http://www.sllanmb.cn/jzll/27.htm
→http://wm.sllbqsb.cn/a5/fxx.htm
→(略)
2008-12-20
2008-12-19
http://c.nuclear3.com/css/c.js
→http://scdss.cn/01/index.htm
→(略)
→http://www.weweif.com/01/Mete.exe
2008-12-19
2008-12-18
http://c.nuclear3.com/css/c.js
→http://fvgit.cn/01/index.htm
→(略)
→http://www.weweif.com/01/Mete.exe
http://www.weweif.com/01/Mete.exe
→http://www.iiegf.com/new.txt
2008-12-18
2008-12-15
http://52-o.cn/admin.js
→http://baiduduyou.cn/b057850/b05.htm
→http://baiduduyou.cn/b057850/new.html
→(略)
2008-12-15
2008-12-14
http://c.nuclear3.com/css/c.js
→http://abcrot.cn/01/index.htm
→(略)
→http://www.iegif.com/01/DUMete.exe
http://s1.cawjb.com/s.js
http://s.cawjb.com/s.js
http://s.ardoshanghai.com/s.js
→http://s.ardoshanghai.com/s/index.htm
→http://s.ardoshanghai.com/s/ie7.htm
→http://s.ardoshanghai.com/s/Ms06014.htm
→http://124.50.56.135/11.exe
→http://s.ardoshanghai.com/s/office.htm
→http://124.50.56.135/11.exe
→http://s.ardoshanghai.com/s/flash.htm (404)
→http://s.ardoshanghai.com/s/real10.htm (404)
→http://s.ardoshanghai.com/s/Real11.htm (404)
http://124.50.56.135/11.exe
HKLM\System\CurrentControlSet\Services\Windows Update Online
C:\WINDOWS\czvocs.exe
→http://ip.evebug.cn/down.txt
http://s1.cawjb.com/jp.js
http://s.cawjb.com/jp.js
http://s.cawjb.com/sjp.js
→http://s.cawjb.com/jp.htm
こちらは対象は日本で、現時点では無害なアクセス解析です。
今後の攻撃対象を収集しているのでしょう。
