Web ベースマルウェア調査サービス
調査した感染源サイト 581
直リンク8,634
巡回待ち675 URL [調査履歴] [収集検体] [未知検体] [検体挙動] [jsdecoder] [jjencode] [VT Community]
巡回待ち675 URL [調査履歴] [収集検体] [未知検体] [検体挙動] [jsdecoder] [jjencode] [VT Community]
| 時刻 |
Uri |
カテゴリ | プロセス | 対象 | |
|---|---|---|---|---|---|
| 2009/12/03 06:06:55 | weeklytop.cn/setup/setup.exe | file | C:\Program Files\Internet Explorer\IEXPLORE.EXE | C:\Documents and Settings\******\Local Settings\Temporary Internet Files\Content.IE5\40J8GL1X\setup[1].exe | |
| 2009/12/03 06:04:59 | internetbox.it/suonerie/suonerie.exe | file | C:\Program Files\Internet Explorer\IEXPLORE.EXE | C:\Documents and Settings\******\Local Settings\Temporary Internet Files\Content.IE5\40J8GL1X\suonerie[1].exe | |
| 2009/12/03 07:37:05 | pinsetang.net.cn/yanzhaoxxx/images.exe | file | C:\Program Files\Internet Explorer\IEXPLORE.EXE | C:\Documents and Settings\******\Local Settings\Temporary Internet Files\Content.IE5\LERRV50T\images[1].exe | |
| 2009/12/03 07:36:55 | 163.fuckunion.com/286/soft/163.exe | file | C:\Program Files\Internet Explorer\IEXPLORE.EXE | C:\Documents and Settings\******\Local Settings\Temporary Internet Files\Content.IE5\40J8GL1X\163[1].exe | |
| 2009/12/03 07:36:18 | baskentsurat.com.tr/ | file | C:\Program Files\Internet Explorer\IEXPLORE.EXE | C:\WINDOWS\Temp\iexplore.exe | |
| 2009/12/03 07:36:19 | baskentsurat.com.tr/ | process | C:\Program Files\Internet Explorer\IEXPLORE.EXE | C:\WINDOWS\Temp\iexplore.exe | |
| 2009/12/03 07:36:18 | baskentsurat.com.tr/ | registry | C:\WINDOWS\Temp\iexplore.exe | HKLM\SYSTEM\ControlSet001\Control\Session Manager\PendingFileRenameOperations | |
| 2009/12/03 07:36:19 | baskentsurat.com.tr/ | registry | C:\WINDOWS\Temp\iexplore.exe | HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\midi9 | |
| 2009/12/03 07:36:19 | baskentsurat.com.tr/ | file | C:\WINDOWS\Temp\iexplore.exe | C:\WINDOWS\Temp\gwku.bak | |
| 2009/12/03 08:11:14 | chinatz.cn/enn/setupmedia.exe | file | C:\Program Files\Internet Explorer\IEXPLORE.EXE | C:\Documents and Settings\******\Local Settings\Temporary Internet Files\Content.IE5\LERRV50T\setupmedia[1].exe | |
| 2009/12/03 08:07:34 | inspectsupersite.com/download.php | file | C:\Program Files\Internet Explorer\IEXPLORE.EXE | C:\Documents and Settings\******\Local Settings\Temporary Internet Files\Content.IE5\40J8GL1X\install[1].exe | |
| 2009/12/03 08:06:40 | testexperiment.net/download.php | file | C:\Program Files\Internet Explorer\IEXPLORE.EXE | C:\Documents and Settings\******\Local Settings\Temporary Internet Files\Content.IE5\40J8GL1X\install[1].exe | |
| 2009/12/03 08:05:59 | tottaldomain.cn/ | file | C:\Program Files\Internet Explorer\IEXPLORE.EXE | C:\Documents and Settings\******\Local Settings\Temporary Internet Files\Content.IE5\FRHBQUW2\load[1].exe | |
| 2009/12/03 08:06:00 | tottaldomain.cn/ | file | C:\Program Files\Internet Explorer\IEXPLORE.EXE | C:\Documents and Settings\******\S87ekhV.exe | |
| 2009/12/03 08:06:00 | tottaldomain.cn/ | file | System | C:\Documents and Settings\******\Local Settings\Temporary Internet Files\Content.IE5\FRHBQUW2\load[1].exe | |
| 2009/12/03 08:06:00 | tottaldomain.cn/ | file | System | C:\Documents and Settings\******\S87ekhV.exe | |
| 2009/12/03 08:06:01 | tottaldomain.cn/ | process | C:\Program Files\Internet Explorer\IEXPLORE.EXE | C:\Documents and Settings\******\S87ekhV.exe | |
| 2009/12/03 08:06:01 | tottaldomain.cn/ | file | C:\Documents and Settings\******\S87ekhV.exe | C:\WINDOWS\Temp\~TM16.tmp | |
| 2009/12/03 08:06:01 | tottaldomain.cn/ | file | C:\Documents and Settings\******\S87ekhV.exe | C:\WINDOWS\Temp\~TM17.tmp | |
| 2009/12/03 08:06:01 | tottaldomain.cn/ | file | C:\Documents and Settings\******\S87ekhV.exe | C:\WINDOWS\Temp\~TM18.tmp | |
| 2009/12/03 08:06:02 | tottaldomain.cn/ | file | C:\Documents and Settings\******\S87ekhV.exe | C:\WINDOWS\Temp\~TM27FB4A.TMP | |
| 2009/12/03 08:06:02 | tottaldomain.cn/ | process | C:\Program Files\Internet Explorer\IEXPLORE.EXE | C:\Documents and Settings\******\S87ekhV.exe | |
| 2009/12/03 08:06:02 | tottaldomain.cn/ | file | C:\WINDOWS\explorer.exe | C:\Documents and Settings\******\Local Settings\Temp\~TM1A.tmp | |
| 2009/12/03 08:06:02 | tottaldomain.cn/ | file | C:\WINDOWS\explorer.exe | C:\Documents and Settings\******\Local Settings\Temp\~TM1B.tmp | |
| 2009/12/03 08:06:03 | tottaldomain.cn/ | process | C:\WINDOWS\explorer.exe | C:\WINDOWS\system32\svchost.exe | |
| 2009/12/03 08:06:10 | tottaldomain.cn/ | file | C:\WINDOWS\system32\svchost.exe | C:\WINDOWS\Temp\wpv791259017613.exe | |
| 2009/12/03 08:06:11 | tottaldomain.cn/ | process | C:\WINDOWS\system32\svchost.exe | C:\WINDOWS\Temp\wpv791259017613.exe | |
| 2009/12/03 08:06:10 | tottaldomain.cn/ | file | C:\WINDOWS\system32\svchost.exe | C:\WINDOWS\Temp\wpv881259549308.exe | |
| 2009/12/03 08:06:10 | tottaldomain.cn/ | process | C:\WINDOWS\system32\svchost.exe | C:\WINDOWS\Temp\wpv791259017613.exe | |
| 2009/12/03 08:06:10 | tottaldomain.cn/ | file | System | C:\WINDOWS\Temp\wpv881259549308.exe | |
| 2009/12/03 08:06:10 | tottaldomain.cn/ | file | C:\WINDOWS\system32\svchost.exe | C:\WINDOWS\Temp\wpv371259025561.exe | |
| 2009/12/03 08:06:13 | tottaldomain.cn/ | process | C:\WINDOWS\system32\svchost.exe | C:\WINDOWS\Temp\wpv881259549308.exe | |
| 2009/12/03 08:06:10 | tottaldomain.cn/ | file | System | C:\WINDOWS\Temp\wpv371259025561.exe | |
| 2009/12/03 08:06:11 | tottaldomain.cn/ | file | UNKNOWN | C:\WINDOWS\system32\wininet.exe | |
| 2009/12/03 08:06:11 | tottaldomain.cn/ | file | C:\WINDOWS\system32\svchost.exe | C:\Documents and Settings\******\Application Data\wiaservg.log | |
| 2009/12/03 08:06:11 | tottaldomain.cn/ | file | System | C:\WINDOWS\system32\wininet.exe | |
| 2009/12/03 08:06:15 | tottaldomain.cn/ | process | UNKNOWN | C:\WINDOWS\system32\wininet.exe | |
| 2009/12/03 08:06:12 | tottaldomain.cn/ | file | UNKNOWN | C:\WINDOWS\system32\winint.exe | |
| 2009/12/03 08:06:12 | tottaldomain.cn/ | registry | C:\WINDOWS\Temp\wpv791259017613.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass | |
| 2009/12/03 08:06:12 | tottaldomain.cn/ | registry | C:\WINDOWS\Temp\wpv791259017613.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName | |
| 2009/12/03 08:06:12 | tottaldomain.cn/ | registry | C:\WINDOWS\Temp\wpv791259017613.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet | |
| 2009/12/03 08:06:12 | tottaldomain.cn/ | registry | C:\WINDOWS\Temp\wpv791259017613.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass | |
| 2009/12/03 08:06:12 | tottaldomain.cn/ | registry | C:\WINDOWS\Temp\wpv791259017613.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName | |
| 2009/12/03 08:06:12 | tottaldomain.cn/ | registry | C:\WINDOWS\Temp\wpv791259017613.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet | |
| 2009/12/03 08:06:12 | tottaldomain.cn/ | registry | C:\WINDOWS\Temp\wpv791259017613.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache | |
| 2009/12/03 08:06:12 | tottaldomain.cn/ | registry | C:\WINDOWS\Temp\wpv791259017613.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cookies | |
| 2009/12/03 08:06:12 | tottaldomain.cn/ | registry | C:\WINDOWS\Temp\wpv791259017613.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0a27dacf-9021-11dd-8e25-806d6172696f}\BaseClass | |
| 2009/12/03 08:06:12 | tottaldomain.cn/ | registry | C:\WINDOWS\Temp\wpv791259017613.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0a27dacd-9021-11dd-8e25-806d6172696f}\BaseClass | |
| 2009/12/03 08:06:12 | tottaldomain.cn/ | registry | C:\WINDOWS\Temp\wpv791259017613.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0a27dacc-9021-11dd-8e25-806d6172696f}\BaseClass | |
| 2009/12/03 08:06:16 | tottaldomain.cn/ | process | C:\WINDOWS\Temp\wpv791259017613.exe | C:\WINDOWS\system32\netsh.exe | |
| 2009/12/03 08:06:14 | tottaldomain.cn/ | file | C:\WINDOWS\Temp\wpv791259017613.exe | C:\Documents and Settings\******\Local Settings\Temp\tmp1C.tmp | |
| 2009/12/03 08:06:15 | tottaldomain.cn/ | file | System | C:\WINDOWS\system32\winint.exe | |
| 2009/12/03 08:06:16 | tottaldomain.cn/ | registry | C:\WINDOWS\system32\netsh.exe | HKLM\SOFTWARE\Microsoft\Tracing\FWCFG\EnableFileTracing | |
| 2009/12/03 08:06:16 | tottaldomain.cn/ | registry | C:\WINDOWS\system32\netsh.exe | HKLM\SOFTWARE\Microsoft\Tracing\FWCFG\EnableConsoleTracing | |
| 2009/12/03 08:06:16 | tottaldomain.cn/ | registry | C:\WINDOWS\system32\netsh.exe | HKLM\SOFTWARE\Microsoft\Tracing\FWCFG\FileTracingMask | |
| 2009/12/03 08:06:16 | tottaldomain.cn/ | registry | C:\WINDOWS\system32\netsh.exe | HKLM\SOFTWARE\Microsoft\Tracing\FWCFG\ConsoleTracingMask | |
| 2009/12/03 08:06:16 | tottaldomain.cn/ | registry | C:\WINDOWS\system32\netsh.exe | HKLM\SOFTWARE\Microsoft\Tracing\FWCFG\MaxFileSize | |
| 2009/12/03 08:06:16 | tottaldomain.cn/ | registry | C:\WINDOWS\system32\netsh.exe | HKLM\SOFTWARE\Microsoft\Tracing\FWCFG\FileDirectory | |
| 2009/12/03 08:06:11 | tottaldomain.cn/ | process | C:\WINDOWS\explorer.exe | C:\WINDOWS\system32\svchost.exe | |
| 2009/12/03 08:06:19 | tottaldomain.cn/ | registry | C:\WINDOWS\system32\wbem\wmiprvse.exe | HKLM\SYSTEM\ControlSet001\Services\PerfOS\Performance\Error Count | |
| 2009/12/03 08:06:11 | tottaldomain.cn/ | process | UNKNOWN | C:\WINDOWS\system32\wininet.exe | |
| 2009/12/03 08:06:20 | tottaldomain.cn/ | registry | C:\WINDOWS\system32\netsh.exe | HKLM\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\WINDOWS\Temp\wpv791259017613.exe | |
| 2009/12/03 07:36:52 | install.netpumper.com/get_file.php?file=minime | file | C:\Program Files\Internet Explorer\IEXPLORE.EXE | C:\Documents and Settings\******\Local Settings\Temporary Internet Files\Content.IE5\40J8GL1X\minime[1].exe | |
| 2009/12/03 09:42:10 | ohtas.biz/preview/index.php | file | C:\Program Files\Internet Explorer\IEXPLORE.EXE | C:\Documents and Settings\******\Local Settings\Temporary Internet Files\Content.IE5\LERRV50T\load[1].exe | |
| 2009/12/03 09:42:11 | ohtas.biz/preview/index.php | file | C:\Program Files\Internet Explorer\IEXPLORE.EXE | C:\Documents and Settings\******\file.exe | |
| 2009/12/03 09:42:12 | ohtas.biz/preview/index.php | process | C:\Program Files\Internet Explorer\IEXPLORE.EXE | C:\Documents and Settings\******\file.exe | |
| 2009/12/03 09:42:12 | ohtas.biz/preview/index.php | file | System | C:\Documents and Settings\******\Local Settings\Temporary Internet Files\Content.IE5\LERRV50T\load[1].exe | |
| 2009/12/03 09:42:12 | ohtas.biz/preview/index.php | file | C:\WINDOWS\system32\lsass.exe | C:\Documents and Settings\******\Application Data\Microsoft\Protect\S-1-5-21-507921405-1844237615-839522115-1003\da188b81-93d3-4c2e-9fa7-de1440200b25 | |
| 2009/12/03 09:42:12 | ohtas.biz/preview/index.php | file | C:\WINDOWS\system32\lsass.exe | C:\Documents and Settings\******\Application Data\Microsoft\Protect\S-1-5-21-507921405-1844237615-839522115-1003\Preferred | |
| 2009/12/03 09:42:12 | ohtas.biz/preview/index.php | file | C:\Documents and Settings\******\file.exe | C:\Documents and Settings\******\Application Data\Microsoft\Crypto\RSA\S-1-5-21-507921405-1844237615-839522115-1003\f95e4360f287f2891952b8d82f744c9b_387ea055-bdc5-4c1c-9713-f61c1e6b77f9 | |
| 2009/12/03 09:42:13 | ohtas.biz/preview/index.php | file | C:\Documents and Settings\******\file.exe | C:\WINDOWS\Temp\16.tmp | |
| 2009/12/03 09:42:15 | ohtas.biz/preview/index.php | process | C:\Documents and Settings\******\file.exe | C:\WINDOWS\system32\net.exe | |
| 2009/12/03 09:42:17 | ohtas.biz/preview/index.php | process | C:\WINDOWS\system32\net.exe | C:\WINDOWS\system32\net1.exe | |
| 2009/12/03 09:42:20 | ohtas.biz/preview/index.php | process | C:\Documents and Settings\******\file.exe | C:\WINDOWS\system32\net.exe | |
| 2009/12/03 09:42:21 | ohtas.biz/preview/index.php | file | C:\Documents and Settings\******\file.exe | C:\WINDOWS\Temp\17.tmp | |
| 2009/12/03 09:42:21 | ohtas.biz/preview/index.php | file | C:\Documents and Settings\******\file.exe | C:\WINDOWS\Temp\18.cmd | |
| 2009/12/03 09:42:22 | ohtas.biz/preview/index.php | process | C:\Documents and Settings\******\file.exe | C:\WINDOWS\system32\cmd.exe | |
| 2009/12/03 09:42:21 | ohtas.biz/preview/index.php | process | C:\Program Files\Internet Explorer\IEXPLORE.EXE | C:\Documents and Settings\******\file.exe | |
| 2009/12/03 09:42:22 | ohtas.biz/preview/index.php | file | C:\WINDOWS\system32\cmd.exe | C:\Documents and Settings\******\file.exe | |
| 2009/12/03 09:42:22 | ohtas.biz/preview/index.php | process | C:\Documents and Settings\******\file.exe | C:\WINDOWS\system32\cmd.exe | |
| 2009/12/03 09:40:37 | scan.stopandscanyourpc.com/download/smrtprt/install.php | file | C:\Program Files\Internet Explorer\IEXPLORE.EXE | C:\Documents and Settings\******\Local Settings\Temporary Internet Files\Content.IE5\LERRV50T\SmartProtector[1].exe | |
| 2009/12/03 09:40:09 | scan.clearedpcsecurity.com/download/smrtprt/install.php | file | C:\Program Files\Internet Explorer\IEXPLORE.EXE | C:\Documents and Settings\******\Local Settings\Temporary Internet Files\Content.IE5\BFS2DG34\SmartProtector[1].exe | |
| 2009/12/03 09:37:02 | escanpc.com/pgm/escanpcupdater.exe | file | C:\Program Files\Internet Explorer\IEXPLORE.EXE | C:\Documents and Settings\******\Local Settings\Temporary Internet Files\Content.IE5\40J8GL1X\escanpcupdater[1].exe | |
| 2009/12/03 10:10:19 | 210.51.166.218/admin/config/adv.exe | file | C:\Program Files\Internet Explorer\IEXPLORE.EXE | C:\Documents and Settings\******\Local Settings\Temporary Internet Files\Content.IE5\FRHBQUW2\adv[1].exe | |
| 2009/12/03 10:12:23 | cavle-online.com/play.exe | file | C:\Program Files\Internet Explorer\IEXPLORE.EXE | C:\Documents and Settings\******\Local Settings\Temporary Internet Files\Content.IE5\40J8GL1X\play[1].exe | |
| 2009/12/03 10:41:57 | nju7yd.3322.org/nbok01/zxtt.exe | file | C:\Program Files\Internet Explorer\IEXPLORE.EXE | C:\Documents and Settings\******\Local Settings\Temporary Internet Files\Content.IE5\40J8GL1X\zxtt[1].exe | |
| 2009/12/03 10:40:09 | nju7yd.3322.org/nbok01/wltt.exe | file | C:\Program Files\Internet Explorer\IEXPLORE.EXE | C:\Documents and Settings\******\Local Settings\Temporary Internet Files\Content.IE5\BFS2DG34\wltt[1].exe | |
| 2009/12/03 10:40:43 | nju7yd.3322.org/nbok01/xctt.exe | file | C:\Program Files\Internet Explorer\IEXPLORE.EXE | C:\Documents and Settings\******\Local Settings\Temporary Internet Files\Content.IE5\40J8GL1X\xctt[1].exe | |
| 2009/12/03 10:40:17 | nju7yd.3322.org/nbok01/dh3tt.exe | file | C:\Program Files\Internet Explorer\IEXPLORE.EXE | C:\Documents and Settings\******\Local Settings\Temporary Internet Files\Content.IE5\LERRV50T\dh3tt[1].exe | |
| 2009/12/03 10:40:47 | nju7yd.3322.org/nbok01/dhwdtt.exe | file | C:\Program Files\Internet Explorer\IEXPLORE.EXE | C:\Documents and Settings\******\Local Settings\Temporary Internet Files\Content.IE5\40J8GL1X\dhwdtt[1].exe | |
| 2009/12/03 10:38:27 | antimalware-software.org/download.exe | file | C:\Program Files\Internet Explorer\IEXPLORE.EXE | C:\Documents and Settings\******\Local Settings\Temporary Internet Files\Content.IE5\40J8GL1X\download[1].exe | |
| 2009/12/03 11:17:03 | ezscanweb.com/download.php | file | C:\Program Files\Internet Explorer\IEXPLORE.EXE | C:\Documents and Settings\******\Local Settings\Temporary Internet Files\Content.IE5\40J8GL1X\install[1].exe | |
| 2009/12/03 11:15:08 | c.oye333.com/a03.exe | file | C:\Program Files\Internet Explorer\IEXPLORE.EXE | C:\Documents and Settings\******\Local Settings\Temporary Internet Files\Content.IE5\40J8GL1X\a03[1].exe | |
| 2009/12/03 11:11:02 | pafersbasedos.com/1/remover.exe | file | C:\Program Files\Internet Explorer\IEXPLORE.EXE | C:\Documents and Settings\******\Local Settings\Temporary Internet Files\Content.IE5\BFS2DG34\remover[1].exe | |
| 2009/12/03 11:13:49 | solanahotel.com/.sys/?getexe=v2captcha.exe | file | C:\Program Files\Internet Explorer\IEXPLORE.EXE | C:\Documents and Settings\******\Local Settings\Temporary Internet Files\Content.IE5\40J8GL1X\v2captcha[1].exe | |
| 2009/12/03 11:49:19 | love2coffe.cn/ | file | C:\Program Files\Internet Explorer\IEXPLORE.EXE | C:\Documents and Settings\******\Local Settings\Temporary Internet Files\Content.IE5\LERRV50T\load[1].exe | |
| 2009/12/03 11:49:21 | love2coffe.cn/ | file | C:\Program Files\Internet Explorer\IEXPLORE.EXE | C:\Documents and Settings\******\S87ekhV.exe | |
| 2009/12/03 11:49:22 | love2coffe.cn/ | process | C:\Program Files\Internet Explorer\IEXPLORE.EXE | C:\Documents and Settings\******\S87ekhV.exe | |
| 2009/12/03 11:49:22 | love2coffe.cn/ | file | C:\Documents and Settings\******\S87ekhV.exe | C:\WINDOWS\Temp\~TM16.tmp | |
| 2009/12/03 11:49:22 | love2coffe.cn/ | file | System | C:\Documents and Settings\******\Local Settings\Temporary Internet Files\Content.IE5\LERRV50T\load[1].exe |
