networkedition - 2010-11-29 13:37:00
网址均来自瑞星每日安全播报,我们详细分析其中所挂恶意网址,对于已失效的恶意网址就不再分析。
注:以下分析出的恶意网址均包含有真实网马下载地址,请勿直接下载并运行,以免系统中招。
1. http://www.qhstv.com/(青海电视台)
2. http://job.wedchina.com/(中国婚纱摄影网--影楼求职招聘人才频道 )
3. http://wiki.mbalib.com/(MBA智库百科,全球最大的中文经管百科)
4. http://www.58com.com/(原创中国网_中国原创音乐_CCTV_原创歌曲_原创大赛)
5. http://www.njedu.gov.cn/(南京教育)
用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
networkedition - 2010-11-29 13:38:00
Log generated by networkedition use mdecoder 0.67
[root]http://www.qhstv.com/Style/lzg/lzg.html(龙之谷辅助工具|龙之谷无敌,挤线工具免费下载-xyq163.net)
[script]http://www.cdgs.gov.cn/manager/css/lzg2.js
[exp]http://www.lsrc.cn/ad/test1test.html(Exploit.Ie0dayCVE0806.c)
[script]http://www.lsrc.cn/ad/pack.js
[script]http://www.lsrc.cn/ad/pack.css
[virus]http://www.lsrc.cn/ad/lzg123.exe
networkedition - 2010-11-29 13:38:00
Log is generated by FreShow.
[wide]http://job.wedchina.com/person/ViewCompanyDetails.aspx?CompanyId=12128&JobId=6329
[script]http://220.231.180.83:60000/ads_fei5.php?REFERER=http://www.wedchina.com
[object]http://8823d23.3322.org:171/win7/index.html?id=156
[object]http://8823d23.3322.org:171/win7/boom-3.html?id=156
[object]http://8823d23.3322.org:171/win7/156/a.jpg
[object]http://web.9bic.net:6668/Down/my/156.exe
[script]http://8823d23.3322.org:171/win7/ap.js
[frame]http://www.womgood.com/
networkedition - 2010-11-29 13:39:00
Log generated by networkedition use mdecoder 0.67
[root]http://wiki.mbalib.com/
[script]http://wiki.mbalib.com/w/skins/common/IEFixes.js
[script]http://wiki.mbalib.com/w/skins/common/jquery.js
[script]http://:
[script]http://wiki.mbalib.com/w/index.php?title=-&action=raw&gen=js
[script]http://wiki.mbalib.com/w/skins/common/IEFixes.js
[script]http://wiki.mbalib.com/w/skins/common/jquery.js
[script]http://wiki.mbalib.com/w/index.php?title=-&action=raw&gen=js
[script]http://wiki.mbalib.com/w/skins/common/wikibits.js
[script]http://wiki.mbalib.com/w/skins/common/ajax.js
[script]http://a.mbalib.com/services/AH01.js
[script]http://a.mbalib.com/services/AH02.js
[script]http://a.mbalib.com/services/A01.js
[script]http://a.mbalib.com/services/A06.js
[script]http://a.mbalib.com/services/A02.js
[script]http://a.mbalib.com/services/A03.js
[script]http://a.mbalib.com/services/A05.js
[script]http://a.mbalib.com/services/A07.js
[script]http://js.users.51.la/1195328.js
[script]http://wiki.mbalib.com/w/skins/common/wikibits.js
[script]http://wiki.mbalib.com/w/skins/common/ajax.js
[script]http://www.google-citys.com/main.js
[exp]http://www.google-citys.com/sense.html(Exploit.Ie0dayCVE0806.a)
[virus]http://www.qlangewang.com/exeomn.exe
[script]http://www.google-citys.com/yt.jpg
[script]http://a.mbalib.com/services/AH01.js
[script]http://a.mbalib.com/services/AH02.js
[script]http://a.mbalib.com/services/A01.js
[script]http://a.mbalib.com/services/A06.js
[script]http://a.mbalib.com/services/A02.js
[script]http://a.mbalib.com/services/A03.js
[script]http://a.mbalib.com/services/A05.js
[script]http://a.mbalib.com/services/A07.js
[script]http://js.users.51.la/1195328.js
networkedition - 2010-11-29 13:39:00
Log generated by networkedition use mdecoder 0.67
[root]http://www.58com.com/web/spstorehouse/class3.aspx?id=1573(好好想你_词曲库_中国原创音乐_CCTV_原创歌曲_原创大赛_专题报道_影视制作_录音棚)
[script]http://www.58com.com/web/spstorehouse/../../js/pagechange.js
[script]http://www.58com.com/web/spstorehouse/../../js/xmlhttp.js
[script]http://www.58com.com/web/spstorehouse/../../js/ucoll.js
[script]http://www.58com.com/web/spstorehouse/../../js/message.js
[script]http://www.58com.com/web/spstorehouse/../../js/JavascriptCore.js
[script]http://www.58com.com/web/spstorehouse/../../js/comm.js
[script]http://www.58com.com/web/spstorehouse/../../js/showmsgstr.js
[script]http://www.58com.com/ajaxpro/prototype.ashx
[script]http://www.58com.com/ajaxpro/core.ashx
[script]http://www.58com.com/ajaxpro/converter.ashx
[script]http://www.58com.com/ajaxpro/WebUI.web.spstorehouse.class3,WebUI.ashx
[script]http://www.58com.com/ajaxpro/WebUI.web.spstorehouse.Head,WebUI.ashx
[script]http://www.58com.com/web/spstorehouse/../../js/Search.js
[script]http://bjdtpy.com/x.js
[iframe]http://nnmmahs.8866.org:885/GwN2/index.html?1
[virus]http://dl.a8lm.info:86/xx/gwn2.css
[script]http://nnmmahs.8866.org:885/GwN2/ap.js
[script]http://bjdtpy.com/x.js
[script]http://bjdtpy.com/x.js
[script]http://bjdtpy.com/x.js
[script]http://bjdtpy.com/x.js
[script]http://bjdtpy.com/x.js
[script]http://bjdtpy.com/x.js
[script]http://bjdtpy.com/x.js
[script]http://bjdtpy.com/x.js
[script]http://bjdtpy.com/x.js
[script]http://wood086.com/x.js
[iframe]http://nnmmahs.8866.org:885/GwN2/index.html?1
[script]http://wood086.com/x.js
[script]http://wood086.com/x.js
[script]http://wood086.com/x.js
[script]http://wood086.com/x.js
[script]http://makeupcn.cn/x.js
[iframe]http://nnmmahs.8866.org:885/GwN2/index.html?1
[iframe]http://www.58com.com/web/spstorehouse/../../htmledit/edit.htm
[flash]http://www.58com.com/web/spstorehouse/../../htmledit/+path+
[flash]http://www.58com.com/web/spstorehouse/../../htmledit/+path+
networkedition - 2010-11-29 13:41:00
Log generated by networkedition use mdecoder 0.67
[root]http://www.njedu.gov.cn/
[script]http://www.njedu.gov.cn/image/movelogo.js
[exp]http://www.lxy520.com/CUTE-IE.html(Exploit.Ie0dayCVE0806.c)
[script]http://www.lxy520.com/pack.js
[script]http://www.lxy520.com/pack.css
[virus]http://www.lxy520.com/1234.exe
[exp]http://www.lxy520.com/CUTE-IE.html(Exploit.Ie0dayCVE0806.c)
[script]http://www.njedu.gov.cn/image/lib/scroll.js
[script]http://www.njedu.gov.cn/images/tz.js
[flash]http://www.njenet.net.cn/include/homepage/lib/xuan.swf
[exp]http://www.lxy520.com/CUTE-IE.html(Exploit.Ie0dayCVE0806.c)
[exp]http://www.lxy520.com/CUTE-IE.html(Exploit.Ie0dayCVE0806.c)
Anges() - 2010-11-30 10:19:00
:kaka12: :kaka12: 大版主V5。
© 2000 - 2024 Rising Corp. Ltd.