cbp7t.cn

this sql-injected domain retrieves iframe from http://www.jmlrmg.com/index.htm

The malicious iframe exploits a number of typical vulnerabilities.

The VT analysis of the malicious file http://www.jmlrmg.com/chanm/yahoo.exe is here. ThreatExpert here.

Other domains sharing the same IP are jsani.cn, woshow11.cn

Advertisements

One Response to “cbp7t.cn”

  1. Other domains:
    batyu.cn
    chshun.cn
    dae3.cn
    empty1.cn
    empty52.cn
    hap1.cn
    kan31ni.cn
    kao17.cn
    log5it.cn
    meto1.cn
    pcca4.cn
    sfz22.cn
    showwo2.cn

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: