antimalware09.net

¿ô¤¢¤ëFake¥¢¥ó¥Á¥¦¥£¥ë¥¹¤Ê¤ó¤Ç¤¹¤¬¡¢¿Í¤òñÙ¤¹¤ï¤±¤Ç¤Ï¤Ê¤¯¥Ü¥Ã¥È¤¬¼«È¯Åª¤Ë¥¢¥¯¥»¥¹¤Ë¹Ô¤Ã¤Æ¤Þ¤·¤¿¡£

ľÀܤߤë¤È¤³¤ó¤Ê¥Ú¡¼¥¸¤Ç¤¹¡£

¥Ü¥Ã¥È¤ÎÆ°¤­¤Ï¤³¤ó¤Ê´¶¤¸¡£

­¡¤Þ¤º¡¢¤³¤ó¤Ê¥ê¥¯¥¨¥¹¥È¤òÈô¤Ð¤·¤Þ¤¹¡£

 http://antimalware09.net/images/£ø£ø£ø£ø£ø£ø£ø/£ø£ø£ø£ø£ø£ø£ø£ø/£ø£ø£ø£ø2-£ø£ø£ø-£ø£ø£ø-bc8d-£ø£ø£ø£ø£øde.gif

­¢¤¹¤ë¤È¡¢¤³¤ó¤Ê302±þÅú¤¬Ê֤äƤ­¤ÆÊ̤ÎURL¤ØÈô¤Ð¤µ¤ì¤Þ¤¹¡£

  HTTP/1.1 302 Found..Server: nginx/0.6.26..Date: Tue, 21 Oct 2008 15:15:42 G
  MT..Content-Type: text/html; charset=UTF-8..Connection: close..X-Powered-By
  : PHP/5.1.6..Location: http://stat.antimalware09.net/soft3/common/17.gif..C
  ontent-Length: 0....    

­£¤Ç¡¢¥À¥¦¥ó¥í¡¼¥É

  GET /soft3/common/17.gif HTTP/1.0..Range: bytes=0-..User-Agent: Internet Ex
  plorer..Host: stat.antimalware09.net....                                   

­¤¤½¤Î¸å¡¢³Îǧ¹Ô°Ù¤¬¹Ô¤ï¤ì¤Þ¤¹¡£

  GET /images/£Ø£Ø£Ø£Ø£Ø/£ø£ø£ø£ø£ø657£ø£ø£ø£ø£ø£ø£ø/£ø£ø£ø£ø2-£ø£ø£ø-£ø£ø£ø-
  bc8d-£ø£ø£ø£ø£øde.ok?id=17 HTTP/1.0..Range: bytes=0-..User-Agent: Internet 
  Explorer..Host: antimalware09.net....    

­¥¤³¤Î³Îǧ¹Ô°Ù¤ËÂФ¹¤ë±þÅú¤ÎÃæ¿È¤Ï

 OK

¥À¥¦¥ó¥í¡¼¥É¤µ¤ì¤ë¥Õ¥¡¥¤¥ë¤Ë¤Ï²¿¼ïÎफ¤¢¤ë¤è¤¦¤Ç¤¹¤¬¡¢¤½¤ÎÁªÂò¥ë¡¼¥ë¤ÏÉÔÌÀ¤Ç¤¹¡£¤³¤ÎÎã¤Ç¤Ï¡Ö17.gif¡×¡£

¤Á¤Ê¤ß¤ËºÇ¸å¤Î­¥¤Î³Îǧ¹Ô°Ù¤¬¹Ô¤ï¤ì¤ë¤È¡¢­¡¤ÎURL¤Ï»ÈÍѤǤ­¤Ê¤¯¤Ê¤ë¤è¤¦¤Ç¤¹¡£¤½¤ì°Ê¸å404±þÅú¡£

¤¿¤À¤·­¡¤Îʸ»úÎó¤òŬÅö¤Ë¤¤¤¸¤Ã¤Æ¤ä¤ë¤È¿·¤¿¤ÊURL¤È¤·¤ÆÍ­¸ú¤Ë¤Ê¤ê¤Þ¤¹¡£ÅöÁ³Æ±¤¸¤è¤¦¤ËÂбþ¤¹¤ë­¥¤Î¥ê¥¯¥¨¥¹¥È¤òÁ÷¤ë¤È»È¤¨¤Ê¤¯¤Ê¤ê¤Þ¤¹¡£

¤Þ¤¡¡¢¤½¤ó¤Ê¤³¤È¤·¤Ê¤¯¤Æ¤â­£¤ÎURL¤ÏľÀÜᤱ¤ë¤Î¤Çº¬¤³¤½¤®¤µ¤é¤Ã¤Æ¤ß¤Þ¤·¤¿¡£

5¡Á9.gif¡¢10¡Á12.gif¡¢14¡Á17.gif¡¢23¡Á28.gif¤Î18¥Õ¥¡¥¤¥ë¤¬Â¸ºß¤·¤Æ¤¤¤Æ¤½¤Î¥¿¥¤¥à¥¹¥¿¥ó¥×¤Ï¤¹¤Ù¤Æ2008/10/22 6:48¤Ç¤·¤¿¡£

¥Ï¥Ã¥·¥åÃͤϤ¹¤Ù¤Æ¤Ð¤é¤Ð¤é¤Ç¤¹¤¬¡¢Á´Éô¤³¤ó¤Ê´¶¤¸¤Ç¤¹¡£

³Æ¼ï¥Ö¥é¥Ã¥¯¥ê¥¹¥È¤Ë¤Ï¡¢¤Á¤ã¤ó¤ÈÅÐÏ¿¤µ¤ì¤Æ¤¤¤ë¤è¤¦¤Ç¤¹¤¬¡¢¥¢¥ó¥Á¥¦¥£¥ë¥¹Âбþ¤¬¤Ç¤­¤Æ¤Þ¤»¤ó¤Í¡£¤¿¤Ö¤ó¥Þ¥ë¥¦¥§¥¢¼«ÂΤ¬¹¹¿·¤µ¤ì¤Æ¤¤¤ë¤»¤¤¤À¤È»×¤¤¤Þ¤¹¤¬¡£

¥É¥á¥¤¥ó¤ÏÃæ¹ñ¤Ç¼èÆÀ¡¢Â¨ÍøÍѳ«»Ï¤È¤¤¤¦ºÇ¶á¤è¤¯¸«¤ë¥Ñ¥¿¡¼¥ó

   Domain Name: ANTIMALWARE09.NET
   Registrar: BIZCN.COM, INC.
   Whois Server: whois.bizcn.com
   Referral URL: http://www.bizcn.com
   Name Server: NS1.ANTIMALWARE09.NET
   Name Server: NS14.ANTIMALWARE09.NET
   Name Server: NS3.ANTIMALWARE09.NET
   Status: clientDeleteProhibited
   Status: clientTransferProhibited
   Updated Date: 02-oct-2008
   Creation Date: 02-oct-2008
   Expiration Date: 02-oct-2009

ÍøÍѤµ¤ì¤Æ¤¤¤ë¥¢¥É¥ì¥¹¤Ï£³¤Ä¡£

218.106.90.227

Ãæ¹ñ¡ÊAS9929¡Ë

 inetnum:      218.106.90.128 - 218.106.90.255
 netname:      hefei-qingyi-jiayuan-corp
 country:      cn
 descr:        hefei city
 admin-c:      TC254-AP
 tech-c:       TC254-AP
 status:       ASSIGNED NON-PORTABLE
 source:       APNIC
 route:        218.104.0.0/14
 descr:        CNC Group CncNet
 country:      CN
 origin:       AS9929

58.65.237.49

¹á¹Á(AS23898)

 inetnum:      58.65.232.0 - 58.65.239.255
 netname:      HOSTFRESH
 descr:        HostFresh
 descr:        Internet Service Provider
 country:      HK
 admin-c:      PL466-AP
 tech-c:       PL466-AP
 status:       ALLOCATED PORTABLE
 mnt-by:       APNIC-HM

77.244.220.134

¥í¥·¥¢(AS35357)

 inetnum:        77.244.220.0 - 77.244.220.255
 netname:        PRIMENET1
 descr:          Allocation for our customer PrimeNet
 country:        RU
 admin-c:        RZT1-RIPE
 tech-c:         RZT1-RIPE
 status:         ASSIGNED PA
 mnt-by:         RZT-MNT

¤³¤ì¤é¤ÎIP¥¢¥É¥ì¥¹¤Ï¤³¤ó¤Ê¥É¥á¥¤¥ó¤Ç¤â»ÈÍѤµ¤ì¤Æ¤¤¤Þ¤¹¡£

 a-vxp2008.com
 anti-virusxp2008.net
 antimalware09.com
 encountertracker.ws
 mail.a-vxp2008.com
 mail.anti-virusxp2008.net
 mail.antimalware09.com
 mail.antimalware09.net
 mail.encountertracker.ws
 mail.youpornzztube.com 

[¥«¥Æ¥´¥ê:botnet´Ñ»¡Æüµ­]

by jyake