polonus
1
Pondus
2
polonus
3
Hi Pondus,
I now succeeded to upload to Anubis and an analysis report is here: http://anubis.iseclab.org/?action=result&task_id=14b1e34adaae27ba4050602923d79bf4e
From this analysis you can see the code used in dialing to a NEOSPLOIT site: “HKU\S-1-5-21-842925246-1425521274-308236825-500\\\\\\\\ …secure and anonymous”.
Mutexes like Shell.CMruPidlList and _SHuassist.mtx, are characteristic for Blackhole Exploit Kit malware - malcode was detected 2011/09/21_15:07
polonus