.txt
[script]http://ccta88.8800.org:8832/GwN1/b2.txt
[script]http://ccta88.8800.org:8832/GwN1/b3.txt
[script]http://ccta88.8800.org:8832/GwN1/b4.txt
[script]http://ccta88.8800.org:8832/GwN1/b5.txt
[iframe]http://kv886.8866.org:8832/GwN1/index.html
[iframe]http://kv886.8866.org:8832/GwN1/2.htm
[flash]http://kv886.8866.org:8832/GwN1/nb.swf
[flash]http://kv886.8866.org:8832/GwN1/nb.swf
[exp]http://kv886.8866.org:8832/GwN1/b6.htm(Exploit.Ie0dayCVE0806.a)
[script]http://kv886.8866.org:8832/GwN1/b1.txt
[script]http://kv886.8866.org:8832/GwN1/b2.txt
[script]http://kv886.8866.org:8832/GwN1/b3.txt
[script]http://kv886.8866.org:8832/GwN1/b4.txt
[script]http://kv886.8866.org:8832/GwN1/b5.txt
[iframe]http://oke85.8800.org:8832/GwN1/index.html
[iframe]http://oke85.8800.org:8832/GwN1/2.htm
[flash]http://oke85.8800.org:8832/GwN1/nb.swf
[flash]http://oke85.8800.org:8832/GwN1/nb.swf
[exp]http://oke85.8800.org:8832/GwN1/b6.htm(Exploit.Ie0dayCVE0806.a)
[script]http://oke85.8800.org:8832/GwN1/b1.txt
[script]http://oke85.8800.org:8832/GwN1/b2.txt
[script]http://oke85.8800.org:8832/GwN1/b3.txt
[script]http://oke85.8800.org:8832/GwN1/b4.txt
[script]http://oke85.8800.org:8832/GwN1/b5.txt

networkedition - 2011-9-14 10:35:00

Log generated by networkedition use mdecoder 0.67
[root]http://www.gdfi.com.cn/english/maths/xcb.htm(Exploit.Ie0dayCVE0806.a)
[script]http://www.gdfi.com.cn/english/maths/ap.js
[virus]http://www.gdfi.com.cn/english/qq.exe

networkedition - 2011-9-14 10:35:00

Log generated by networkedition use mdecoder 0.67
[root]http://www.hainane.info/bak/md.html
[script]http://www.hainane.info/bak/party.css
[virus]http://www.jx2dbtwg.com/dnf/03.css
[script]http://www.hainane.info/bak/css.css
[script]http://www.hainane.info/bak/js.css

瑞星卡卡安全论坛