http://frantsuzik.com/assoll/index.php

显示全部楼层 · 发表于 2009-9-2 12:54:11

0-http://frantsuzik.com/assoll/index.php
1->http://frantsuzik.com/assoll/load.php?id=0 (exe)
1->http://frantsuzik.com/assoll/load.php?id=1 (exe)
1->http://frantsuzik.com/assoll/cache/flash.swf
1->http://frantsuzik.com/assoll/cache/readme.pdf (pdf)
2-->>http://frantsuzik.com/assoll/load.php?id=5 (exe)
2-->>http://frantsuzik.com/assoll/load.php?id=4 (exe)

网页分析:250662772

显示全部楼层 · 发表于 2009-9-2 12:59:47

pdf文件，上报卡巴斯基，小红伞。

Hello,

readme.pdf_11 - Exploit.Win32.Pidief.bnx

New malicious software was found in this file. It's detection will be included in the next update. Thank you for your help.

Please find a detailed report concerning each individual sample below:

?Filename Result
readme.pdf MALWARE

The file 'readme.pdf' has been determined to be 'MALWARE'. Our analysts named the threat EXP/Pidief.gzf. The term "EXP/" denotes malware that is able to detect and use certain security vulnerabilities whereby the attacker can get control of the system.Detection will be added to our virus definition file (VDF) with one of the next updates.

[ 本帖最后由幸福的猪猪于 2009-9-2 15:48 编辑 ]

[其它] http://frantsuzik.com/assoll/index.php

回复 1楼 250662772 的帖子