hxxp://bbs.vgl.co.kr/bbs/icon/ie.html - malicious link
http://www.virustotal.com/analisis/6827df1e55c9d7bbbf80272a919606aa7d5ee7b90fd049d67c6b2c0e2f458819-1269977772
File ie.html received on 2010.03.30 19:36:12 (UTC)
Result: 19/42 (45.24%)
Antivirus Version Last Update Result
a-squared 4.5.0.50 2010.03.30 Exploit.JS.CVE-2010-0806!IK
Authentium 5.2.0.5 2010.03.30 JS/Cosmu.A
Avast 4.8.1351.0 2010.03.30 JS:CVE-2010-0806-C
Avast5 5.0.332.0 2010.03.30 JS:CVE-2010-0806-C
AVG 9.0.0.787 2010.03.29 Exploit
BitDefender 7.2 2010.03.30 Exploit.Cosmu.A
eSafe 7.0.17.0 2010.03.28 JS.CVE2010-0806
eTrust-Vet 35.2.7396 2010.03.30 JS/Dish!exploit
F-Prot 4.5.1.85 2010.03.30 JS/Cosmu.A
F-Secure 9.0.15370.0 2010.03.30 Exploit.Cosmu.A
Fortinet 4.0.14.0 2010.03.30 JS/CVE20100806.B!exploit
GData 19 2010.03.30 Exploit.Cosmu.A
Ikarus T3.1.1.80.0 2010.03.30 Exploit.JS.CVE-2010-0806
Kaspersky 7.0.0.125 2010.03.30 Exploit.JS.CVE-2010-0806.b
Microsoft 1.5605 2010.03.30 Exploit:JS/CVE-2010-0806
nProtect 2009.1.8.0 2010.03.30 Exploit.Cosmu.A
Sophos 4.52.0 2010.03.30 Troj/ExpJS-R
Sunbelt 6117 2010.03.30 Trojan.JS.BOFExploit (v)
VirusBuster 5.0.27.0 2010.03.30 JS.BOFExploit.Gen
Additional information
File size: 6494 bytes
MD5...: fcfeb0287f172a2c58f680fcd120ea48
bbs.vgl.co.kr has one IP number , which is the same as for vgl.co.kr, but the reverse is 211-115-80-207.kidc.net. vgl.co.kr and http://www.robtex.com/dns/www.vgl.co.kr.html point to the same IP. vgl.co.kr is delegated to two nameservers, however one delegated nameserver is missing in the zone. Incoming mail for vgl.co.kr is handled by seven mailservers having a total of 28 IP numbers. Some of them are on the same IP network. bbs.vgl.co.kr is hosted on a server in Korea. It is not listed in any blacklists.
Hostname: 211-115-80-207.kidc.net
ISP: KRNIC
Organization: Hanbiro, Inc.
Country: Korea, Republic of
State/Region: Soul-t'ukpyolsi
City: Seoul
ISP: KRNIC
Organization: Hanbiro, Inc.
Country: Korea, Republic of
State/Region: Soul-t'ukpyolsi
City: Seoul
No comments:
Post a Comment