Saturday, January 23, 2010

CVE-2010-0249 in the wild – part 0.1

(AS4134 CHINA-TELECOM China Telecom)

Click to enlarge

The URL above it’s been request using (IMHO a very useful tool) MDecoder 0.4 ( As shown in the following picture is detected a binary file downloaded from

image Click to enlarge

Some network info from Robtex about

Click to enlarge

It’s been used Virustotal for a fast detection:

and ThreatExpert for a quick analysis about the binary above (1.exe):

From Threatexpert report,  seem once of the tons of ad hoc malware build for Chinese users.

No comments:

Post a Comment