Phishing URL(FQDN):
virus-onlinescanner.com
xp-registration.com
IP解析:
virus-onlinescanner.com->64.92.174.34
xp-registration.com->209.67.214.194
Domain Name: VIRUS-ONLINESCANNER.COM
Registrar: DIRECTI INTERNET SOLUTIONS PVT. LTD. D/B/A PUBLICDOMAINREGISTRY.COM
Updated Date: 26-jun-2008
Creation Date: 26-jun-2008
Expiration Date: 26-jun-2009
Domain Name: XP-REGISTRATION.COM
Registrar: DIRECTI INTERNET SOLUTIONS PVT. LTD. D/B/A PUBLICDOMAINREGISTRY.COM
Updated Date: 06-jun-2008
Creation Date: 06-jun-2008
Expiration Date: 06-jun-2009
IP定址:
64.92.174.34@Cary of US
209.67.214.194@Dallas of US
Malware File:
hxxp://virus-onlinescanner.com/download/install_v2.exe
執行惡意程式畫面,也假裝要下載安裝程式。
VirusTotal結果:(30/33)
http://www.virustotal.com/reanalisis.html?291baa30febdbf7484e083d1f1d7a0c9
#追查發現:
1.有其他釣魚網站(還沒成形)
www.updatesantivirus.com
Updated Date: 19-jun-2008
Creation Date: 19-jun-2008
Expiration Date: 19-jun-2009
2.有色情網站
?3?d?pornpic.com
?t?h?enylonporn.com
沒有留言:
張貼留言