Web2Secure: Web Security Blog

We are non-funded group of security enthusiast who contributes and updates to community with latest security treats. Use and handle whatever links shared within website could be harmful to your systems with own risks. Feel free to use the contents for commercial or non-commercial purposes. We're very appreciating if using our useful information’s to your website by referring back to this original website. Donation or clicking on ads is most welcome to continue maintains costs for this website.

Monday, August 3, 2009

Malicious ** 3-August-09 www.sans.cn

sans.cn(219.133.31.107-Blacklisted)

Other domains share with same IP address:

mail.sans.com.cn

mx.sans.com.cn

sans.com.cn

www.sans.com.cn

vm1.1158tv.cn (111.111.222.111-Blacklisted)

Level 0:http://www.sans.cn/img/muma.html

Level 1:http://www.sans.cn/img/darkst.png

Level 1:http://www.sans.cn/img/js.js

Level 2:http://www.sans.cn/img/z.htm

Level 3:http://www.sans.cn/img/do.css

Level 4:http://vm1.1158tv.cn/game/zzz/tj.exe

Level 3:http://www.sans.cn/img/z.css

Level 4:http://www.sans.cn/img/1.html

Level 2:http://www.sans.cn/img/ggvod.htm

Level 2:http://www.sans.cn/img/gf22.htm

Level 3:http://www.sans.cn/img/swfobject.js

Level 2:http://www.sans.cn/img/gi11.htm

Level 3:http://www.sans.cn/img/swfobject.js

Level 1:http://s52.cnzz.com/stat.php?id=930206&web_id=930206&show=pic1

Analysis report for malicous file("tj.exe") activity:

http://anubis.iseclab.org/?action=result&task_id=1c30fe1b4c02e457435b1482d5b6203bf&format=html

Tools:

-Robtex

-Anubis

-malzilla

--X0end

Web2Secure: Web Security Blog

Pages

Monday, August 3, 2009

Malicious ** 3-August-09 www.sans.cn

0 comments: