收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 网络安全(毒网分析) 里面的文件包含QQ盗号木马
返回列表 发新帖
查看: 2244|回复: 3
收起左侧

[未鉴定] 里面的文件包含QQ盗号木马

[复制链接]
amocken
发表于 2019-2-7 22:28:50 | 显示全部楼层 |阅读模式
http://www.flkk918.com/
回复

举报

BE_HC
发表于 2019-2-9 12:32:50 | 显示全部楼层
steam和qq盗号

QQ截图20190209123328.png
  1. [ANSI] 0x00009526: http://localhost.ptlogin2.qq.com:4300/pt_get_uins?callback=ptui_getuins_CB&r=0.7478418888058513&pt_local_tk=0.3858416392467916
  2. [ANSI] 0x000095a5: pt_local_token=0.3858416392467916;
  3. [ANSI] 0x000095cf: ?GET
  4. [ANSI] 0x000095d4: POST
  5. [ANSI] 0x000095d9: HEAD
  6. [ANSI] 0x000095e2: OPTIONS
  7. [ANSI] 0x000095ea: DELETE
  8. [ANSI] 0x000095f1: TRACE
  9. [ANSI] 0x000095f7: CONNECT
  10. [ANSI] 0x0000961f: https://
  11. [ANSI] 0x00009628: User-Agent:
  12. [ANSI] 0x00009637: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)
  13. [ANSI] 0x0000966a: http=
  14. [ANSI] 0x00009670: HTTP/1.1
  15. [ANSI] 0x00009679: Accept: */*
  16. [ANSI] 0x00009685: Accept:
  17. [ANSI] 0x0000968f: Accept: */*
  18. [ANSI] 0x0000969b: Referer:
  19. [ANSI] 0x000096a6: Referer:
  20. [ANSI] 0x000096b0: Accept-Language:
  21. [ANSI] 0x000096c3: Accept-Language: zh-cn
  22. [ANSI] 0x000096da: Content-Type:
  23. [ANSI] 0x000096ea: Content-Type: application/x-www-form-urlencoded
  24. [ANSI] 0x0000971a: Cookie:
  25. [ANSI] 0x00009724: Cookie:
  26. [ANSI] 0x00009730: Set-Cookie
  27. [ANSI] 0x0000973d: Set-Cookie:
  28. [ANSI] 0x00009756: #引号
  29. [ANSI] 0x00009760: http://
  30. [ANSI] 0x0000976a: https
  31. [ANSI] 0x00009770: =deleted
  32. [ANSI] 0x0000977f: 蜃z>&callback=ptui_getst_CB&r=0.15739138866774738&pt_local_tk=0.3858416392467916
  33. [ANSI] 0x000097d0: http://localhost.ptlogin2.qq.com:4300/pt_get_st?clientuin=
  34. [ANSI] 0x0000980b: clientkey=
  35. [ANSI] 0x00009816: &shuju3=
  36. [ANSI] 0x0000981f: &shuju2=
  37. [ANSI] 0x00009828: &shuju1=
  38. [ANSI] 0x00009831: &ip=
  39. [ANSI] 0x00009836: &password=
  40. [ANSI] 0x00009841: &username=
  41. [ANSI] 0x0000984c: &pass=
  42. [ANSI] 0x00009853: name=
  43. [ANSI] 0x00009859: http://www.laopohehe.top/muma/lianjie.php
  44. [ANSI] 0x00009883: http://api.guajicun.com/default.aspx
  45. [ANSI] 0x000098ac: IP":"
  46. [ANSI] 0x000098b2: WinHttp.WinHttpRequest.5.1
  47. [ANSI] 0x000098d4: @SetTimeouts
  48. [ANSI] 0x000098e1: SetProxy
  49. [ANSI] 0x000098ea: Basic
  50. [ANSI] 0x000098f1: Proxy-Authorization
  51. [ANSI] 0x00009905: SetRequestHeader
  52. [ANSI] 0x00009916: Open
  53. [ANSI] 0x0000991b: Option
  54. [ANSI] 0x00009924: User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)
  55. [ANSI] 0x00009963: Cookie
  56. [ANSI] 0x0000996a: Send
  57. [ANSI] 0x0000996f: ResponseBody
  58. [ANSI] 0x0000997c: GetallResponseHeaders
  59. [ANSI] 0x00009992: Status
  60. [ANSI] 0x000099a8: @ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/
  61. [ANSI] 0x000099f2: Steam 登录
  62. [ANSI] 0x000099fd: vguiPopupWindow
  63. [ANSI] 0x00009a1a: @U@0
  64. [ANSI] 0x00009a1f: Steam.exe
  65. [ANSI] 0x00009a2d: SSFN
  66. [ANSI] 0x00009a3f: \Device\HarddiskVolume6
  67. [ANSI] 0x00009a5a: \Device\HarddiskVolume5
  68. [ANSI] 0x00009a75: \Device\HarddiskVolume4
  69. [ANSI] 0x00009a90: \Device\HarddiskVolume3
  70. [ANSI] 0x00009aab: \Device\HarddiskVolume2
  71. [ANSI] 0x00009ac6: \Device\HarddiskVolume1
  72. [ANSI] 0x00009ae7: \Device\
  73. [ANSI] 0x00009af5: -login
  74. [ANSI] 0x00009afd: D3271E5EFD05d6
  75. [ANSI] 0x00009b0c: laopoheheda
  76. [ANSI] 0x00009b18: host1.webhostidc.net
  77. [ANSI] 0x00009b2d: /laopoheheda/web/muma/shouquanwenjian/
  78. [ANSI] 0x00009b54: http://www.laopohehe.top/muma/jianpanjilu.php
  79. [ANSI] 0x00009b82: .tmp
  80. [ANSI] 0x00009b87: Super-EC
  81. [ANSI] 0x00009bc7: 123455555555555555555555555555555555555
  82. [ANSI] 0x00009bef: 233333122222223241412321312312321312312
  83. [ANSI] 0x00009c17: 233333122222223241412321312312321312312
  84. [ANSI] 0x00009c3f: 222222333333333333331111111111111111123
  85. [ANSI] 0x00009c67: OrigProcAddr
  86. [ANSI] 0x00009c74: CustomBGBrush
  87. [ANSI] 0x00009c82: Handle
  88. [ANSI] 0x00009c89: \Steam.exe
复制代码



回复

举报

数字无名
发表于 2019-2-13 22:09:53 | 显示全部楼层
网页挂马

QQ截图20190213220848.png
回复

举报

静影沉璧
发表于 2019-2-13 22:15:43 | 显示全部楼层
对齐4.png
回复

举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-4-19 20:53 , Processed in 0.145206 second(s), 19 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表