Wednesday, March 24, 2010

Mar 24 CVE--2010-0188 PDF My application from donald932@gmail.com



From: Huang [mailto:donald932@gmail.com]
Sent: Wednesday, March 24, 2010 4:26 AM
To: XXXXXXXXXXXX
Subject: : My application

This is my application, please check it appropriate or not, and
looking forward for your reply.
Huang

Virustotal
http://www.virustotal.com/analisis/dc29830cd35d8cf60df907c101daf05ad14111fa63c8071fd8f7465be2825968-1270006579
 File application.PDF received on 2010.03.31 03:36:19 (UTC)
Result: 5/42 (11.91%)
ClamAV    0.96.0.0-git    2010.03.30    Exploit.PDF-17705
F-Secure    9.0.15370.0    2010.03.31    Exploit:W32/Pidief.CND
PCTools    7.0.3.5    2010.03.31    HeurEngine.Pdexe
Sophos    4.52.0    2010.03.31    Troj/PDFJs-II
Symantec    20091.2.0.41    2010.03.31    Trojan.Pidief.I
Additional information
File size: 57116 bytes
MD5...: 76f7e8dc68b364abfd893f0e9340fae8





%user%\Local Settings\Temp\application.PDF
%user%\Local Settings\Temp\temp.tmp
%user%\Local Settings\Temp\xxx.exe
%user%\Temp\~.exe
%user%\help.dll



http://www.virustotal.com/analisis/60505da8832dd0f0d737e9793c8240185e00a1b44ac5ef4383e0d86bf5d97d71-1270010048
File help.dll received on 2010.03.31 04:34:08 (UTC)
Result: 4/36 (11.11%)
DrWeb 5.0.2.03300 2010.03.31 Trojan.LydraSpy.origin
Panda 10.0.2.2 2010.03.30 Suspicious file
Sophos 4.52.0 2010.03.31 Sus/Behav-113
Symantec 20091.2.0.41 2010.03.31 Suspicious.Insight
File size: 101376 bytes
MD5   : e868c642ed4040f0e6752fe427084d3d




all other files and connections are like in this post Mar 25 CVE-2010-0188 PDF Re: conference memo from jesseandy2@gmail.com




No comments:

Post a Comment