Friday, November 27, 2009

Nov.25 PDF attack: MOU from cwfhom@gmail.com Nov 25, 2009 10:25 PM


Download the infected pdf (password protected, contact me for the password)





本會與大陸三金融監理機關所簽署之監理合作備忘錄現正陳報行政院核可中,謹將備忘錄相關事項彙整如附件,敬請參閱,謝謝。

如須其他資訊,請隨時告知。

順頌時祺

周鳴皋敬上

金管會

Google Translate

From: Arthur Chou [cwfhom@gmail.com]
To: Ouruser@ourdomain.xxx
Sent: Wednesday, November 25, 2009 10:25 PM
Subject: MOU

This Council and the mainland three financial supervisory authorities signed a memorandum of cooperation is now Commissioner of the Executive Yuan for approval in Chen, I would like to compile a memorandum related matters, such as accessories, please read, thank you.

If any, additional information, please feel free to tell.

When Qi Shun Chung

Zhou Minggao Sincerely,

FSC


Wepawet
http://wepawet.cs.ucsb.edu/view.php?hash=5b4f2df5c95ea65736adbd60ed4f96be&type=js

Result - suspicious


Virustotal analysis
http://www.virustotal.com/analisis/935aacc944172c155c6884ef8e70ec14a400a6de409aa024bbfa6a396853d656-1259261293

AntiVir 7.9.1.79 2009.11.26 HTML/Rce.Gen
McAfee-GW-Edition 6.8.5 2009.11.26 Heuristic.Script.Rce
Microsoft 1.5302 2009.11.26 Exploit:Win32/ShellCode.A
NOD32 4640 2009.11.26 PDF/Exploit.Gen
Norman 6.03.02 2009.11.25 JS/ShellCode.C 



 

No comments:

Post a Comment