臺北市立國樂團介紹網站被植入惡意連結
2008 年 10 月 19 日 – 10:27:03臺北市立國樂團介紹網站被植入惡意連結,此惡意程式為 Trojan.KillAV,最近有瀏覽這個網頁的網友,請要盡速檢查自己的電腦是否有中毒的情形。
臺北市立國樂團介紹網站網址,如下所示:
惡意連結/程式碼是放置在上述網址 (很多網頁,應該要仔細檢查) 中的:
解碼後,如下所示:
下面是網頁信譽評等掃描的結果:
Google Search 查詢結果(發現異狀),如下圖所示:
阿碼科技 HackAlert (偵測惡意行為) 查詢結果(發現異狀),如下圖所示:
McAfee SiteAdvisor 查詢結果(未發現異狀),如下圖所示:
趨勢科技網頁信譽評等查詢結果(未發現異狀),如下圖所示:
finjan 網頁信譽評等查詢結果(未發現異狀),如下圖所示:
Dr.Web 網頁信譽評等查詢結果(未發現異狀),如下圖所示:
賽門鐵克 Safe Web 查詢結果(未發現異狀),如下圖所示:
下列是 VirusTotal 掃描結果 (僅提供參考):
File 8452b1ed239e0a36e1a9806051cc66da1 received on 10.17.2008 01:46:35 (CET)
Result: 24/35 (68.57%)
Antivirus Version Last Update Result
AhnLab-V3 – – -
AntiVir – – TR/Spy.Gen
Authentium – – W32/OnlineGames.AJ.gen!Eldorado
Avast – – Win32:Acve-B
AVG – – -
BitDefender – – -
CAT-QuickHeal – – (Suspicious) – DNAScan
ClamAV – – Trojan.Killav-222
DrWeb – – DLOADER.Trojan
eSafe – – Suspicious File
eTrust-Vet – – -
Ewido – – -
F-Prot – – W32/OnlineGames.AJ.gen!Eldorado
F-Secure – – W32/Packed/FSG_2.A
Fortinet – – -
GData – – Win32:Acve-B
Ikarus – – Trojan-Downloader.Win32.ACVE.al
K7AntiVirus – – -
Kaspersky – – -
McAfee – – New Malware.ab
Microsoft – – TrojanDownloader:Win32/Dogrobot.A
NOD32 – – probably a variant of Win32/TrojanDownloader.Agent.OHA
Norman – – W32/Packed_FSG.D
Panda – – Suspicious file
PCTools – – Packed/FSG
Rising – – Trojan.DL.Win32.Mnless.bhg
SecureWeb-Gateway – – Trojan.Spy.Gen
Sophos – – Mal/Packer
Sunbelt – – Trojan.Win32.Packed.gen (v)
Symantec – – Trojan.KillAV
TheHacker – – -
TrendMicro – – Cryp_Bits
VBA32 – – -
ViRobot – – -
VirusBuster – – Packed/FSG
Additional information
MD5: ca5f8253f61c87ce7226b10273e58468
SHA1: 8452b1ed239e0a36e1a9806051cc66da1930236d
SHA256: eb9575097bfac726ab50a15689bce27ab27df1b1960069420122d0003529e0f3
SHA512: 5e5c529cf36feca89f614a183d33dcd276da1660307bb591b68b91becdb70c877be105ff707b0423794d6c7b1081dca00c2dc6148881d6dd41420c40930cf280
