收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 挂马简报~
返回列表 发新帖
查看: 2001|回复: 8
收起左侧

[可疑文件] 挂马简报~

[复制链接]
ranguangning
头像被屏蔽
发表于 2009-1-14 18:37:17 | 显示全部楼层 |阅读模式

最初出处:http://www.scanw.com/blog/archives/331

hxxp://user666.66-18.net/a01.css
hxxp://user666.66-18.net/for.css
hxxp://user666.66-18.net/lz.css
hxxp://user666.66-18.net/sms.css
hxxp://user666.66-18.net/no.css
hxxp://user666.66-18.net/bfyy.css
hxxp://user666.66-18.net/re10.css
hxxp://user666.66-18.net/re11.css
hxxp://d.bc-s350.cn/down/gr.exe
hxxp://d.bc-s350.cn/new/a1.css
hxxp://qq.18i16.net/exe1/ce.css
hxxp://qq.18i16.net/sina.css
hxxp://qq.18i16.net/baidu.cab
hxxp://qq.18i16.net/exe1/ms.css
hxxp://qq.18i16.net/exe1/b06.css
hxxp://qq.18i16.net/exe1/bf.css
hxxp://qq.18i16.net/exe1/re.css
hxxp://121.12.173.218/exe1/cx.css


回复

举报

qigang
发表于 2009-1-14 18:48:23 | 显示全部楼层
hxxp://user666.66-18.net/*最近很流行!
回复

举报

qianwenxiang
发表于 2009-1-14 18:48:50 | 显示全部楼层
upload

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

qianwenxiang
发表于 2009-1-14 18:49:04 | 显示全部楼层
Scan Started Wed Jan 14 18:46:32 2009
-------------------------------------------------------------------------------


C:\Test\0901\14\sms_0.css: Trojan.Spy-13381 FOUND
C:\Test\0901\14\a01_0.css: Trojan.Spy-13381 FOUND
C:\Test\0901\14\b06_0.css: Trojan.Downloader-61873 FOUND
C:\Test\0901\14\baidu_0.cab: Trojan.Downloader-61873 FOUND
C:\Test\0901\14\bf_0.css: Trojan.Downloader-61873 FOUND
C:\Test\0901\14\bfyy_0.css: Trojan.Spy-13381 FOUND
C:\Test\0901\14\ce_0.css: Trojan.Downloader-61873 FOUND
C:\Test\0901\14\cx_0.css: Trojan.Downloader-61873 FOUND
C:\Test\0901\14\for_0.css: Trojan.Spy-13381 FOUND
C:\Test\0901\14\lz_0.css: Trojan.Spy-13381 FOUND
C:\Test\0901\14\ms_0.css: Trojan.Downloader-61873 FOUND
C:\Test\0901\14\no_0.css: Trojan.Spy-13381 FOUND
C:\Test\0901\14\re10_0.css: Trojan.Spy-13381 FOUND
C:\Test\0901\14\re11_0.css: Trojan.Spy-13381 FOUND
C:\Test\0901\14\re_0.css: Trojan.Downloader-61873 FOUND
C:\Test\0901\14\sina_0.css: Trojan.Downloader-61873 FOUND
----------- SCAN SUMMARY -----------
Known viruses: 485054
Engine version: 0.93
Scanned directories: 0
Scanned files: 18
Infected files: 16

Data scanned: 2.62 MB
Time: 17.610 sec (0 m 17 s)
--------------------------------------
Completed
--------------------------------------
回复

举报

granthill
发表于 2009-1-14 19:19:42 | 显示全部楼层
ess 3.0

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

无尽藏海
发表于 2009-1-14 19:32:22 | 显示全部楼层
Begin scan in 'F:\VIRUS\14_3.rar'
F:\VIRUS\14_3.rar
    [0] Archive type: RAR
      --> gr_0.exe
          [DETECTION] Is the TR/Spy.Gen Trojan
      --> baidu_0.cab
        [1] Archive type: CAB (Microsoft)
        --> baidu.exe
          [DETECTION] Is the TR/Spy.Gen Trojan
      --> a1_0.css
          [DETECTION] Is the TR/Spy.Gen Trojan
      --> b06_0.css
          [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
      --> bf_0.css
          [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
      --> ce_0.css
          [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
      --> cx_0.css
          [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
      --> ms_0.css
          [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
      --> re_0.css
          [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
      --> sina_0.css
          [DETECTION] Is the TR/Crypt.XDR.Gen Trojan
    [WARNING]   The file was ignored!


End of the scan: 2009年1月14日 星期三  19:31
Used time: 00:12 Minute(s)

The scan has been done completely.

      0 Scanning directories
     20 Files were scanned
     18 viruses and/or unwanted programs were found
      0 Files were classified as suspicious:
      0 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      2 Files not concerned
      2 Archives were scanned
      1 Warnings
      0 Notes
回复

举报

fzz8848
头像被屏蔽
发表于 2009-1-14 20:17:35 | 显示全部楼层

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

allinwonderi
发表于 2009-1-14 21:45:57 | 显示全部楼层

ArcaVir 2008

[Scanning : C:\Test]


C:\Test\14_3.rar<RAR>:baidu_0.cab<CAB>:baidu.exe <- Trojan.Dropper.Agent.Abku : No action
C:\Test\14_3.rar<RAR>:bf_0.css<UPX>:bf_0.css <- Trojan.Dropper.Agent.Abku : No action
C:\Test\14_3.rar<RAR>:ce_0.css<UPX>:ce_0.css <- Trojan.Dropper.Agent.Abku : No action
C:\Test\14_3.rar<RAR>:cx_0.css<UPX>:cx_0.css <- Trojan.Dropper.Agent.Abku : No action
C:\Test\14_3.rar<RAR>:ms_0.css<UPX>:ms_0.css <- Trojan.Dropper.Agent.Abku : No action
C:\Test\14_3.rar<RAR>:re_0.css<UPX>:re_0.css <- Trojan.Dropper.Agent.Abku : No action
C:\Test\14_3.rar<RAR>:sina_0.css<UPX>:sina_0.css <- Trojan.Dropper.Agent.Abku : No action
C:\Test\14_3\baidu_0.cab<CAB>:baidu.exe <- Trojan.Dropper.Agent.Abku : No action
C:\Test\14_3\bf_0.css<UPX>:bf_0.css <- Trojan.Dropper.Agent.Abku : No action
C:\Test\14_3\ce_0.css<UPX>:ce_0.css <- Trojan.Dropper.Agent.Abku : No action
C:\Test\14_3\cx_0.css<UPX>:cx_0.css <- Trojan.Dropper.Agent.Abku : No action
C:\Test\14_3\ms_0.css<UPX>:ms_0.css <- Trojan.Dropper.Agent.Abku : No action
C:\Test\14_3\re_0.css<UPX>:re_0.css <- Trojan.Dropper.Agent.Abku : No action
C:\Test\14_3\sina_0.css<UPX>:sina_0.css <- Trojan.Dropper.Agent.Abku : No action



Scanned objects : 108

Infected objects : 14
回复

举报

allinwonderi
发表于 2009-1-14 21:47:40 | 显示全部楼层

Norman Virus Control 5.99

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-7-20 15:13 , Processed in 0.129164 second(s), 17 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表