See: https://www.virustotal.com/nl/url/49967db7d0a12ab5fc720242c7e10677c1eeff78e6b853a85f47ea53863ca143/analysis/1383326822/
and https://www.virustotal.com/nl/file/e004bd7d3ae45d3c589fe45b274fbc5f03d5cab5fad7d277d1f294a82ea8e7e8/analysis/1383326827/
Site blacklisted: http://quttera.com/detailed_report/ge.tt
IDS alert for ETPRO TROJAN Win32.Xtrat.A (CnC & Exe Source) but not in recent scans (malware down/dead?)
Site blacklisted, malware not identified! Unable to properly scan your site. Site returning error (40x): HTTP/1.1 404 Not Found
Insecure through possible upload: htxp://ge.tt/notifications
Site should be blocked as it could easily spread malcode.
External link to htxp://vjs.zencdn.net/ gets blocked, see: http://www.mywot.com/en/scorecard/vjs.zencdn.net?utm_source=addon&utm_content=popup-donuts
Why the WOT web rep warning is a valid one:
https://www.virustotal.com/nl/domain/vjs.zencdn.net/information/
Why? http://hosts-file.net/?s=vjs.zencdn.net ATS qualification addtracking services non-malicious but possibly undesired.

polonus

Its actually an Rar-Archive which contains an .exe file.

Still only detected by Ikarus: https://www.virustotal.com/en/file/bb2fc962d41de527c714eb22b4e111090f84f8a76352db89974c8d5789721890/analysis/1383328433/
First submission 1 day, 3 hours ago.

Malwr report: https://malwr.com/analysis/NDU4OTI4ZmY4N2Q4NGUzZTk1N2UwZDc3N2M5M2E2ODg/

Screenshot of the program attached. Looks like something according to AVG Internet Security.

Active Malware on the site by AVG: http://www.avgthreatlabs.com/website-safety-reports/domain/ge.tt/
Site is listed on PhishTank.

About Yara in the Malwr Analysis, read: http://0xdabbad00.com/2011/04/23/creating-a-yara-signature-for-shellcode/
Here it says it matched shellcode byte patterns (rar file detection)

pol

Latest validation gives file as non-malicious
(thanks to Pondus for reporting Norman Lab’s findings)

polonus