Pages

Wednesday, April 28, 2010

Apr 23 CVE-2008-4841 DOC Important Message from indianembassy.org.cn


Download  03546e59967af0c2dbf609013934cd07 message-cv.doc as a password protected archive (please contact me for the password, if you need it)


Details 03546e59967af0c2dbf609013934cd07 message-cv.doc


From: polsec@ [mailto:indianembassy.org.cn polsec@indianembassy.org.cn]
Sent: Friday, April 23, 2010 4:30 AM
To: XXXXXXXXXX
Subject: Important Message

Dear sir,

   Pls find attached file .

Regards,

Satish Kumar
Second Secretary,
Embassy of India,
Beijing


http://www.virustotal.com/analisis/7a6b78a4662ceca77e76cd7f2bc08f69a588fc7547db60eb77eb4c328a04c0a8-1272378511
File message-cv.doc received on 2010.04.27 14:28:31 (UTC)
Result: 13/40 (32.50%)
a-squared     4.5.0.50     2010.04.27     Exploit.Win32.CVE-2008!IK
Authentium     5.2.0.5     2010.04.27     MSWord/Dropper.B!Camelot
BitDefender     7.2     2010.04.27     Exploit.MSOffice.Gen
F-Prot     4.5.1.85     2010.04.26     CVE-2006-2389
F-Secure     9.0.15370.0     2010.04.27     Exploit.MSOffice.Gen
Fortinet     4.0.14.0     2010.04.27     MSWord/Agent.Y!exploit
GData     21     2010.04.27     Exploit.MSOffice.Gen
Ikarus     T3.1.1.80.0     2010.04.27     Exploit.Win32.CVE-2008
Jiangmin     13.0.900     2010.04.27     Exploit.MSWord.b
McAfee-GW-Edition     6.8.5     2010.04.27     Heuristic.BehavesLike.Exploit.OLE2.CodeExec.EBKP
Microsoft     1.5703     2010.04.27     Exploit:Win32/CVE-2008-4841
nProtect     2010-04-27.01     2010.04.27     Exploit.MSOffice.Gen
Panda     10.0.2.7     2010.04.26     Trj/1Table.C
Additional information
File size: 292864 bytes
MD5   : 03546e59967af0c2dbf609013934cd07

Headers
Received: from unknown (HELO mail.niit.com.cn) (202.109.110.87)
  by XXXXXXXXXXXXX  with SMTP; 23 Apr 2010 08:30:17 -0000
Received: Fri, 23 Apr 2010 16:30:13 +0800
From: polsec@indianembassy.org.cn       
Hostname:    202.109.110.8
      ISP:    ChinaNet Shanghai Province Network
      Organization:    Business China Trading Company
      Country:    China
      State/Region:    Shanghai
      City:    Shanghai

dl-niit.com, niit.com.cn, okshanghai.com, www.niit.com.cn, mail.niit.com.cn and at least three other hosts point to 202.109.110.87. It is blacklisted in four lists.

dl-niit.com
indianembassy.org.cn
mail.indianembassy.org.cn
mail.niit.com.cn
niit.com.cn
okshanghai.com
www.indianembassy.org.cn
www.niit.com.cn

Domains using this as mail server
indianembassy.org.cn(primary)
niit.com.cn(primary)


No comments:

Post a Comment