Download 1f2cc9238129512c6f118ffdfec79189 - East China Sea 2010-1.pdf as a password protected archive (please contact me if you need the password)
Details: 1f2cc9238129512c6f118ffdfec79189 - East China Sea 2010-1.pdf
From: Natalie S. Wozniak [mailto:natalies.wozniak@yahoo.com] Subject: Maritime Disputes in East Asia
Colleague,
I was able to secure permission to forward you the attached CRS report on Maritime Disputes in East Asia; just came out today. They intentionally kept it short report, in hopes that it would increase its readership.
Please share with your colleagues. Also, please share their comments, observations and questions.
Best,
Natalie
Headers
Message-ID: <242520.45817.qm@web114111.mail.gq1.yahoo.com>
....Received: from [69.197.151.114] by web114111.mail.gq1.yahoo.com via HTTP; Wed, 03 Feb 2010 05:19:02 PST
X-Mailer: YahooMailRC/272.7 YahooMailWebService/0.8.100.260964
Date: Wed, 3 Feb 2010 05:19:02 -0800 (PST)
Subject: Maritime Disputes in East Asia
To: XXXXXXXXXXXXX
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="0-410636181-1265203142=:45817"
Lookup IP Address: 69.197.151.114
General InformationHostname: server.gvd.tw
ISP: WholeSale Internet
Organization: Max Dmitry
Country: United States
State/Region: MO
City: Kansas City
Virustotal
File East_China_Sea_2010-1.pdf received on 2010.02.08 06:49:37 (UTC)http://www.virustotal.com/analisis/9c60d1c79ddcbc446c41fbc523e8818ace5624dbbe38a9fa6da092f2a582a498-1265611777
Result: 9/40 (22.5%)
Avast 4.8.1351.0 2010.02.08 JS:Pdfka-WP
GData 19 2010.02.08 JS:Pdfka-WP
Microsoft 1.5406 2010.02.07 Exploit:Win32/Pdfjsc.CW
NOD32 4846 2010.02.08 JS/Exploit.Pdfka.NPK
nProtect 2009.1.8.0 2010.02.08 Exploit.PDF-JS.Gen.C02
PCTools 7.0.3.5 2010.02.08 Trojan.Pidief
Sophos 4.50.0 2010.02.08 Troj/PDFJs-B
Sunbelt 3.2.1858.2 2010.02.07 Exploit.PDF-JS.Gen (v)
TrendMicro 9.120.0.1004 2010.02.08 TROJ_PDFEX.E
File size: 60110 bytes
MD5...: 1f2cc9238129512c6f118ffdfec79189
SHA1..: 31d658a871d3974c55ec310742ad7a07310bd0ba
Wepawet
http://wepawet.cs.ucsb.edu/view.php?hash=1f2cc9238129512c6f118ffdfec79189&type=jsAnalysis report for East China Sea 2010-1.pdf
File East China Sea 2010-1.pdf
MD5 1f2cc9238129512c6f118ffdfec79189
Analysis Started 2010-02-07 22:52:43
Report Generated 2010-02-07 22:52:47
Jsand 1.03.02 benign
ViCheck.ca
PDF Exploit call to media.newPlayer CVE-2009-4324
Malware traffic to
Hostname: 218.159.55.30
ISP: Korea TelecomOrganization: Korea Telecom
Country: Korea, Republic of
State/Region: 11
City: Seoul
Quite a few domains on that ip (from robtex.com)
File shellcode.exe_ received on 2010.02.08 07:00:13 (UTC)
Result: 10/40 (25.00%)AVG 9.0.0.730 2010.02.07 Agent_r.OV
CAT-QuickHeal 10.00 2010.02.08 Trojan.Agent.ATV
Jiangmin 13.0.900 2010.02.08 Trojan/Agent.ckpb
Kaspersky 7.0.0.125 2010.02.08 Trojan-Downloader.Win32.Small.aolo
McAfee 5885 2010.02.07 Generic Downloader.fa
McAfee+Artemis 5885 2010.02.07 Generic Downloader.fa
McAfee-GW-Edition 6.8.5 2010.02.07 Heuristic.BehavesLike.Win32.Downloader.T
Microsoft 1.5406 2010.02.07 TrojanDownloader:Win32/Sileco.A
TheHacker 6.5.1.1.183 2010.02.08 Trojan/Downloader.Small.aolo
TrendMicro 9.120.0.1004 2010.02.08 PAK_Generic.001
I am posting the picture as the script causes antivirus panic. Apologies if this happened to you
No comments:
Post a Comment