Thread: mike dutch site linking to malware
View Single Post
Old 19. Jan 2010, 11:32 PM   #6 (permalink)
computerfreaker
Junior Member
 
computerfreaker's Avatar
 
Join Date: Jun 2009
Posts: 15
Default
yep, that was an infected PDF all right, and a whole lot more.
Here's the reply I just got from SANS:
Quote:
Originally Posted by SANS ISC
Hi,

your sample exploits Collab.collectEMailInfo (and probably other Adobe vulnerabilities, too, I didn't check) and if successful downloads this exe:
http://www.virustotal.com/en/analisi...4aa-1263920062 from hfgdcvehuno-dot-com
Thanks for writing in!
VirusTotal flags that trojan .exe as a downloader, so I'll wager the victims of this have more than just an infected PDF and a trojan to worry about.

Can't say this enough: run at least a couple of good virus scanners, such as MalwareBytes Anti-Malware.

Nice catch, zanzizzi.
computerfreaker is offline   Reply With Quote