Friday, January 15, 2010

Jan15 CVE-2009-4324 USEUCOM Intelligence Summit from 15 Jan 2010 00:47:09 PST

Here is a fake trojan-laden pdf about the United States European Command Intelligence Summit.

Download Agenda.pdf as (Password protected, please contact me if you need it)

Details: c3079303562d4672d6c3810f91235d9b - Agenda.pdf 

From: Malkhaz Jamureli []
Sent: 2010-01-15 3:47 AM
Subject: Fw: USEUCOM Intelligence Summit

The USEUCOM Intelligence Summit, taking place February 15-17, 2010 in Heidelberg, Germany
The theme for the summit is: “Building Partnerships-Linking Nations” and it will bring together working staff-level US and European mission partner capability planners, program managers, intelligence producers, end-users, and subject matter experts from government, military, law enforcement, academia, private sector, and leading edge technology organizations to discuss and determine ways to improve Intelligence-Sharing and Collaboration capabilities that address common challenges in the Regional and International Security Environment.
Conference Objectives
--  Discuss common US-European security challenges where increased intelligence-sharing and collaboration are needed
--  Highlight US and European Partner intelligence-sharing and collaboration capabilities, programs, and technologies
--  Demonstrate enabling concepts, technologies, business processes, and best practices available from US and European mission partners,  academia, private sector, and industry.
--  Identify initiatives, establish relationships, and create opportunities to improve development and delivery of intelligence-sharing and collaboration architectures and systems capabilities in the near to mid-term.
MAJ Malkhaz Jamureli
Defense, Military, Naval and Air Attache
Embassy of Georgia
2209 Massachusetts Ave., NW
Washington, DC 20008
Comm: 202-387-2580
FAX:   202-387-2581

Received: from [] by via HTTP; Fri, 15 Jan 2010 00:47:09 PST
X-Mailer: YahooMailRC/272.7 YahooMailWebService/
Date: Fri, 15 Jan 2010 00:47:09 -0800 (PST)
From: Malkhaz Jamureli
Subject: Fw:USEUCOM Intelligence Summit
To: undisclosed recipients: ;
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="0-1030923004-1263545229=:52502"

      ISP:    Reasonnet IP Networks B.V.
      Organization:    Novinet colocated servers
      Proxy:    Confirmed proxy server.
      Country:    Netherlands
      State/Region:    07
      City:    Amsterdam
      Latitude:    52.35
      Longitude:    4.9167

util.printd(str0,new Date());}

File Agenda.pdf received on 2010.01.15 16:14:51 (UTC)
Result: 4/41 (9.76%)
a-squared 2010.01.15 Exploit.JS.Pdfka!IK
Ikarus T3. 2010.01.15 Exploit.JS.Pdfka
McAfee-GW-Edition 6.8.5 2010.01.15 Heuristic.BehavesLike.PDF.Shellcode.Z
Sophos 4.49.0 2010.01.15 Troj/PDFJs-GQ
Additional information
File size: 123812 bytes
MD5...: c3079303562d4672d6c3810f91235d9b

File Agenda.pdf
MD5 c3079303562d4672d6c3810f91235d9b
Analysis Started 2010-01-15 08:35:26
Report Generated 2010-01-15 08:35:27
Jsand 1.03.02 benign

Update January 17, 2010
Report kindly offered by
Exploit: pdfexploit - PDF Obfuscated Exploit call to media.newPlayer CVE-2009-4324 found @349.

No comments:

Post a Comment