Sunday, January 17, 2010

Jan 17 Trojan Darkmoon.B EXE Haiti relief from 17 Jan 2010 13:15:02 -0800 PST

This message contains a zip attachment with  ârâfâI.exe (Darkmoon.B) and a 20100118.pdf  (containing pictures).

Download the A4754BE7B34ED55FAFF832EDADAC61F6 (password protected< please contact me if you need it)

The message is in Japanese

From: []
Sent: Sunday, January 17, 2010 4:15 PM
To: xxxxxxxxxxx
Subject: ハイチの救援活動が難航 7千人埋葬、時間との勝負

ハイチの救援活動が難航 7千人埋葬、時間との勝負




Subject: Haiti relief deadlock seven people buried in 1000, race against time
Haiti's troubled rescue seven people buried in 1000, race against time
[Co] from a large earthquake in Port au Prince in Haiti two days after the 14th, and now he will begin his search for victims buried under collapsed houses in the West entered the local rescue team, the international relief activities in earnest. However, a lack of activity and medical personnel are faced with difficulties. 

According to Reuters, the president said pre-Barbera Haiti, said seven were killed by the earthquake that buried thousands of people already. UN Secretary General Ban Ki-moon "after a failure, but 72 hours is key," and emphasized that it is a race against time.
CNN television said the United Nations and the United States, North Korea has 14 rescue teams in the U.S., collapsed in the capital Port peacekeeping operations (PKO) security personnel in Estonia men had been buried in the headquarters of the troops (38) rescued the . In addition to the local disaster relief team with a dog on France, Spain, Dominican Republic, such as rescue teams continued to arrive and we started to work. Secretary-General "We will also be dispatched from the country," he said.
Doctors in disaster areas, a shortage of medical supplies. The United Nations and international transportation of relief supplies, we will make a concerted effort to distribute. However, according to Reuters, the airport of Port-au-affected state and became filled with enormous aircraft carrying personnel and supplies, Federal Aviation Administration (FAA) has asked to postpone the airport's flight from the U.S. did. 


Received: from  (santi_nidas@ with login)
        by with SMTP; 17 Jan 2010 13:15:02 -0800 PST
X-Yahoo-SMTP: APkRSTKswBAltjtRmEcOWOvp0HAuXtE8
X-YMail-OSG: 6TNaz1oVM1nFg57xH0ABi34Uqp874reW9HI.wvjrQ6E1IzS13PFJujNh3DivLqjPCewT1TINsHkCsU8adegb_w2ZTwgc0YPhZmye5uDpETKWVa_REo45PgGCtyMK19a_GrDTtqbESsEHsKuK42fy1G0jyW8igbgLrlKijPnxdEXUajNHd1TWavb6IMLC1PIB.HgXDCfSuk1Fua5WBwl7p90BjHP9CSEw.wCbIrrnXc0sEunqTLc77osRKNJORr.4q7Mw.yOQEAnkI70vbEP1ifE8RLr9JZ6ziVFn2ZLRxtG8CvDPWrea57PbzMIMDNKSXA2wm6XvYKvPrt01.BEsPXT7GBgu6KkHFwAoGFhKnx5TMRjGFwz8NPh8DgiANCin8Lqqy1NnSqLjA90M1.lnPCGCpojX594c74dKNyryB7lhCvTVn1rPhwayS146Ldoi2ktaYYnK.HC7lIclsVLgD.flblERnEdJdqs.ECQ-
X-Yahoo-Newman-Property: ymail-5

      ISP:    China Unicom Tianjin province network
      Organization:    China Unicom Tianjin province network
      Country:    China
       City:    Tianjin
      Latitude:    39.1422
      Longitude:    117.1767

 File _r_f_I.exe received on 2010.01.19 05:30:06 (UTC)
Result: 14/41 (34.15%)
Antivirus     Version     Last Update     Result
AhnLab-V3    2010.01.18    Win-Trojan/Agent.45056.AMQ
Antiy-AVL    2010.01.18    Trojan/Win32.Agent.gen
Avast    4.8.1351.0    2010.01.18    Win32:Malware-gen
CAT-QuickHeal    10.00    2010.01.19    Trojan.Agent.cvpr
Comodo    3632    2010.01.19    TrojWare.Win32.Trojan.Agent.~IAZ
DrWeb    2010.01.19    Trojan.Siggen.27190
F-Secure    9.0.15370.0    2010.01.19    Trojan:W32/Agent.LGJ
GData    19    2010.01.19    Win32:Malware-gen
Jiangmin    13.0.900    2010.01.18    Trojan/Agent.cule
Kaspersky    2010.01.19    Trojan.Win32.Agent.dbzx
nProtect    2009.1.8.0    2010.01.18    Trojan/W32.Agent.45056.TM
Sophos    4.49.0    2010.01.19    Troj/DarkMoon-B
TrendMicro    2010.01.19    BKDR_POISON.SME
ViRobot    2010.1.19.2143    2010.01.19    Trojan.Win32.Agent.45056.HO
Additional information
File size: 45056 bytes
MD5...: a4754be7b34ed55faff832edadac61f6

PDF inside zip

File 20100118.pdf received on 2010.01.19 05:30:36 (UTC)
Current status: finished

Result: 0/41 (0%)

No comments:

Post a Comment