메인에서 Top.asp(h**p://6*.6*.2*.3*/t***/Top.asp) 라는 파일이 다운로드 된다고 하네요.
이 파일은 악성코드로 분류될 수 있습니다. 또한, 후에 실행될 경우 D.exe(h**p://6*.6*.2*.3*/t***/d.exe) 라는 악성코드를 다운받도록 되어 있습니다.
Top.asp 파일의 바이러스 토탈 결과
Antivirus | Version | Last Update | Result |
---|---|---|---|
AhnLab-V3 | 2008.12.12.2 | 2008.12.14 | - |
AntiVir | 7.9.0.45 | 2008.12.12 | - |
Authentium | 5.1.0.4 | 2008.12.13 | - |
Avast | 4.8.1281.0 | 2008.12.13 | - |
AVG | 8.0.0.199 | 2008.12.13 | - |
BitDefender | 7.2 | 2008.12.14 | Trojan.JS.Downloader.BFH |
CAT-QuickHeal | 10.00 | 2008.12.13 | - |
ClamAV | 0.94.1 | 2008.12.14 | - |
Comodo | 749 | 2008.12.13 | - |
DrWeb | 4.44.0.09170 | 2008.12.14 | - |
eSafe | 7.0.17.0 | 2008.12.11 | - |
eTrust-Vet | 31.6.6258 | 2008.12.12 | - |
Ewido | 4.0 | 2008.12.14 | - |
F-Prot | 4.4.4.56 | 2008.12.13 | - |
F-Secure | 8.0.14332.0 | 2008.12.14 | - |
Fortinet | 3.117.0.0 | 2008.12.14 | - |
GData | 19 | 2008.12.14 | Trojan.JS.Downloader.BFH |
Ikarus | T3.1.1.45.0 | 2008.12.14 | - |
K7AntiVirus | 7.10.553 | 2008.12.13 | - |
Kaspersky | 7.0.0.125 | 2008.12.14 | - |
McAfee | 5463 | 2008.12.13 | - |
McAfee+Artemis | 5463 | 2008.12.13 | - |
Microsoft | 1.4205 | 2008.12.14 | - |
NOD32 | 3688 | 2008.12.12 | - |
Norman | 5.80.02 | 2008.12.12 | - |
Panda | 9.0.0.4 | 2008.12.13 | - |
PCTools | 4.4.2.0 | 2008.12.13 | - |
Prevx1 | V2 | 2008.12.14 | - |
Rising | 21.07.62.00 | 2008.12.14 | - |
SecureWeb-Gateway | 6.7.6 | 2008.12.12 | - |
Sophos | 4.36.0 | 2008.12.14 | - |
Sunbelt | 3.2.1801.2 | 2008.12.11 | - |
Symantec | 10 | 2008.12.14 | - |
TheHacker | 6.3.1.4.187 | 2008.12.13 | - |
TrendMicro | 8.700.0.1004 | 2008.12.12 | - |
VBA32 | 3.12.8.10 | 2008.12.13 | - |
ViRobot | 2008.12.12.1515 | 2008.12.12 | - |
VirusBuster | 4.5.11.0 | 2008.12.13 | - |
Additional information |
---|
File size: 6018 bytes |
MD5...: 24e5b35e9a7739572b5638b35d830171 |
SHA1..: a16aa38533c5f4b07eb56c4cebf0759bbeaa14f6 |
Top.asp 파일에 의해 다운로드 되는 D.exe 파일의 바이러스 토탈 결과
Antivirus | Version | Last Update | Result |
---|---|---|---|
AhnLab-V3 | 2008.12.12.2 | 2008.12.14 | - |
AntiVir | 7.9.0.45 | 2008.12.12 | TR/Crypt.XPACK.Gen |
Authentium | 5.1.0.4 | 2008.12.13 | - |
Avast | 4.8.1281.0 | 2008.12.13 | Win32:Kavos |
AVG | 8.0.0.199 | 2008.12.13 | - |
BitDefender | 7.2 | 2008.12.14 | - |
CAT-QuickHeal | 10.00 | 2008.12.13 | (Suspicious) - DNAScan |
ClamAV | 0.94.1 | 2008.12.14 | - |
Comodo | 749 | 2008.12.13 | - |
DrWeb | 4.44.0.09170 | 2008.12.14 | - |
eSafe | 7.0.17.0 | 2008.12.11 | - |
eTrust-Vet | 31.6.6258 | 2008.12.12 | - |
Ewido | 4.0 | 2008.12.14 | - |
F-Prot | 4.4.4.56 | 2008.12.12 | - |
F-Secure | 8.0.14332.0 | 2008.12.14 | Suspicious:W32/Malware!Gemini |
Fortinet | 3.117.0.0 | 2008.12.14 | - |
GData | 19 | 2008.12.14 | Win32:Kavos |
Ikarus | T3.1.1.45.0 | 2008.12.14 | - |
K7AntiVirus | 7.10.553 | 2008.12.13 | - |
Kaspersky | 7.0.0.125 | 2008.12.14 | - |
McAfee | 5463 | 2008.12.13 | - |
McAfee+Artemis | 5463 | 2008.12.13 | - |
Microsoft | 1.4205 | 2008.12.14 | TrojanDownloader:Win32/Frethog.C |
NOD32 | 3688 | 2008.12.12 | - |
Norman | 5.80.02 | 2008.12.12 | - |
Panda | 9.0.0.4 | 2008.12.13 | Suspicious file |
PCTools | 4.4.2.0 | 2008.12.13 | - |
Prevx1 | V2 | 2008.12.14 | - |
Rising | 21.07.62.00 | 2008.12.14 | - |
SecureWeb-Gateway | 6.7.6 | 2008.12.12 | Trojan.Crypt.XPACK.Gen |
Sophos | 4.36.0 | 2008.12.14 | - |
Sunbelt | 3.2.1801.2 | 2008.12.11 | - |
Symantec | 10 | 2008.12.14 | - |
TheHacker | 6.3.1.4.187 | 2008.12.13 | - |
TrendMicro | 8.700.0.1004 | 2008.12.12 | - |
VBA32 | 3.12.8.10 | 2008.12.13 | - |
ViRobot | 2008.12.12.1514 | 2008.12.12 | - |
VirusBuster | 4.5.11.0 | 2008.12.13 | - |
Additional information |
---|
File size: 102970 bytes |
MD5...: f6dbe4adf2765c1e984ef6f84ee009b7 |
SHA1..: c1449be076f99ba212253ff8b7f6a0eef048e198 |
하하하 d.exe 파일이 실행되면 또다른 파일을 다운로드합니다.
no1.exe 토탈결과
안티바이러스 | 엔진 버전 | 정의 날짜 | 검사 결과 |
---|---|---|---|
AhnLab-V3 | 2008.12.12.2 | 2008.12.14 | - |
AntiVir | 7.9.0.45 | 2008.12.12 | TR/Crypt.XPACK.Gen |
Authentium | 5.1.0.4 | 2008.12.13 | - |
Avast | 4.8.1281.0 | 2008.12.13 | Win32:Kavos |
AVG | 8.0.0.199 | 2008.12.13 | - |
BitDefender | 7.2 | 2008.12.14 | - |
CAT-QuickHeal | 10.00 | 2008.12.13 | (Suspicious) - DNAScan |
ClamAV | 0.94.1 | 2008.12.14 | - |
Comodo | 749 | 2008.12.13 | - |
DrWeb | 4.44.0.09170 | 2008.12.14 | - |
eSafe | 7.0.17.0 | 2008.12.11 | Suspicious File |
eTrust-Vet | 31.6.6258 | 2008.12.12 | - |
Ewido | 4.0 | 2008.12.14 | - |
F-Prot | 4.4.4.56 | 2008.12.13 | - |
F-Secure | 8.0.14332.0 | 2008.12.14 | - |
Fortinet | 3.117.0.0 | 2008.12.14 | - |
GData | 19 | 2008.12.14 | Win32:Kavos |
Ikarus | T3.1.1.45.0 | 2008.12.14 | Worm.Win32.Viking |
K7AntiVirus | 7.10.553 | 2008.12.13 | - |
Kaspersky | 7.0.0.125 | 2008.12.14 | - |
McAfee | 5463 | 2008.12.13 | New Malware.bl |
McAfee+Artemis | 5463 | 2008.12.13 | New Malware.bl |
Microsoft | 1.4205 | 2008.12.14 | PWS:Win32/Frethog.AJ |
NOD32 | 3689 | 2008.12.14 | - |
Norman | 5.80.02 | 2008.12.12 | - |
Panda | 9.0.0.4 | 2008.12.14 | Suspicious file |
PCTools | 4.4.2.0 | 2008.12.14 | - |
Prevx1 | V2 | 2008.12.14 | - |
Rising | 21.07.62.00 | 2008.12.14 | - |
SecureWeb-Gateway | 6.7.6 | 2008.12.12 | Trojan.Crypt.XPACK.Gen |
Sophos | 4.36.0 | 2008.12.14 | - |
Sunbelt | 3.2.1801.2 | 2008.12.11 | - |
Symantec | 10 | 2008.12.14 | - |
TheHacker | 6.3.1.4.187 | 2008.12.13 | - |
TrendMicro | 8.700.0.1004 | 2008.12.12 | - |
VBA32 | 3.12.8.10 | 2008.12.13 | - |
ViRobot | 2008.12.12.1515 | 2008.12.12 | - |
VirusBuster | 4.5.11.0 | 2008.12.13 | - |
추가 정보 |
---|
File size: 162381 bytes |
MD5...: 19ae6aed1527b4dbf13e816382094ab4 |