posted by Kwan's 2010. 9. 7. 11:03

1. 사이트 !!

씨X통 : http://www.cixxxxng.com
레이XX 클럽 : http://www.rxxexx.co.kr 
옐XX X 택배 : http://www.yeXXXXXX.co.kr
강XX센X : http://www.stXXXXX.or.kr 外 다수
한국XXXXX연합회 : http://www.kXuXXX.or.kr 外 다수
부산XX 外 다수 : http://www.XXXbuXXX.com/

2. 유포지 !!

씨X통 : http://6X.1XX.1.8X/test.asp

레이XX 클럽 : http://2XX.1XX.9X.2X2/V.asp
                    http://2XX.2XX.12X.5X/help.asp

옐XX X XX : http://2XX.2XX.12X.5X/help.asp

강XXXX , 한국XXXXXXX회 外 다수 : http://www.XXiayuaXcom/XX/yahoo.js
                                                              http://www.XXayuaXcom/XX/ad.htm
                                                              http://www.XXayuaXcom/XX/news.html
                                                              http://www.XXayuaXcom/XX/count.html

부산XX 外 다수 : http://XXle.XXangq.co.kr/dXXX/report/sb/index.htm
                        http://XXle.XXangq.co.kr/dXXX/report/sb/6.htm
                        http://XXle.XXangq.co.kr/dXXX/report/sb/ie.jpg
                        http://XXle.XXangq.co.kr/dXXX/report/sb/iee.jpg

3. 최종파일 !!

test.asp , help.asp : http://loXX.XXnbt.info/pXXXX/chong.exe

V.asp : http://XXablade.com/XXder/d.exe

ad.htm : http://www.XXxny.com/image/s.exe

iee.jpg : http://loXX.XXnbt.info/pXXXX/chong.exe

4. 바이러스 토탈

test.asp : http://www.virustotal.com/file-scan/report.html?id=b5d1054496c0f85de2231776787c925d28fcc4e72153d0bc2df5c281e15b4a9c-1283822614

help.asp : http://www.virustotal.com/file-scan/report.html?id=10eb7191ad67287469f44e5db73c463337d154715df5717f57355f7413ddef99-1283822619

V.asp : http://www.virustotal.com/file-scan/report.html?id=b5d1054496c0f85de2231776787c925d28fcc4e72153d0bc2df5c281e15b4a9c-1283823361

yahoo.js : http://www.virustotal.com/file-scan/report.html?id=38fb192a31fc9795d7cd0c8de199c22fd639b85a3fcef6adb3a6c8fa747a84de-1283823366

ad.htm : http://www.virustotal.com/file-scan/report.html?id=71020f01ab7a9c6d44ff720850b08303e3fe8860fa3d6f1c819dd806d08cb832-1283823433

news.html : http://www.virustotal.com/file-scan/report.html?id=dcb0f56c127a107f67d4362472c451dbfb399dabffe673cdbe4204084b32ff7f-1283823445

count.html : http://www.virustotal.com/file-scan/report.html?id=dd04ba376ca8412f26a2d8077ab23c35209cd0e0c03f16fbf2620c36bd2c4370-1283823527

index.htm : http://www.virustotal.com/file-scan/report.html?id=d24618283f09b057665df60c03e5d378c145278deb797ff09f00d15d8f71067c-1283615067

6.htm : http://www.virustotal.com/file-scan/report.html?id=b97bcb2e3e2cd3dab79ca94939e0818865a8f474dce1a45ca1f8bfcf9320769c-1283615053

ie.jpg : http://www.virustotal.com/file-scan/report.html?id=96fd35784055780ef28cd6615c798c0e3d68a9ebb97393a456594b571b55251c-1283615058

iee.jpg : http://www.virustotal.com/file-scan/report.html?id=05d0a7cd5111df398f40b8f31d8d357c38d4a3338f213bc8cb338d6083258ff4-1283615063

pop.exe : http://www.virustotal.com/file-scan/report.html?id=fdade277f556797331f91af8228f19cbb659c4f559d9fe38800008a752ef1e78-1283823544

d.exe : http://www.virustotal.com/file-scan/report.html?id=9be1f0e3a083386396648e20aa4dc066a545453c70afa7ba12e53029f8352e87-1283823684

s.exe : http://www.virustotal.com/file-scan/report.html?id=3ecca9e0be88d46ca8ff5263af7218a6d8fa4fc2fb26a72d8818caafe866b18c-1283823692

chong.exe : http://www.virustotal.com/file-scan/report.html?id=bd1460158f28299155929a498c0bd31e592a0d51ce69d0d3b5df9693d6e96434-1283823807

5. 국내 업체 진단 사항 !!

이스트 소프트 , 네이버 : 분석 및 악성 파일 DB에 추가 예정 !!

[안철수연구소]

1. count.html ~> 분석중
2. chong.exe ~> V3 : Win-Trojan/Downloader.73728.FP(추가 : 2010.09.05.00)
3. d.exe ~> V3 : Dropper/Onlinegamehack.63434(추가 : 2010.09.05.00)
4. help.asp ~> V3 : JS/Cve-2010-0806(추가 : 2010.09.05.00)
5. yahoo.js ~> V3 : JS/Iframe(추가 : 2010.09.05.00)
6. ad.htm ~> V3 : JS/Cve-2010-0806(추가 : 2010.09.05.00)
7. news.html ~> V3 : JS/Exploit(추가 : 2010.09.05.00)
8. s.exe ~> V3 : Dropper/Onlinegamehack.40960(추가 : 2010.09.05.00)
9. test.asp ~> V3 : JS/Cve-2010-0806(추가 : 2010.09.05.00)
10. V.asp ~> V3 : JS/Cve-2010-0806(추가 : 2010.09.05.00)
11. pop.exe ~> V3 : Win-Trojan/Agent.64623(추가 : 2010.09.01.02)

흠.. 이번주에는 yahoo.js가 많이 난리를 쳤더라고요.. 최종파일 위치만 항상 바뀌고 ..
역시 취약점의 끝은 어디인지 ~ 관리가 절실한거 같습니다.
아무튼 태풍도 이번에는 빗겨가고 서울은 화창하고 무덥네요.. 비 한번 쏟아지면 좋은데..
서울에 계신분은 더운데 무더위 잘 보내시고 ~ 지방분들은 태풍에 피해가 없길 바라며 글을 마칩니다.
오늘도 모두 즐거운 하루 보내세요~

댓글을 달아 주세요

posted by Kwan's 2010. 8. 16. 16:15

1. 사이트 !!

한국 X 스X츠 협회 : http://www.x-sxxxts.or.kr
씨X통 : http://www.cixxxxng.com/
레이XX 클럽 : http://www.rxxexx.co.kr  
주X자 XX  : http://zxxxnxx.jxxns.com 
미스터 XX  : http://www.mxpxzxx.co.kr
서울 XXXX : http://www.seoulxxxx.or.kr  
천XXX법인 : http://www.chxxxxtax.co.kr
건XXX회 : http://www.arxxxdb.com
강남XXX상담실 : http://sxxxdxxsil.or.kr
벼X XX : http://xxxtomer.fxxxall.co.kr
한국XX기술 : http://www.culxxxexxcx.co.kr

2 . 중국 유포 사이트

http://xxx.game.mop.com
http://xxx.yx007.com
http://xxxs.512ms.com
http://www.pxxo.com
http://rxxxtunnel.chd.edu.cn
http://xxx.yx007.com

3. 유포지 !!

한국 X 스X츠 협회 , 씨X통 : http://xxx.1x3.xx.1x7/R.asp

레이XX 클럽 : http://2x0.1xx.1xx.x5/W.asp ~> 발견당시 서버 죽음 !!

주X자 XX  : http://2xx.6x.xx.6x/ixxm/click.asp

미스터 XX  : http://www.8xx8xx.com.xx/xxche/ad.htm

서울 XXXX , 천XXX법인 , 건XXX회 , 강남XXX상담실 , 벼X XX , 한국XX기술

: http://www.xxx.xx/Cxxhes/ad.htm

4. 중국 유포지 !!

1. http://xxx.game.mop.com : http://www.xxx.cn/ucenter/images/games.html?用户注册

2. http://xxx.yx007.com : http://event.xxxxx.com/dabao/public/js/dh/64.html

3. http://xxxs.512ms.com : http://asxx.alixxxx.vu.cx:171/win7/124/a.jpg

4. http://www.pxxo.com : http://hkxxxx07.xx66.oxx:7xx8/x/index.html ~> 서버죽음

5. http://rxxxtunnel.chd.edu.cn : http://xox.gxxesxxx.cn/banner.swf

6. http://xxx.yx007.com : http://evexx.yoxxx.com/dxxax/pxxlix/xs/xh/64.html

5. 최종파일 !!

R.asp : http://inxxx.kxxxta.co.kr/cxxxents/r.exe

W.asp : http://www.kxxcxx.or.kr/bxxrd/w.exe ~> 서버죽음 !!

click.asp : http://sxx.gaxxxx.com/ixx/admin.exe

ad.htm : http://www.17xxx.cx/ixxxxs/s.exe 

games.html : http://www.xxx.cn/uxxnxxr/imxxxs/update.exe ~> XOR 변형 필요 !!

64.html : http://blog.mxxxx.com/data/dh.exe

a.jpg : http://web.xxx.xx.cn:6xx8/Dxxn/xy/124.exe

index.html : http://88itj.3xx2.org:7xx8/1/kav.exe ~> 서버 죽음 !!

banner.swf : http://xxxx.gaxxx5xx.cn/uusee.exe

6. 바이러스 토탈 !!

R.asp : http://www.virustotal.com/file-scan/report.html?id=686fffcc96b1b896fe9bc6a71fc240acee89f411af226ab865211ea46211a779-1281940182

click.asp : http://www.virustotal.com/file-scan/report.html?id=209d62743988de70dcbb5c4df5965863cacfde2cd4279cd996e8448c47720e40-1281940401

ad.htm : http://www.virustotal.com/file-scan/report.html?id=7400f9036c8049127d86b302e7b96c20159642a6b0f7a969fa65112d2e5710e4-1281940411

games.html : http://www.virustotal.com/file-scan/report.html?id=861bb732b43d44e6323e4ca1e5222d382d708f396bbfb5041b9adf3a6affc3d0-1281940444

64.html : http://www.virustotal.com/file-scan/report.html?id=8e099227dd435abff11c4b045fba6cd2c6ab46abe161f80b60072caccba4c8eb-1281940470

a.jpg : http://www.virustotal.com/file-scan/report.html?id=72222c3f34753aa7f0714ecc922a607d412f0c10e0d6f8bacc1499bdf8a1e2e2-1281940480

index.html : 서버 죽음 !!

banner.swf : http://www.virustotal.com/file-scan/report.html?id=6206545ec7c9b131fd37071d69baa00aef99748447dc5535509156da37ad9656-1281940534

r.exe : http://www.virustotal.com/file-scan/report.html?id=b91956e065993292fef0b785f4973e07b5bbb17a18ebda3ed2a6040bb59b1f7d-1281940595

w.exe : 서버 죽음 !!

admin.exe : http://www.virustotal.com/file-scan/report.html?id=2df4d0206033be709e8555581fd670ce033693671b8651ab472a4c6d2ca4d1c3-1281940629

s.exe : http://www.virustotal.com/file-scan/report.html?id=b352af5dd49a82f469cc9714b9d585d2362c2523d358f84f7520175b5613a195-1281940656

update.exe : http://www.virustotal.com/file-scan/report.html?id=5c653bea6ec9c368ec087c87495ff62a1dd9851f71adbec2e348e1f32b7852cd-1281940673

update.exe_Kwan : http://www.virustotal.com/file-scan/report.html?id=e6ac40e87931d19a1e2426006d1446a9d2d3fe1cddcc4094b173b7a6b6828bdb-1281940764

dh.exe : 서버 죽음 !!

124.exe : http://www.virustotal.com/file-scan/report.html?id=91cdef9b36d07a05150eb3c87a31cb1dd1ff393ca8d37523e0486d9873656000-1281940777

kav.exe : 서버 죽음 !!

uusee.exe : http://www.virustotal.com/file-scan/report.html?id=addc5313573b208a6b1caffc6d9726c250abc12d8e604373e903faaeca93499f-1281940788

7 . 기타 발견 및 14일자 네이트온 악성 코드 !!

네이트온 악성코드 : www.txxxxxdx.com

[바이러스 토탈]

vfkdls.exe : http://www.virustotal.com/file-scan/report.html?id=f8ca6896ff4fe3e993b717fb4a743ea0c49f02d8e36358adc037f391118e8186-1281941157

기타 발견 한곳 : http://1xx.xx.1x5.1xx/A.asp

최종파일 : http://www.koxxx3s.org/kxrxxxs/xxlxxdx/xxxxce/c.exe

[바이러스 토탈]

A.asp : http://www.virustotal.com/file-scan/report.html?id=572bd8a2184acd9d63ad348fd1ae552d692220fb30ee99bd70aac5bb5e4504b8-1281941241

c.exe : http://www.virustotal.com/file-scan/report.html?id=dd23b8482aa1b379623b1fe6636b5ca9001bc405736657a5d95ae4ba951e2e1d-1281941248

8. 신고한 곳 및 진단 사항 !!

[안철수 연구소]

1. update.exe ~> 분석중
2. count.0tml ~> 분석중 
3. R.asp ~> 분석중
4. banner.swf ~> 분석중
5. update.exe_Kwan ~> V3 : Win-Trojan/Xema.variant
6. uusee.exe ~> V3 : Packed/Upack 
7. uusee.exe_Kwan ~> V3 : Packed/Upack
8. vfkdls.0xe ~> V3 : Dropper/Malware.97280.HJ(추가 : 2010.08.16.01) 
9. r.exe ~> V3 : Win-Trojan/Downloader.113090(추가 : 2010.08.16.01)
10. yahoo.0s ~> V3 : JS/Exploit(추가 : 2010.08.13.04)
11. hcp.0tml ~> V3 : HTML/Exploit(추가 : 2010.08.13.04)
12. games.html ~> V3 : JS/Exploit(추가 : 2010.08.13.02)
13. 64.html ~> V3 : JS/Exploit(추가 : 2010.08.13.02)
14. s.0xe ~> V3 : Dropper/Malware.40960.GV(추가 : 2010.08.12.02) 
15. ad.0tm ~> V3 : HTML/Downloader(추가 : 2010.08.12.01)
16. news.0tml ~> V3 : HTML/Agent(추가 : 2010.08.12.01)
17. A.0sp ~> V3 : JS/Exploit(추가 : 2010.08.10.06)
18. c.0xe ~> V3 : Dropper/Onlinegamehack.111642(추가 : 2010.08.09.01)
19. admin.exe ~> V3 : Win-Trojan/Onlinegamehack.55296.S(추가 : 2010.08.07.00)
20. click.asp ~> V3 : JS/Exploit(추가 : 2010.08.07.00) 
21. a.jpg ~> V3 : VBS/Agent(추가 : 2010.08.06.03) 
22. 124.exe ~> V3 : Win-Trojan/Agent.18420.C(추가 : 2010.08.06.01)

[이스트 소프트] 

모든 샘플 오늘 DB에 전부 반영 !!

[네이버 백신]

일부 샘플 반영 되었고 추후에 DB에 전부 반영 !!
참고 : 샘플은 네이버 , 이스트 소프트 , 안철수 연구소로 전송하며
안철수연구소는 웹신고를 하며 이스트 소프트와 네이버는 지인분들께 전달하고 그에 따른
피드백을 받아서 글을 쓴것입니다. 안철수연구소 처럼 진단명은 모르지만 DB에 반영 된것은 알수가 있습니다!

9. 잡담 및 이번주 도와 주신분 !!

진짜 오랜만에 글을 쓰는거 같네요~ 요즘 뭐하기가 왜이리 귀찮은지 !!
그래도 꽤 모아서 다행이나마 조금 도움이 되었으면 하네요~
정기적으로 쓰다가 또 몇주 빼먹고 나니 이제는 완전 귀찮음에 눈팅만 하고있습니다.
이제 곧 있음 개학이고 개학뒤에는 방학이고 방학 뒤에는 군대를?? 흑.....
뭐 아무튼!!ㅎ 끝까지 읽어주신분께 감사합니다 !!! 남은 여름 즐겁고 알차게 보내세요~

이번주 도와 주신 분 : 없음 !!


댓글을 달아 주세요

posted by Kwan's 2010. 7. 27. 10:23

1. 사이트 !!
한국 X 스X츠 협회 : http://www.x-sxxxts.or.kr
씨X통 : http://www.cixxxxng.com
SSO XXX : http://sso.xxx.co.kr
씨X마 XXX : http://cixxma.xxx.co.kr

2. 유포지 !!

한국 X 스X츠 협회 , 씨X통 : http://2x8.xx.58.1x5/H.asp

SSO XXX : http://1x4.2xx.87.1xx/Login.asp

씨X마 XXX : http://junxxoxanix.nexxicient.co.kr/sub_logo1.jpg
                  http://junxxoxanix.nexxicient.co.kr/aad.jpg ~> 최종파일 다운 !!
                  http://junxxoxanix.nexxicient.co.kr/aac.jpg
                  http://junxxoxanix.nexxicient.co.kr/aab.jpg

3. 기타 사이트 !!

1. http://wxxx.com

2. http://axurxxrpoxxtion.com/ccc.html

4. 최종파일 !!

H.asp : http://lxxxxllxxtion.net/mxxl/coxx/pxxup/f.exe

Login.asp : http://1x1.xx.2x8.xx/fxx/723.exe

aad.jpg : http://junxxoxanix.nexxicient.co.kr/test0.exe

index.html : http://www.vxxx.com/vie.exe ~> XOR 변형이 필요 합니다 !

ccc.html : http://axurxxrpoxxtion.com/report.exe

5. 바이러스 토탈

H.asp : http://www.virustotal.com/ko/analisis/fcbf0d507d897dc20e265fbe95724c644a4510910a69aeca7a70ffde249b5919-1280191608

Login.asp : http://www.virustotal.com/ko/analisis/5e36eb37398661286f8f727151eef253c5a7c8fa2ae48c17ddaf33d4bac0a2b0-1280191644

sub_logo1.jpg : http://www.virustotal.com/ko/analisis/a47776d166630a90ffa0a5705bd64cee84d3dd8a5023f8fd261ec995c7ef03c6-1280191678

aad.jpg : http://www.virustotal.com/ko/analisis/aee86dd58e548b6d43ca35670a4c2feb17ed5482e40e444fa93ab32509d56c87-1280191799

aac.jpg : http://www.virustotal.com/ko/analisis/431413212a9208744e7acc90561aef3613b15755f64f57c07300ca8f0e381d3f-1280191806

aab.jpg : http://www.virustotal.com/ko/analisis/2815c9c001eb7eef52e81811035bb08d8034bbeb7700ee7e44f46e8119ae2aaf-1280191811

index.html : http://www.virustotal.com/ko/analisis/273972df000bc0dfa9cd2e11e7139472bee63cc41c07685865e5624c62db441f-1280191931

ccc.html : http://www.virustotal.com/ko/analisis/a71f4600dc72ed82ea6e87646407eb4810590d98c3acc9e7d069281d33781201-1280191940

f.exe : http://www.virustotal.com/ko/analisis/4d24d4def8391f63a4a118635d7978ab1fd048dd204534144c8f5c408c4c9db5-1280191960

723.exe : http://www.virustotal.com/ko/analisis/44cb7f3df7b99bec7ffca0653841e80e57e6b17dcd4c7186d6645009faa58d05-1280192056

test0.exe : http://www.virustotal.com/ko/analisis/4458f629bc535508942343b9b667f34ca4050db90126d737de97e460b0dbde79-1280192062

vie.exe : http://www.virustotal.com/ko/analisis/b12a75ce4508cc18049b9ddf40882162c127a94e8a82944d8d18af169b0257fa-1280192079

vie.exe_Kwan : http://www.virustotal.com/ko/analisis/61a4c0edede4eea39a0145e222fb74a8d1af757ab5dc510f2c395893285cebcc-1280192262

report.exe : http://www.virustotal.com/ko/analisis/83fcb1c44627d254b8fcab19044a5857a765de798885302451f65e5a74de2b38-1280192210

6. 안철수연구소 및 이스트 소프트 진단 !

이스트 소프트 : 샘플 세부 확인중 !!

[안철수 연구소]

1. index.html ~> 분석중
2. vie.exe ~> 분석중
3. sub_logo1.jpg ~> 분석중
4. vie.exe_Kwan ~> 분석중
5. ccc.html ~> 분석중
6. H.asp V3 : JS/Downloader(추가 : 2010.07.26.02)
7. aad.jpg V3 : JS/Agent(추가 : 2010.07.26.02)
8. f.exe V3 : Win-Trojan/Onlinegamehack.109928(추가 : 2010.07.26.02)
9. test0.exe V3 : Win-Trojan/Malagent.55296(추가 : 2010.07.26.01)
10. 723.exe V3 : Win-Trojan/Pwstealer.55296.F(추가 : 2010.07.24.00)
11. Login.asp V3 : HTML/Downloader(추가 : 2010.07.24.00)
12. report.exe V3 : Win-Trojan/Downloader.148480.F(추가 : 2010.07.23.02)
13. aac.jpg V3 : JS/Exploit(추가 : 2010.07.19.00)
14. aab.jpg V3 : JS/Exploit(추가 : 2010.07.19.00)

이번주도 유포하는 곳만 찾았네요. 이제는 새로운곳이 거의 없는거 같아요 !!
이제는 또 감을 잃어버리고 있네요. 

이번주 도와주신분 : 없음

댓글을 달아 주세요

  1. virusfree 2010.07.27 10:48 신고  Addr  Edit/Del  Reply

    수고하셨습니다.^^

    • Kwan's 2010.07.27 10:51 신고  Addr  Edit/Del

      감사합니다~ㅎ 별 내용도 아닌글인데 좋게 봐주셔서 감사합니다!ㅎ 무더운데 고생이 많으시겠어요~ㅎ

posted by Kwan's 2010. 7. 19. 19:57

1. 사이트 !!

리XX타 : http://www.revxxxxxar.net
한국 X 스X츠 협회 : http://www.x-sxxxts.or.kr
씨X통 : http://www.cixxxxng.com
SSO XXX : http://sso.xxx.co.kr
씨X마 XXX : http://cixxma.xxx.co.kr

2. 유포지 !!

리XX타 : 파일이 많은 관계로 최종파일 받는곳만 씁니다 !!

http://www.cnxxxseed.xxx/templates/weentrue/root/ah1.js ~> 최종파일 다운 !!http://www.cnxxxseed.xxx/templates/weentrue/root/AHHS3.js ~> 최종파일 다운 !!http://www.cnxxxseed.xxx/templates/weentrue/root/n93.jpg ~> 최종파일 다운 !!

한국 X 스X츠 협회 , 씨X통 : http://www.kxxx.info/mm.asp

SSO XXX : http://1x4.2xx.87.1xx/Login.asp

씨X마 XXX : http://imxxxx.xxx.co.kr/editor/uploads/popup.html
                  http://imxxxx.xxx.co.kr/editor/uploads/aad.js ~> 최종파일 다운 !!
                  http://imxxxx.xxx.co.kr/editor/uploads/aac.js
                  http://imxxxx.xxx.co.kr/editor/uploads/aab.js

 3. 최종파일

ah1.js , AHHS3.js , n93.jpg :  http://www.mixxxxxx.com/cxs/kr.exe

mm.asp : http://lxxxollxxxion.net/mxxl/coxx/poxxx/f.exe

Login.asp : http://1x1.xx.2x8.x1/xxp/ad.exe

aad.js : http://jxnggoxxxxxx.nexxxcient.co.kr/test0.exe 

4. 바이러스 토탈 결과

ah1.js : http://www.virustotal.com/ko/analisis/3fc867de6d6d2e89cd5a870ca3f07570e9e10e22dfdf7cc6aa1febab5e4e75fe-1279535517

AHHS3.js : http://www.virustotal.com/ko/analisis/fa8f0e17e7e227cb79bae713dbd1665a1df3116f3ca15a9b190d9a14c16d0e8f-1279535521

n93.jpg : http://www.virustotal.com/ko/analisis/150935ca052ba838e462250fdfde8746817e82bb5e0f7339f0f8a4126d2c7740-1279535524

mm.asp : http://www.virustotal.com/ko/analisis/7917b30c7f56ccc9c194d17976d6e3ce0735e3007331401fd4bbd600622b6200-1279535697

Login.asp : http://www.virustotal.com/ko/analisis/2d2f9ce4c151f7db6627aafc18ec53dcfaa1622b9c934dbf5f4f7aeb75e33b54-1279535710

popup.html : http://www.virustotal.com/ko/analisis/90f2178be9c22ee2298ed4bbb57c6d5f6a9a1a84a9589dbd1c223cae6a58ff7d-1279535701

aad.js : http://www.virustotal.com/ko/analisis/c9477ac8c925f5417e8acc7901977cb39ce42271a55e0fd8221aed8a3c63a8ba-1279535789

aac.js : http://www.virustotal.com/ko/analisis/431413212a9208744e7acc90561aef3613b15755f64f57c07300ca8f0e381d3f-1279535795

aab.js : http://www.virustotal.com/ko/analisis/2815c9c001eb7eef52e81811035bb08d8034bbeb7700ee7e44f46e8119ae2aaf-1279535813

kr.exe : http://www.virustotal.com/ko/analisis/148ae041d940ef84b026eda6639890b5ed1ebe458c8dfb7798353ae666d71e1a-1279535905

 f.exe : http://www.virustotal.com/ko/analisis/c379db3ce819b6916c9d78711d6250368fd6a96456904e2bb904be2d8a52cfa6-1279535913

ad.exe : http://www.virustotal.com/ko/analisis/bb0478fe1cdc4a04644adf57129d40af3aecc82588652e7e06ec87c98f6fdeaa-1279535946

test0.exe : http://www.virustotal.com/ko/analisis/9891cae8f95c95ab83b9b2ade292a36ed6c6ee24c771ba256f6abb07f1bb0306-1279536063

5. 국내 신고업체 진단 !!

[이스트 소프트]

샘플 업데이트 완료 및 일부 샘플 분석중 !!

[안철수연구소]

1 AHHS3.js ~> 악성
2 xi.htm ~> V3 : JS/Agent(추가 : 2010.07.16.00)
3 a7.htm ~> V3 : JS/Agent(추가 : 2010.07.16.00)
4 xf.htm ~> V3 : JS/Agent(추가 : 2010.07.16.00)
5 nivea2.htm ~> V3 : JS/Zapchast(추가 : 2010.07.16.00)
6 nivea.htm ~> V3 : JS/Exploit(추가 : 2010.07.16.00)
7 n99.jpg ~> V3 : JS/Agent(추가 : 2010.07.16.00)
8 n97.jpg ~> V3 : JS/Agent(추가 : 2010.07.16.00)
9 n95.jpg ~> V3 : JS/Agent(추가 : 2010.07.16.00)
10 n93.jpg ~> V3 : JS/Agent(추가 : 2010.07.16.00)
11 ah1.js ~> V3 : JS/Exploit(추가 : 2010.07.16.00)
12 ah2.js ~> V3 : JS/Zapchast(추가 : 2010.07.16.00)
13 ah3.js ~> V3 : JS/Zapchast(추가 : 2010.07.16.00)
14 AHHS.js ~> V3 : JS/Agent(추가 : 2010.07.16.00)
15 AHHS2.js ~> V3 : JS/Agent(추가 : 2010.07.16.00)
16 f0.htm ~> V3 : JS/Agent(추가 : 2010.07.16.00)
17 ff.html ~> V3 : JS/Agent(추가 : 2010.07.16.00)
18 ff.js ~> V3 : JS/Agent(추가 : 2010.07.16.00)
19 ie.html ~> V3 : JS/Agent(추가 : 2010.07.16.00)
20 ie.js ~> V3 : JS/Agent(추가 : 2010.07.16.00)
21 kr.exe ~> V3 : Dropper/Muldrop.49944(추가 : 2010.07.16.00)
22 n90.jpg ~> V3 : JS/Exploit(추가 : 2010.07.16.00)
23 a6.htm ~> V3 : JS/Agent(추가 : 2010.07.07.00)
24 fice.htm ~> V3 : JS/Agent(추가 : 2010.07.07.00)
25 ah0.js ~> V3 : JS/Exploit(추가 : 2010.07.06.02)
26 ecfl.htm ~> 정상
27 top.html ~> 정상
28 max.gif ~> 정상
29 swfobject.js ~> 정상
30 snow.htm ~> 정상
31 ad.exe ~> 분석중
32 test0.exe ~> V3 : Win-Trojan/Injection.5748(추가 : 2010.07.19.01)
33 aad.js ~> V3 : JS/Exploit(추가 : 2010.07.19.00)
34 Login.asp ~> V3 : JS/Exploit(추가 : 2010.07.19.00)
35 mm.asp ~> V3 : JS/Exploit(추가 : 2010.07.19.00)
36 popup.html ~> V3 : JS/Exploit(추가 : 2010.07.19.00)
37 aac.js ~> V3 : JS/Exploit(추가 : 2010.07.19.00)
38 aab.js ~> V3 : JS/Exploit(추가 : 2010.07.19.00)
39 f.exe ~> V3 : Win-Trojan/Onlinegamehack.109247(추가 : 2010.07.19.00)

기타 사항 : aad.js , aac.js 는 안랩만 현재 진단중 !!

오늘이 벌써 초복이네요 !! 다들 닭은 뜯으셨는지요??ㅋ 전 아침에 삼계탕에 한그릇을 뚝딱했습니다!
이번주에는 5곳 밖에 발견을 하지 못했네요. 이제는 점점 또 줄어들고 있는거 같습니다.
뭐 아무튼 무더위에 카페여러분 모두 조심하시고 즐거운 하루 보내세요!!
추후 진단 사항은 댓글을 참조 해주세요 !!

댓글을 달아 주세요

posted by Kwan's 2010. 7. 5. 13:20

1. 사이트

씨x통 : http://www.cxxxtong.com

Z-xxack : http://www.zxxxck.org

프x시안 , 롤x볼 外 5곳 : http://www.prxxxxan.com 

주xx 닷컴 : http://xuxunxx.joins.com

2. 유포지

씨x통 : http://dXXXbucapXXal.co.kr/css/mm.asp ~> 유포 호스트 !!
          http://dXXXbucapXXal.co.kr/css/index.htm ~> 최종파일 다운 !!
          http://dXXXbucapXXal.co.kr/css/fop.htm ~> SWF 로 연결 !!
          http://dXXXbucapXXal.co.kr/css/poc.swf
          http://dXXXbucapXXal.co.kr/css/top.txt ~> 최종파일 다운 !!

 

Z-xxxxk : http://www.zXXXXk.org/birdman/CXE-2010-1297/ankey.html ~> SWF 로 연결 !! 및 최종파일 다운 !!
              http://www.zXXXXk.org/birdman/CXE-2010-1297/anhey.swf

 

프x시안 , 롤x볼 外 5곳 : http://22XXX.com/XX/y.js ~> 유포 호스트 !!
                                  http://22XXX.com/XX/ad.html
                                  http://22XXX.com/XX/ie.html
                                  http://22XXX.com/XX/a.gif ~> 최종파일 다운 !!
                                  http://22XXX.com/XX/XIGUA.GIF

 

주xx 닷컴 : http://junXXoXXnia.nefficient.co.kr/2.js
                http://XXXX.geXXir.com/XXXX_inc/Quiz_news.asp

 

3. 기타 사항

http://junXXoXXnia.neXXicient.co.kr/cookie.js

4. 최종 파일 !!

index.htm , top.txt : http://xx.74.xx6.x4/axxxn/H.exe

ankey.html : http://2xxx.in/log.exe

a.gif : http://22XXX.com/XX/s.exe

Quiz_news.asp , cookie.js : http://junXXoXXnia.neXXicient.co.kr/test0.exe

5. 바이러스 토탈

mm.asp : http://www.virustotal.com/ko/analisis/617063be17a4e3a98ed498e263e20631d73e58f5297f533f2a837ed9ae8805e0-1278299215 

index.htm : http://www.virustotal.com/ko/analisis/e7ecd7c13e7e16d88db64eff66d741ecef0b6042b1c0d9a1040addfe8a233561-1278299220

fop.htm : http://www.virustotal.com/ko/analisis/400d0f573100c9e24d84be4242920651f8b096d7fb40b814e9618f2a7a9a3799-1278299227 

poc.swf : http://www.virustotal.com/ko/analisis/7beb540f2e4eba936423f864df729bf6743057e78d9c6db0028de48c1b96accf-1278299248

top.txt : http://www.virustotal.com/ko/analisis/d47b751351eb72e7ac6468382705065ae7f24710dbf3daf5e2f127282210a179-1278299488

ankey.html : http://www.virustotal.com/ko/analisis/7d0ff099a5b7781064638a1a8f569736ddd8b6f20c17b90055e1bd79f83dcb1c-1278299511

anhey.swf : http://www.virustotal.com/ko/analisis/725f0cc85e34151e7e6af81a4f221b47a6825944cbaf68a4b5daf4023e5143e4-1278299518

y.js : http://www.virustotal.com/ko/analisis/e4d46c8276469b7706a2a6282a12d29a9cd6e348dcf313cb930148bd0c7ec65c-1278299624

ad.html : http://www.virustotal.com/ko/analisis/11194104c1dfdfd0d3a3297e8a7445288fcf97b1579b58d2cd7df84747c7a139-1278299631

a.gif : http://www.virustotal.com/ko/analisis/89bc7d0e3b8de3aeb755e6c3819251c6875c35146c885ab5470d6eebaeb69385-1278299651

Quiz_news.asp :  http://www.virustotal.com/ko/analisis/950bf1a4c7f7135a2dd78a58b5ac786dad9e09ff0b7b478a6da0f6a9f2e039ca-1278299818

H.exe : http://www.virustotal.com/ko/analisis/d22218c9b579f11e8061dea85986ee0b7d9d84e059ee098bb423bfc284d19555-1278299976

s.exe : http://www.virustotal.com/ko/analisis/dd2c070bda1d1df3ebb6dd4b7f37c212c2b643b521d09fc295f3a71442860f7b-1278300039

test0.exe : http://www.virustotal.com/ko/analisis/ae24b900a8a67799a5878cbb793d7f9ade0141fc67fa1dde0c6d492ac2608e7e-1278300045

[이스트 소프트]

모든 샘플 업데이트 완료 !!

[안철수연구소]

1. y.js ~> 분석중
2. top.txt ~> 분석중
3. ankey.html ~> 분석중
4. poc.swf ~> 분석중
5. index.htm ~> 분석중
6. ad.html ~> V3 : JS/CVE-2010-0249
7. s.exe ~> V3 : Dropper/Malware.6144.H(추가 : 2010.07.05.00)
8. Quiz_news.asp ~> V3 : JS/Agent(추가 : 2010.07.01.04)
9. test0.exe ~> V3 : Win-Trojan/Injector.55296.J(추가 : 2010.07.01.04)
10. a.gif ~> V3 : JS/Exploit-shellcode(추가 : 2010.07.01.04)
11. mm.asp ~> V3 : JS/Exploit-cve(추가 : 2010.06.24.05)
12. fop.htm ~> V3 : JS/Agent(추가 : 2010.06.24.05)
13. H.exe ~> V3 : Win-Trojan/Downloader.108399(추가 : 2010.06.21.02)
14. anhey.swf ~> V3 : Win-Trojan/Swf-exploit(추가 : 2010.06.14.02)

* 추후 샘플진단사항은 댓글로 달겠습니다 !!

이번주는 놀러갔다오는 바람에 별로 찾은게 없네요!!ㅠ
조금씩 부족해 지고 있지만 이해해 주세요!
날씨도 매우 더운데 더위 조심하시고 이번주도 즐거운 하루 보내세요!

이번주 도와 주신분 : JK님 바이쭌님 처리님 네오님 감사합니다 !!

댓글을 달아 주세요

posted by Kwan's 2010. 5. 17. 12:26

1. 사이트

한국 E 스포츠 협회 : http://www.xrogamer.or.kr 
대명 리조트 : http://www.xaemyungresort.com/asp/main.asp0
프루나 : http://www.xruna.com
프루나 서치 : http://vxd.xruna.com/search/search_list3.asp0
CJ 엔터테인먼트 : http://www.xjent.co.kr
SSO KBS : http://sso.xbs.co.kr
시네마 Kbs : http://xnema.kbs.co.kr
씨네통 : http://www.xnetong.com
게임타임 : http://www.xametime.co.kr/main.asp
 
2. 유포 사이트

1. 한국 E 스포츠 협회
http://61.100.9.219/club/xod.asp  ~> 서버 살아있음!
http://61.100.7.171/css/xib.asp ~> 서버 죽음!
http://97.xx.8x.1x8/xM.asp ~> 서버 살아있음!

2. 대명 리조트
http://61.100.9.219/club/xod.asp ~> 서버 살아있음!

3. 프루나
http://61.100.9.219/club/xod.asp  ~> 서버 살아있음!

4.프루나 서치
http://vxd.xruna.com/search/xearch_list3.asp ~> 서버 살아있음!

5. CJ 엔터테인먼트
http://61.100.7.171/css/xib.asp ~> 서버 죽음!
http://ac.gemmir.com/t/xime.asp ~> 서버 죽음!

6. SSO KBS
http://202.133.245.100/xxam.asp ~> 서버 살아있음!

7. 시네마 Kbs
http://220.95.233.16/ads/xime.asp ~> 서버 죽음!

8. 씨네통
http://97.74.87.198/xM.asp ~> 서버 살아있음!
http://www.kpma.or.kr/css/MG.asp0 ~> 서버 살아있음!

9. 게임타임

http://adsys.gametime.co.kr/include/topbenner_s2.asp ~> 서버 살아있음!
http://koreachangup.chosun.com/css/ads.asp ~> 서버 살아있음!

최종파일 :

god.asp , lib.asp : http://x1.100.1.93/css/isa.exe ~> 서버 살아있음!

time.asp : http://www.xobot114.com/cafe/help/box.exe ~> 서버 살아있음!

GM.asp , MG.asp : http://x1.100.1.93/admin/G.exe ~> 서버 살아있음!

sxxxxh_xxx3.asp : http://xile.ygfamily.com/php/i./c.exe ~> 서버 살아있음!

exam.asp : http://xwww.erounmall.com/cache/tmp/514.exe ~> 서버 살아있음!
 
ads.asp : http://xoreachangup.chosun.com/1.exe ~> 서버 살아있음! (XOR 변형 필요)

[바이러스 토탈]

검사 파일: god.asp 전송 시각: 2010.05.17 01:17:28 (UTC)
안티바이러스 엔진 버전 정의 날짜 검사 결과
a-squared 4.5.0.50 2010.05.10 Virus.JS.Downloader.QJ!IK
AhnLab-V3 2010.05.16.00 2010.05.15 JS/Downloader
AntiVir 8.2.1.242 2010.05.16 JS/Drop.A.5851
Antiy-AVL 2.0.3.7 2010.05.14 -
Authentium 5.2.0.5 2010.05.16 -
Avast 4.8.1351.0 2010.05.16 JS:Downloader-QJ
Avast5 5.0.332.0 2010.05.16 JS:Downloader-QJ
AVG 9.0.0.787 2010.05.16 Script/Exploit
BitDefender 7.2 2010.05.17 Trojan.Script.407264
CAT-QuickHeal 10.00 2010.05.15 -
ClamAV 0.96.0.3-git 2010.05.16 -
Comodo 4859 2010.05.16 -
DrWeb 5.0.2.03300 2010.05.17 -
eSafe 7.0.17.0 2010.05.16 -
eTrust-Vet 35.2.7490 2010.05.15 -
F-Prot 4.5.1.85 2010.05.16 JS/Crypted.GA.gen
F-Secure 9.0.15370.0 2010.05.17 Trojan.Script.407264
Fortinet 4.1.133.0 2010.05.16 -
GData 21 2010.05.17 Trojan.Script.407264
Ikarus T3.1.1.84.0 2010.05.17 Virus.JS.Downloader.QJ
Jiangmin 13.0.900 2010.05.16 -
Kaspersky 7.0.0.125 2010.05.17 Trojan-Downloader.JS.Agent.fhk
McAfee 5.400.0.1158 2010.05.17 -
McAfee-GW-Edition 2010.1 2010.05.16 Heuristic.BehavesLike.JS.Exploit.A
Microsoft 1.5703 2010.05.17 -
NOD32 5119 2010.05.17 -
Norman 6.04.12 2010.05.16 -
nProtect 2010-05-16.01 2010.05.16 Trojan.Script.407264
Panda 10.0.2.7 2010.05.16 -
PCTools 7.0.3.5 2010.05.17 -
Prevx 3.0 2010.05.17 -
Rising 22.47.06.04 2010.05.16 Trojan.DL.Script.JS.Agent.qx
Sophos 4.53.0 2010.05.17 JS/Agent-MZX
Sunbelt 6311 2010.05.17 -
Symantec 20101.1.0.89 2010.05.17 -
TheHacker 6.5.2.0.280 2010.05.14 -
TrendMicro 9.120.0.1004 2010.05.16 -
TrendMicro-HouseCall 9.120.0.1004 2010.05.17 -
VBA32 3.12.12.5 2010.05.14 -
ViRobot 2010.5.15.2318 2010.05.16 JS.S.Agent.5851
VirusBuster 5.0.27.0 2010.05.16 -
 
추가 정보
File size: 5851 bytes
MD5...: 51e7b5fe2fa7ef45de3b3671ba91b011
SHA1..: e6e7dd63b6de5b8b24c5a91d001d23a01de8186b
SHA256: 1d373a0cd0b239795370655695fb7db3138ab1aa1a4cb4df676f72150d82a7b9
검사 파일: GM.asp 전송 시각: 2010.05.17 01:17:38 (UTC)
안티바이러스 엔진 버전 정의 날짜 검사 결과
a-squared 4.5.0.50 2010.05.10 -
AhnLab-V3 2010.05.16.00 2010.05.15 -
AntiVir 8.2.1.242 2010.05.16 -
Antiy-AVL 2.0.3.7 2010.05.14 -
Authentium 5.2.0.5 2010.05.16 -
Avast 4.8.1351.0 2010.05.16 JS:Downloader-RN
Avast5 5.0.332.0 2010.05.16 JS:Downloader-RN
AVG 9.0.0.787 2010.05.16 Script/Exploit
BitDefender 7.2 2010.05.17 -
CAT-QuickHeal 10.00 2010.05.15 -
ClamAV 0.96.0.3-git 2010.05.16 -
Comodo 4859 2010.05.16 -
DrWeb 5.0.2.03300 2010.05.17 -
eSafe 7.0.17.0 2010.05.16 -
eTrust-Vet 35.2.7490 2010.05.15 -
F-Prot 4.5.1.85 2010.05.16 JS/Crypted.GA.gen
F-Secure 9.0.15370.0 2010.05.17 -
Fortinet 4.1.133.0 2010.05.16 -
GData 21 2010.05.17 JS:Downloader-RN
Ikarus T3.1.1.84.0 2010.05.17 -
Jiangmin 13.0.900 2010.05.16 -
Kaspersky 7.0.0.125 2010.05.17 -
McAfee 5.400.0.1158 2010.05.17 -
McAfee-GW-Edition 2010.1 2010.05.16 Heuristic.BehavesLike.JS.Exploit.A
Microsoft 1.5703 2010.05.17 -
NOD32 5119 2010.05.17 -
Norman 6.04.12 2010.05.16 -
nProtect 2010-05-16.01 2010.05.16 -
Panda 10.0.2.7 2010.05.16 -
PCTools 7.0.3.5 2010.05.17 -
Prevx 3.0 2010.05.17 -
Rising 22.47.06.04 2010.05.16 Trojan.DL.Script.JS.Agent.qx
Sophos 4.53.0 2010.05.17 -
Sunbelt 6311 2010.05.17 -
Symantec 20101.1.0.89 2010.05.17 -
TheHacker 6.5.2.0.280 2010.05.14 -
TrendMicro 9.120.0.1004 2010.05.16 -
TrendMicro-HouseCall 9.120.0.1004 2010.05.17 -
VBA32 3.12.12.5 2010.05.14 -
ViRobot 2010.5.15.2318 2010.05.16 -
VirusBuster 5.0.27.0 2010.05.16 -
 
추가 정보
File size: 5989 bytes
MD5...: 51c8357eff5e42b3143bd7c98e6ebc1e
SHA1..: 7627baf4a5e8e92dd6b20c4692402e79977d510f
SHA256: 2ec43de2fb19f5233450115aa3b75a394735599e8bd370f390f663a58696e88d
검사 파일: god.asp 전송 시각: 2010.05.17 01:17:46 (UTC)
안티바이러스 엔진 버전 정의 날짜 검사 결과
a-squared 4.5.0.50 2010.05.10 Virus.JS.Downloader.QJ!IK
AhnLab-V3 2010.05.16.00 2010.05.15 JS/Downloader
AntiVir 8.2.1.242 2010.05.16 JS/Drop.A.5851
Antiy-AVL 2.0.3.7 2010.05.14 -
Authentium 5.2.0.5 2010.05.16 -
Avast 4.8.1351.0 2010.05.16 JS:Downloader-QJ
Avast5 5.0.332.0 2010.05.16 JS:Downloader-QJ
AVG 9.0.0.787 2010.05.16 Script/Exploit
BitDefender 7.2 2010.05.17 Trojan.Script.407264
CAT-QuickHeal 10.00 2010.05.15 -
ClamAV 0.96.0.3-git 2010.05.16 -
Comodo 4859 2010.05.16 -
DrWeb 5.0.2.03300 2010.05.17 -
eSafe 7.0.17.0 2010.05.16 -
eTrust-Vet 35.2.7490 2010.05.15 -
F-Prot 4.5.1.85 2010.05.16 JS/Crypted.GA.gen
F-Secure 9.0.15370.0 2010.05.17 Trojan.Script.407264
Fortinet 4.1.133.0 2010.05.16 -
GData 21 2010.05.17 Trojan.Script.407264
Ikarus T3.1.1.84.0 2010.05.17 Virus.JS.Downloader.QJ
Jiangmin 13.0.900 2010.05.16 -
Kaspersky 7.0.0.125 2010.05.17 Trojan-Downloader.JS.Agent.fhk
McAfee 5.400.0.1158 2010.05.17 -
McAfee-GW-Edition 2010.1 2010.05.16 Heuristic.BehavesLike.JS.Exploit.A
Microsoft 1.5703 2010.05.17 -
NOD32 5119 2010.05.17 -
Norman 6.04.12 2010.05.16 -
nProtect 2010-05-16.01 2010.05.16 Trojan.Script.407264
Panda 10.0.2.7 2010.05.16 -
PCTools 7.0.3.5 2010.05.17 -
Rising 22.47.06.04 2010.05.16 Trojan.DL.Script.JS.Agent.qx
Sophos 4.53.0 2010.05.17 JS/Agent-MZX
Sunbelt 6311 2010.05.17 -
Symantec 20101.1.0.89 2010.05.17 -
TheHacker 6.5.2.0.280 2010.05.14 -
TrendMicro 9.120.0.1004 2010.05.16 -
TrendMicro-HouseCall 9.120.0.1004 2010.05.17 -
VBA32 3.12.12.5 2010.05.14 -
ViRobot 2010.5.15.2318 2010.05.16 JS.S.Agent.5851
VirusBuster 5.0.27.0 2010.05.16 -
 
추가 정보
File size: 5851 bytes
MD5...: 51e7b5fe2fa7ef45de3b3671ba91b011
SHA1..: e6e7dd63b6de5b8b24c5a91d001d23a01de8186b
SHA256: 1d373a0cd0b239795370655695fb7db3138ab1aa1a4cb4df676f72150d82a7b9
검사 파일: sxxxxh_xxx3.asp 전송 시각: 2010.05.17 01:21:27 (UTC)
안티바이러스 엔진 버전 정의 날짜 검사 결과
a-squared 4.5.0.50 2010.05.10 -
AhnLab-V3 2010.05.16.00 2010.05.15 JS/Downloader
AntiVir 8.2.1.242 2010.05.16 JS/Drop.A.5851
Antiy-AVL 2.0.3.7 2010.05.14 Trojan/JS.Agent
Authentium 5.2.0.5 2010.05.16 -
Avast 4.8.1351.0 2010.05.16 JS:Downloader-QJ
Avast5 5.0.332.0 2010.05.16 JS:Downloader-QJ
AVG 9.0.0.787 2010.05.16 Script/Exploit
BitDefender 7.2 2010.05.17 -
CAT-QuickHeal 10.00 2010.05.15 -
ClamAV 0.96.0.3-git 2010.05.16 -
Comodo 4859 2010.05.16 -
DrWeb 5.0.2.03300 2010.05.17 -
eSafe 7.0.17.0 2010.05.16 -
eTrust-Vet 35.2.7490 2010.05.15 -
F-Prot 4.5.1.85 2010.05.16 JS/Crypted.GA.gen
F-Secure 9.0.15370.0 2010.05.17 -
Fortinet 4.1.133.0 2010.05.16 -
GData 21 2010.05.17 JS:Downloader-QJ
Ikarus T3.1.1.84.0 2010.05.17 Trojan-Downloader.JS.Agent
Jiangmin 13.0.900 2010.05.16 -
Kaspersky 7.0.0.125 2010.05.17 Trojan-Downloader.JS.Agent.fhk
McAfee 5.400.0.1158 2010.05.17 -
McAfee-GW-Edition 2010.1 2010.05.16 Heuristic.BehavesLike.JS.Exploit.A
Microsoft 1.5703 2010.05.17 -
NOD32 5119 2010.05.17 -
Norman 6.04.12 2010.05.16 -
nProtect 2010-05-16.01 2010.05.16 -
Panda 10.0.2.7 2010.05.16 -
PCTools 7.0.3.5 2010.05.17 -
Prevx 3.0 2010.05.17 -
Rising 22.47.06.04 2010.05.16 Trojan.DL.Script.JS.Agent.qx
Sophos 4.53.0 2010.05.17 -
Sunbelt 6311 2010.05.17 -
Symantec 20101.1.0.89 2010.05.17 -
TheHacker 6.5.2.0.280 2010.05.14 -
TrendMicro 9.120.0.1004 2010.05.16 -
TrendMicro-HouseCall 9.120.0.1004 2010.05.17 -
VBA32 3.12.12.5 2010.05.14 -
ViRobot 2010.5.15.2318 2010.05.16 -
VirusBuster 5.0.27.0 2010.05.16 -
 
추가 정보
File size: 5777 bytes
MD5...: a485b05d5035a168bb7fc3fd38220500
SHA1..: 3685084e053db302445caae2bfd63762ebf3b97b
SHA256: 58c9bbeb8f83242d054b71c3863fe87aba222142409d3b6f5f19e3705ca67bc4
검사 파일: time.asp 전송 시각: 2010.05.17 01:21:37 (UTC)
안티바이러스 엔진 버전 정의 날짜 검사 결과
a-squared 4.5.0.50 2010.05.10 -
AhnLab-V3 2010.05.16.00 2010.05.15 JS/Agent
AntiVir 8.2.1.242 2010.05.16 JS/Agent.fhj.5915
Antiy-AVL 2.0.3.7 2010.05.14 -
Authentium 5.2.0.5 2010.05.16 -
Avast 4.8.1351.0 2010.05.16 JS:Downloader-QJ
Avast5 5.0.332.0 2010.05.16 JS:Downloader-QJ
AVG 9.0.0.787 2010.05.16 Script/Exploit
BitDefender 7.2 2010.05.17 -
CAT-QuickHeal 10.00 2010.05.15 -
ClamAV 0.96.0.3-git 2010.05.16 -
Comodo 4859 2010.05.16 -
DrWeb 5.0.2.03300 2010.05.17 -
eSafe 7.0.17.0 2010.05.16 -
eTrust-Vet 35.2.7490 2010.05.15 -
F-Prot 4.5.1.85 2010.05.16 JS/Crypted.GA.gen
F-Secure 9.0.15370.0 2010.05.17 -
Fortinet 4.1.133.0 2010.05.16 -
GData 21 2010.05.17 JS:Downloader-QJ
Ikarus T3.1.1.84.0 2010.05.17 -
Jiangmin 13.0.900 2010.05.16 -
Kaspersky 7.0.0.125 2010.05.17 Trojan-Downloader.JS.Agent.fhj
McAfee 5.400.0.1158 2010.05.17 -
McAfee-GW-Edition 2010.1 2010.05.16 Heuristic.BehavesLike.JS.Exploit.A
Microsoft 1.5703 2010.05.17 -
NOD32 5119 2010.05.17 -
Norman 6.04.12 2010.05.16 -
nProtect 2010-05-16.01 2010.05.16 -
Panda 10.0.2.7 2010.05.16 -
PCTools 7.0.3.5 2010.05.17 -
Prevx 3.0 2010.05.17 -
Rising 22.47.06.04 2010.05.16 Trojan.DL.Script.JS.Agent.qx
Sophos 4.53.0 2010.05.17 JS/Agent-MZX
Sunbelt 6311 2010.05.17 -
Symantec 20101.1.0.89 2010.05.17 -
TheHacker 6.5.2.0.280 2010.05.14 -
TrendMicro 9.120.0.1004 2010.05.16 -
TrendMicro-HouseCall 9.120.0.1004 2010.05.17 -
VBA32 3.12.12.5 2010.05.14 -
ViRobot 2010.5.15.2318 2010.05.16 JS.S.Agent.5915
VirusBuster 5.0.27.0 2010.05.16 -
 
추가 정보
File size: 5915 bytes
MD5...: e3b64d8ce979fa63217059b0282133cd
SHA1..: 39b332155b7afd4a7e28ccac991550623d2244c0
SHA256: 0c8a3166567a7596f795790209d661e78ab2ac669d6b34bdaf906ba1e35ea399
검사 파일: exam.asp 전송 시각: 2010.05.17 01:22:03 (UTC)
안티바이러스 엔진 버전 정의 날짜 검사 결과
a-squared 4.5.0.50 2010.05.10 -
AhnLab-V3 2010.05.16.00 2010.05.15 -
AntiVir 8.2.1.242 2010.05.16 -
Antiy-AVL 2.0.3.7 2010.05.14 -
Authentium 5.2.0.5 2010.05.16 -
Avast 4.8.1351.0 2010.05.16 JS:Downloader-QJ
Avast5 5.0.332.0 2010.05.16 JS:Downloader-QJ
AVG 9.0.0.787 2010.05.16 Script/Exploit
BitDefender 7.2 2010.05.17 -
CAT-QuickHeal 10.00 2010.05.15 -
ClamAV 0.96.0.3-git 2010.05.16 -
Comodo 4859 2010.05.16 -
DrWeb 5.0.2.03300 2010.05.17 -
eSafe 7.0.17.0 2010.05.16 -
eTrust-Vet 35.2.7490 2010.05.15 -
F-Prot 4.5.1.85 2010.05.16 JS/Crypted.GA.gen
F-Secure 9.0.15370.0 2010.05.17 -
Fortinet 4.1.133.0 2010.05.16 -
GData 21 2010.05.17 JS:Downloader-QJ
Ikarus T3.1.1.84.0 2010.05.17 -
Jiangmin 13.0.900 2010.05.16 -
Kaspersky 7.0.0.125 2010.05.17 -
McAfee 5.400.0.1158 2010.05.17 -
McAfee-GW-Edition 2010.1 2010.05.16 Heuristic.BehavesLike.JS.Exploit.A
Microsoft 1.5703 2010.05.17 -
NOD32 5119 2010.05.17 -
Norman 6.04.12 2010.05.16 -
nProtect 2010-05-16.01 2010.05.16 -
Panda 10.0.2.7 2010.05.16 -
PCTools 7.0.3.5 2010.05.17 -
Rising 22.47.06.04 2010.05.16 Trojan.DL.Script.JS.Agent.qx
Sophos 4.53.0 2010.05.17 -
Sunbelt 6311 2010.05.17 -
Symantec 20101.1.0.89 2010.05.17 -
TheHacker 6.5.2.0.280 2010.05.14 -
TrendMicro 9.120.0.1004 2010.05.16 -
TrendMicro-HouseCall 9.120.0.1004 2010.05.17 -
VBA32 3.12.12.5 2010.05.14 -
ViRobot 2010.5.15.2318 2010.05.16 -
VirusBuster 5.0.27.0 2010.05.16 -
 
추가 정보
File size: 5902 bytes
MD5...: 8ec3cab47c3e8d7268c24c6f38badb0d
SHA1..: 183e038cac1869814347d31235b804a42d99de0b
SHA256: fe879654e5f88fbedf9d0379dc3860f94b9bdc1e1e9ffd11ed7d7ec3373a2bd1
검사 파일: MG.asp 전송 시각: 2010.05.17 01:25:30 (UTC)
안티바이러스 엔진 버전 정의 날짜 검사 결과
a-squared 4.5.0.50 2010.05.10 -
AhnLab-V3 2010.05.16.00 2010.05.15 -
AntiVir 8.2.1.242 2010.05.16 HTML/Crypted.Gen
Antiy-AVL 2.0.3.7 2010.05.14 -
Authentium 5.2.0.5 2010.05.16 -
Avast 4.8.1351.0 2010.05.16 JS:Downloader-RN
Avast5 5.0.332.0 2010.05.16 JS:Downloader-RN
AVG 9.0.0.787 2010.05.16 Script/Exploit
BitDefender 7.2 2010.05.17 -
CAT-QuickHeal 10.00 2010.05.15 -
ClamAV 0.96.0.3-git 2010.05.16 -
Comodo 4859 2010.05.16 -
DrWeb 5.0.2.03300 2010.05.17 -
eSafe 7.0.17.0 2010.05.16 -
eTrust-Vet 35.2.7490 2010.05.15 -
F-Prot 4.5.1.85 2010.05.16 JS/Crypted.GA.gen
F-Secure 9.0.15370.0 2010.05.17 -
Fortinet 4.1.133.0 2010.05.16 -
GData 21 2010.05.17 JS:Downloader-RN
Ikarus T3.1.1.84.0 2010.05.17 -
Jiangmin 13.0.900 2010.05.16 -
Kaspersky 7.0.0.125 2010.05.17 -
McAfee 5.400.0.1158 2010.05.17 -
McAfee-GW-Edition 2010.1 2010.05.16 Heuristic.BehavesLike.JS.Exploit.A
Microsoft 1.5703 2010.05.17 -
NOD32 5119 2010.05.17 -
Norman 6.04.12 2010.05.16 -
nProtect 2010-05-16.01 2010.05.16 -
Panda 10.0.2.7 2010.05.16 -
PCTools 7.0.3.5 2010.05.17 -
Prevx 3.0 2010.05.17 -
Rising 22.47.06.04 2010.05.16 Trojan.DL.Script.JS.Agent.qx
Sophos 4.53.0 2010.05.17 -
Sunbelt 6311 2010.05.17 -
Symantec 20101.1.0.89 2010.05.17 -
TheHacker 6.5.2.0.280 2010.05.14 -
TrendMicro 9.120.0.1004 2010.05.16 -
TrendMicro-HouseCall 9.120.0.1004 2010.05.17 -
VBA32 3.12.12.5 2010.05.14 -
ViRobot 2010.5.15.2318 2010.05.16 -
VirusBuster 5.0.27.0 2010.05.16 -
 
추가 정보
File size: 5869 bytes
MD5...: fe08120c7b461c030a8921173eecb022
SHA1..: fa2d931502a0a67e30564c7124053784f9566fc6
SHA256: 5dd43a0b8584668a66861b6e3c89ddf3c12a6d3f8f1d6796921e5c332abe7ee4
검사 파일: ads.asp 전송 시각: 2010.05.17 01:25:24 (UTC)
안티바이러스 엔진 버전 정의 날짜 검사 결과
a-squared 4.5.0.50 2010.05.10 -
AhnLab-V3 2010.05.16.00 2010.05.15 -
AntiVir 8.2.1.242 2010.05.16 JS/Redirector.5946
Antiy-AVL 2.0.3.7 2010.05.14 -
Authentium 5.2.0.5 2010.05.16 -
Avast 4.8.1351.0 2010.05.16 JS:CVE-2010-0806-AF
Avast5 5.0.332.0 2010.05.16 JS:CVE-2010-0806-AF
AVG 9.0.0.787 2010.05.16 -
BitDefender 7.2 2010.05.17 -
CAT-QuickHeal 10.00 2010.05.15 -
ClamAV 0.96.0.3-git 2010.05.16 JS.Exploit-3
Comodo 4859 2010.05.16 -
DrWeb 5.0.2.03300 2010.05.17 -
eSafe 7.0.17.0 2010.05.16 -
eTrust-Vet 35.2.7490 2010.05.15 -
F-Prot 4.5.1.85 2010.05.16 -
F-Secure 9.0.15370.0 2010.05.17 -
Fortinet 4.1.133.0 2010.05.16 -
GData 21 2010.05.17 JS:CVE-2010-0806-AF
Ikarus T3.1.1.84.0 2010.05.17 -
Jiangmin 13.0.900 2010.05.16 -
Kaspersky 7.0.0.125 2010.05.17 Trojan.JS.Agent.blf
McAfee 5.400.0.1158 2010.05.17 -
McAfee-GW-Edition 2010.1 2010.05.16 Heuristic.BehavesLike.JS.BufferOverflow.D
Microsoft 1.5703 2010.05.17 -
NOD32 5119 2010.05.17 -
Norman 6.04.12 2010.05.16 JS/Exploit.DR
nProtect 2010-05-16.01 2010.05.16 -
Panda 10.0.2.7 2010.05.16 -
PCTools 7.0.3.5 2010.05.17 -
Prevx 3.0 2010.05.17 -
Rising 22.47.06.04 2010.05.16 -
Sophos 4.53.0 2010.05.17 -
Sunbelt 6311 2010.05.17 -
Symantec 20101.1.0.89 2010.05.17 -
TheHacker 6.5.2.0.280 2010.05.14 -
TrendMicro 9.120.0.1004 2010.05.16 -
TrendMicro-HouseCall 9.120.0.1004 2010.05.17 -
VBA32 3.12.12.5 2010.05.14 -
ViRobot 2010.5.15.2318 2010.05.16 -
VirusBuster 5.0.27.0 2010.05.16 -
 
추가 정보
File size: 5954 bytes
MD5...: edadff7a5a455341a877f142d8e95474
SHA1..: 1d004d5eb69bf04d39273fd4e4412e7075f612cf
SHA256: 59424da373e7496ded9b6237ba25eb6165557e950c5b7d5ee0dbba9616ef7cf9
검사 파일: isa.exe 전송 시각: 2010.05.17 01:27:47 (UTC)
안티바이러스 엔진 버전 정의 날짜 검사 결과
a-squared 4.5.0.50 2010.05.10 Trojan.Peed!IK
AhnLab-V3 2010.05.16.00 2010.05.15 Malware/Win32.Heur.h4
AntiVir 8.2.1.242 2010.05.16 TR/Crypt.ZPACK.Gen
Antiy-AVL 2.0.3.7 2010.05.14 -
Authentium 5.2.0.5 2010.05.16 -
Avast 4.8.1351.0 2010.05.16 Win32:Malware-gen
Avast5 5.0.332.0 2010.05.16 Win32:Malware-gen
AVG 9.0.0.787 2010.05.16 Generic17.CAMN
BitDefender 7.2 2010.05.17 Trojan.Peed.Gen
CAT-QuickHeal 10.00 2010.05.15 (Suspicious) - DNAScan
ClamAV 0.96.0.3-git 2010.05.16 -
Comodo 4859 2010.05.16 -
DrWeb 5.0.2.03300 2010.05.17 -
eSafe 7.0.17.0 2010.05.16 -
eTrust-Vet 35.2.7490 2010.05.15 -
F-Prot 4.5.1.85 2010.05.16 -
F-Secure 9.0.15370.0 2010.05.17 Trojan.Peed.Gen
Fortinet 4.1.133.0 2010.05.16 -
GData 21 2010.05.17 Trojan.Peed.Gen
Ikarus T3.1.1.84.0 2010.05.17 Win32.SuspectCrc
Jiangmin 13.0.900 2010.05.16 -
Kaspersky 7.0.0.125 2010.05.17 Trojan.Win32.Pincav.aaci
McAfee 5.400.0.1158 2010.05.17 PWS-Mmorpg!pd
McAfee-GW-Edition 2010.1 2010.05.16 Heuristic.LooksLike.Heuristic.BehavesLike.Win32.Downloader.B
Microsoft 1.5703 2010.05.17 Trojan:Win32/Malagent
NOD32 5119 2010.05.17 a variant of Win32/Kryptik.DXI
Norman 6.04.12 2010.05.16 -
nProtect 2010-05-16.01 2010.05.16 Trojan.Peed.Gen
Panda 10.0.2.7 2010.05.16 Trj/CI.A
PCTools 7.0.3.5 2010.05.17 -
Rising 22.47.06.04 2010.05.16 Packer.Win32.UnkPacker.b
Sophos 4.53.0 2010.05.17 Sus/UnkPack-C
Sunbelt 6311 2010.05.17 Trojan.Win32.Generic!BT
Symantec 20101.1.0.89 2010.05.17 -
TheHacker 6.5.2.0.280 2010.05.14 -
TrendMicro 9.120.0.1004 2010.05.16 PAK_Generic.001
TrendMicro-HouseCall 9.120.0.1004 2010.05.17 -
VBA32 3.12.12.5 2010.05.14 Malware-Dropper.Win32.Inject.gen
ViRobot 2010.5.15.2318 2010.05.16 -
VirusBuster 5.0.27.0 2010.05.16 -
 
추가 정보
File size: 53248 bytes
MD5...: fd71b8a61f60869bd7ed144a685d8f0c
SHA1..: 5c8245ef4222b4d6b89327ac6c03103e83ea4d96
SHA256: 935ad48441eeedcf7e25289b25e1414e9854593ae88c7fe099f22f8b25172a01
검사 파일: box.exe 전송 시각: 2010.05.17 01:27:57 (UTC)
안티바이러스 엔진 버전 정의 날짜 검사 결과
a-squared 4.5.0.50 2010.05.10 Trojan.Peed!IK
AhnLab-V3 2010.05.16.00 2010.05.15 Malware/Win32.Heur.h4
AntiVir 8.2.1.242 2010.05.16 TR/Crypt.ZPACK.Gen
Antiy-AVL 2.0.3.7 2010.05.14 -
Authentium 5.2.0.5 2010.05.16 -
Avast 4.8.1351.0 2010.05.16 Win32:Malware-gen
Avast5 5.0.332.0 2010.05.16 Win32:Malware-gen
AVG 9.0.0.787 2010.05.16 Generic17.CAGA
BitDefender 7.2 2010.05.17 Trojan.Peed.Gen
CAT-QuickHeal 10.00 2010.05.15 (Suspicious) - DNAScan
ClamAV 0.96.0.3-git 2010.05.16 -
Comodo 4859 2010.05.16 TrojWare.Win32.Trojan.Agent.Gen
DrWeb 5.0.2.03300 2010.05.17 Trojan.Siggen1.29725
eSafe 7.0.17.0 2010.05.16 -
eTrust-Vet 35.2.7490 2010.05.15 -
F-Prot 4.5.1.85 2010.05.16 -
F-Secure 9.0.15370.0 2010.05.17 Trojan.Peed.Gen
Fortinet 4.1.133.0 2010.05.16 -
GData 21 2010.05.17 Trojan.Peed.Gen
Ikarus T3.1.1.84.0 2010.05.17 Trojan.Peed
Jiangmin 13.0.900 2010.05.16 Trojan/Pincav.eta
Kaspersky 7.0.0.125 2010.05.17 Trojan.Win32.Pincav.aabq
McAfee 5.400.0.1158 2010.05.17 PWS-LDPinch!dv
McAfee-GW-Edition 2010.1 2010.05.16 Heuristic.LooksLike.Heuristic.BehavesLike.Win32.Downloader.B
Microsoft 1.5703 2010.05.17 Trojan:Win32/Malagent
NOD32 5119 2010.05.17 a variant of Win32/Kryptik.DXI
Norman 6.04.12 2010.05.16 -
nProtect 2010-05-16.01 2010.05.16 Trojan.Peed.Gen
Panda 10.0.2.7 2010.05.16 Trj/CI.A
PCTools 7.0.3.5 2010.05.17 -
Rising 22.47.06.04 2010.05.16 Trojan.Win32.Generic.5204A82F
Sophos 4.53.0 2010.05.17 Sus/UnkPack-C
Sunbelt 6311 2010.05.17 Trojan.Win32.Generic!BT
Symantec 20101.1.0.89 2010.05.17 -
TheHacker 6.5.2.0.280 2010.05.14 -
TrendMicro 9.120.0.1004 2010.05.16 PAK_Generic.001
TrendMicro-HouseCall 9.120.0.1004 2010.05.17 -
VBA32 3.12.12.5 2010.05.14 Malware-Dropper.Win32.Inject.gen
ViRobot 2010.5.15.2318 2010.05.16 -
VirusBuster 5.0.27.0 2010.05.16 -
 
추가 정보
File size: 53248 bytes
MD5...: a30fc2768e75f68ef44343f08fd15b47
SHA1..: 889dfa9a43afc7c9bc518e11689753b71f2d4c24
SHA256: 8d05acf3084cf9c8118dd1f33cd3fecae66c276b8121004432c8d262f1faa239
검사 파일: G.exe 전송 시각: 2010.05.17 01:28:08 (UTC)
안티바이러스 엔진 버전 정의 날짜 검사 결과
a-squared 4.5.0.50 2010.05.10 -
AhnLab-V3 2010.05.16.00 2010.05.15 Dropper/Killav.104032
AntiVir 8.2.1.242 2010.05.16 -
Antiy-AVL 2.0.3.7 2010.05.14 -
Authentium 5.2.0.5 2010.05.16 W32/OnlineGames.DV.gen!Eldorado
Avast 4.8.1351.0 2010.05.16 Win32:Trojan-gen
Avast5 5.0.332.0 2010.05.16 Win32:Trojan-gen
AVG 9.0.0.787 2010.05.16 Dropper.Generic2.JMD
BitDefender 7.2 2010.05.17 -
CAT-QuickHeal 10.00 2010.05.15 (Suspicious) - DNAScan
ClamAV 0.96.0.3-git 2010.05.16 -
Comodo 4859 2010.05.16 TrojWare.Win32.Trojan.Agent.Gen
DrWeb 5.0.2.03300 2010.05.17 Trojan.PWS.Gamania.24318
eSafe 7.0.17.0 2010.05.16 Suspicious File
eTrust-Vet 35.2.7490 2010.05.15 -
F-Prot 4.5.1.85 2010.05.16 W32/OnlineGames.DV.gen!Eldorado
F-Secure 9.0.15370.0 2010.05.17 -
Fortinet 4.1.133.0 2010.05.16 -
GData 21 2010.05.17 Win32:Trojan-gen
Ikarus T3.1.1.84.0 2010.05.17 -
Jiangmin 13.0.900 2010.05.16 -
Kaspersky 7.0.0.125 2010.05.17 -
McAfee 5.400.0.1158 2010.05.17 -
McAfee-GW-Edition 2010.1 2010.05.16 Heuristic.LooksLike.Win32.SuspiciousPE.F
Microsoft 1.5703 2010.05.17 TrojanDropper:Win32/Frethog.K
NOD32 5119 2010.05.17 -
Norman 6.04.12 2010.05.16 -
nProtect 2010-05-16.01 2010.05.16 -
Panda 10.0.2.7 2010.05.16 Suspicious file
PCTools 7.0.3.5 2010.05.17 -
Prevx 3.0 2010.05.17 -
Rising 22.47.06.04 2010.05.16 Trojan.Win32.Generic.5204B340
Sophos 4.53.0 2010.05.17 Mal/EncPk-OD
Sunbelt 6311 2010.05.17 Trojan.Win32.Generic!BT
Symantec 20101.1.0.89 2010.05.17 -
TheHacker 6.5.2.0.280 2010.05.14 -
TrendMicro 9.120.0.1004 2010.05.16 Cryp_ACProt
TrendMicro-HouseCall 9.120.0.1004 2010.05.17 Cryp_ACProt
VBA32 3.12.12.5 2010.05.14 -
ViRobot 2010.5.15.2318 2010.05.16 -
VirusBuster 5.0.27.0 2010.05.16 -
 
추가 정보
File size: 104032 bytes
MD5...: 00420ede432ed70c6e0afecff02b9c36
SHA1..: 52f25ee55a23853d709641bf71574834c48ce311
SHA256: 1a0fc735eb5da8c91cdfd27643282d88689741d66d54cc617def08c4d1a10501
검사 파일: c.exe 전송 시각: 2010.05.17 01:30:15 (UTC)
안티바이러스 엔진 버전 정의 날짜 검사 결과
a-squared 4.5.0.50 2010.05.10 Trojan.Peed!IK
AhnLab-V3 2010.05.16.00 2010.05.15 Malware/Win32.Heur.h4
AntiVir 8.2.1.242 2010.05.16 TR/Crypt.ZPACK.Gen
Antiy-AVL 2.0.3.7 2010.05.14 -
Authentium 5.2.0.5 2010.05.16 -
Avast 4.8.1351.0 2010.05.16 Win32:Malware-gen
Avast5 5.0.332.0 2010.05.16 Win32:Malware-gen
AVG 9.0.0.787 2010.05.16 Generic17.CAGA
BitDefender 7.2 2010.05.17 Trojan.Peed.Gen
CAT-QuickHeal 10.00 2010.05.15 (Suspicious) - DNAScan
ClamAV 0.96.0.3-git 2010.05.16 -
Comodo 4859 2010.05.16 TrojWare.Win32.Trojan.Agent.Gen
DrWeb 5.0.2.03300 2010.05.17 Trojan.Siggen1.29725
eSafe 7.0.17.0 2010.05.16 -
eTrust-Vet 35.2.7490 2010.05.15 -
F-Prot 4.5.1.85 2010.05.16 -
F-Secure 9.0.15370.0 2010.05.17 Trojan.Peed.Gen
Fortinet 4.1.133.0 2010.05.16 -
GData 21 2010.05.17 Trojan.Peed.Gen
Ikarus T3.1.1.84.0 2010.05.17 Trojan.Peed
Jiangmin 13.0.900 2010.05.16 Trojan/Pincav.eta
Kaspersky 7.0.0.125 2010.05.17 Trojan.Win32.Pincav.aabq
McAfee 5.400.0.1158 2010.05.17 PWS-LDPinch!dv
McAfee-GW-Edition 2010.1 2010.05.16 Heuristic.LooksLike.Heuristic.BehavesLike.Win32.Downloader.B
Microsoft 1.5703 2010.05.17 Trojan:Win32/Malagent
NOD32 5119 2010.05.17 a variant of Win32/Kryptik.DXI
Norman 6.04.12 2010.05.16 -
nProtect 2010-05-16.01 2010.05.16 Trojan.Peed.Gen
Panda 10.0.2.7 2010.05.16 Trj/CI.A
PCTools 7.0.3.5 2010.05.17 -
Prevx 3.0 2010.05.17 High Risk Cloaked Malware
Rising 22.47.06.04 2010.05.16 Trojan.Win32.Generic.5204A82F
Sophos 4.53.0 2010.05.17 Sus/UnkPack-C
Sunbelt 6311 2010.05.17 Trojan.Win32.Generic!BT
Symantec 20101.1.0.89 2010.05.17 -
TheHacker 6.5.2.0.280 2010.05.14 -
TrendMicro 9.120.0.1004 2010.05.16 PAK_Generic.001
TrendMicro-HouseCall 9.120.0.1004 2010.05.17 -
VBA32 3.12.12.5 2010.05.14 Malware-Dropper.Win32.Inject.gen
ViRobot 2010.5.15.2318 2010.05.16 -
VirusBuster 5.0.27.0 2010.05.16 -
 
추가 정보
File size: 53248 bytes
MD5...: a30fc2768e75f68ef44343f08fd15b47
SHA1..: 889dfa9a43afc7c9bc518e11689753b71f2d4c24
SHA256: 8d05acf3084cf9c8118dd1f33cd3fecae66c276b8121004432c8d262f1faa239
검사 파일: 514.exe 전송 시각: 2010.05.17 01:30:20 (UTC)
안티바이러스 엔진 버전 정의 날짜 검사 결과
a-squared 4.5.0.50 2010.05.10 Trojan.Peed!IK
AhnLab-V3 2010.05.16.00 2010.05.15 Malware/Win32.Heur.h4
AntiVir 8.2.1.242 2010.05.16 TR/Crypt.ZPACK.Gen
Antiy-AVL 2.0.3.7 2010.05.14 -
Authentium 5.2.0.5 2010.05.16 -
Avast 4.8.1351.0 2010.05.16 Win32:Malware-gen
Avast5 5.0.332.0 2010.05.16 Win32:Malware-gen
AVG 9.0.0.787 2010.05.16 Generic17.CAMR
BitDefender 7.2 2010.05.17 Trojan.Peed.Gen
CAT-QuickHeal 10.00 2010.05.15 (Suspicious) - DNAScan
ClamAV 0.96.0.3-git 2010.05.16 -
Comodo 4859 2010.05.16 TrojWare.Win32.Trojan.Agent.Gen
DrWeb 5.0.2.03300 2010.05.17 -
eSafe 7.0.17.0 2010.05.16 -
eTrust-Vet 35.2.7490 2010.05.15 -
F-Prot 4.5.1.85 2010.05.16 -
F-Secure 9.0.15370.0 2010.05.17 Trojan.Peed.Gen
Fortinet 4.1.133.0 2010.05.16 -
GData 21 2010.05.17 Trojan.Peed.Gen
Ikarus T3.1.1.84.0 2010.05.17 Trojan.Peed
Jiangmin 13.0.900 2010.05.16 -
Kaspersky 7.0.0.125 2010.05.17 Trojan.Win32.Pincav.aack
McAfee 5.400.0.1158 2010.05.17 PWS-Mmorpg!pd
McAfee-GW-Edition 2010.1 2010.05.16 Heuristic.LooksLike.Heuristic.BehavesLike.Win32.Downloader.B
Microsoft 1.5703 2010.05.17 Trojan:Win32/Malagent
NOD32 5119 2010.05.17 a variant of Win32/Kryptik.DXI
Norman 6.04.12 2010.05.16 -
nProtect 2010-05-16.01 2010.05.16 Trojan.Peed.Gen
Panda 10.0.2.7 2010.05.16 Trj/CI.A
PCTools 7.0.3.5 2010.05.17 -
Prevx 3.0 2010.05.17 High Risk Cloaked Malware
Rising 22.47.06.04 2010.05.16 Trojan.Win32.Generic.5204B11E
Sophos 4.53.0 2010.05.17 Sus/UnkPack-C
Sunbelt 6311 2010.05.17 Trojan.Win32.Generic!BT
Symantec 20101.1.0.89 2010.05.17 -
TheHacker 6.5.2.0.280 2010.05.14 -
TrendMicro 9.120.0.1004 2010.05.16 PAK_Generic.001
TrendMicro-HouseCall 9.120.0.1004 2010.05.17 -
VBA32 3.12.12.5 2010.05.14 Malware-Dropper.Win32.Inject.gen
ViRobot 2010.5.15.2318 2010.05.16 -
VirusBuster 5.0.27.0 2010.05.16 -
 
추가 정보
File size: 53248 bytes
MD5...: 7a605076c916dbe48c3e4dd67411a643
SHA1..: f64ee054a392de9e98f3f8b22fe7d5c39e18bc37
SHA256: 4b9a72252ab86d78c804287400ddff1e0b31c7de5b8b6c523d2953856f844dd0
검사 파일: 1.exe_xor 전송 시각: 2010.05.17 01:32:39 (UTC)
안티바이러스 엔진 버전 정의 날짜 검사 결과
a-squared 4.5.0.50 2010.05.10 -
AhnLab-V3 2010.05.16.00 2010.05.15 ASD.Prevention
AntiVir 8.2.1.242 2010.05.16 TR/Downloader.Gen
Antiy-AVL 2.0.3.7 2010.05.14 -
Authentium 5.2.0.5 2010.05.16 -
Avast 4.8.1351.0 2010.05.16 Win32:Rootkit-gen
Avast5 5.0.332.0 2010.05.16 Win32:Rootkit-gen
AVG 9.0.0.787 2010.05.16 Win32/PEPatch.BM
BitDefender 7.2 2010.05.17 Generic.Malware.FBg.5DCBA1EB
CAT-QuickHeal 10.00 2010.05.15 (Suspicious) - DNAScan
ClamAV 0.96.0.3-git 2010.05.16 -
Comodo 4859 2010.05.16 -
DrWeb 5.0.2.03300 2010.05.17 Trojan.PWS.Wsgame.20571
eSafe 7.0.17.0 2010.05.16 Suspicious File
eTrust-Vet 35.2.7490 2010.05.15 -
F-Prot 4.5.1.85 2010.05.16 -
F-Secure 9.0.15370.0 2010.05.17 Generic.Malware.FBg.5DCBA1EB
Fortinet 4.1.133.0 2010.05.16 -
GData 21 2010.05.17 Win32:Rootkit-gen
Ikarus T3.1.1.84.0 2010.05.17 Win32.SuspectCrc
Jiangmin 13.0.900 2010.05.16 -
Kaspersky 7.0.0.125 2010.05.17 -
McAfee 5.400.0.1158 2010.05.17 Suspect-02!4C073148EB0A
McAfee-GW-Edition 2010.1 2010.05.16 Artemis!4C073148EB0A
Microsoft 1.5703 2010.05.17 Trojan:Win32/Meredrop
NOD32 5119 2010.05.17 -
Norman 6.04.12 2010.05.16 -
nProtect 2010-05-16.01 2010.05.16 -
Panda 10.0.2.7 2010.05.16 Suspicious file
PCTools 7.0.3.5 2010.05.17 -
Prevx 3.0 2010.05.17 -
Rising 22.47.06.04 2010.05.16 -
Sophos 4.53.0 2010.05.17 Mal/Behav-112
Sunbelt 6311 2010.05.17 -
Symantec 20101.1.0.89 2010.05.17 -
TheHacker 6.5.2.0.280 2010.05.14 -
TrendMicro 9.120.0.1004 2010.05.16 PAK_Generic.001
TrendMicro-HouseCall 9.120.0.1004 2010.05.17 -
VBA32 3.12.12.5 2010.05.14 Malware-Cryptor.Win32.Krap
ViRobot 2010.5.15.2318 2010.05.16 -
VirusBuster 5.0.27.0 2010.05.16 -
 
추가 정보
File size: 20480 bytes
MD5...: 4c073148eb0ada6ca31e43816d1d402c
SHA1..: c02449696c974ddde708f3e7afc1c573380e99c5
SHA256: 4ec7b8fa64f0cffa559c0f765816f99426bb5f6b1f8341d87e01b5439afed77f

 관련글 : 프루나 무비서치 악성코드 유포중 !!

댓글을 달아 주세요