PCSL 可疑恶意网站每日分析 20080914

lanvin

Site Domain :     0catch.com
Site Location:     United States of America
Threat Links on this site(part of them):

1. http://wrkshp14.0catch.com/kettlebells-uk.html
   
2. http://jyg7321.0catch.com/
   
3. http://wrkshp5.0catch.com/scorpio-tattoo.html
   
4. http://keaydi.0catch.com/
   
5. http://wrkshp14.0catch.com/hoist-dumbbells.html
   
6. http://wrkshp15.0catch.com/campbells-chicken-noodle-soup.html
   
7. http://wrkshp14.0catch.com/custom-doorbells.html
   
8. http://wrkshp14.0catch.com/crazy-fogs-jingle-bells-mp3.html
   
9. http://wrkshp14.0catch.com/deagan-bells.html
   
10. http://pedomederpel.0catch.com/
    

复制代码

Site Domain :     218.22.180.43
Site Location:     China
Threat Links on this site(part of them):

1. http://218.22.180.43:81/vmdetdhc.htm  
   
2. http://218.22.180.43/TuTu01.exe  
   
3. http://218.22.180.43/w.exe  
   
4. http://218.22.180.43:81/445566.exe  
   
5. 
   

复制代码

以上信息仅供研究用途

[ 本帖最后由 lanvin 于 2008-9-14 18:29 编辑 ]

伞兵づ泡泡

沙发，上上看看

qigang

http://218.22.180.43:81/445566.exe

该病毒很常见！[:26:]

qigang

http://218.22.180.43/TuTu01.exe  
http://218.22.180.43/w.exe  
http://218.22.180.43/w.exe

qigang

剑盟分析:http://bbs.janmeng.com/thread-798506-1-1.html

lanvin

原帖由 qigang 于 2008-9-14 18:29 发表
http://218.22.180.43/TuTu01.exe  
http://218.22.180.43/w.exe  
http://218.22.180.43/w.exe

对invalid了

sam.to

打开不到

tonylee

原帖由 qigang 于 2008-9-14 18:29 发表
http://218.22.180.43/TuTu01.exe  
http://218.22.180.43/w.exe  
http://218.22.180.43/w.exe

http://218.22.180.43:81/TuTu01.exe  
http://218.22.180.43:81/w.exe  
http://218.22.180.43:81/w.exe

woai_jolin

Checking: http://218.22.180.43:81/vmdetdhc.htm
Engine version: 4.44.0.9170
File size: 35.50 KB

http://218.22.180.43:81/vmdetdhc.htm packed by UPX
>http://218.22.180.43:81/vmdetdhc.htm probably infected with DLOADER.Trojan