This malware resides here: 2011-03-12 12:15:40 htxp://generatethefile.com/rc1/out/3288.exe C3E1558C7C80CA8F8AD88E27625D8456 94. 100. 26. 99 NL (also given as PL) Generic Trojan
Virustotal results: http://www.virustotal.com/url-scan/report.html?id=89f3bf0f6ed7794002a9b667fcb78b3a-1300738052
SAS detects it as: Rogue.Agent/Gen-Nullo[EXE]
http://www.virustotal.com/file-scan/report.html?id=92c642e72f3d2f71318c1edbb939dd6dace9a4309dfcb96b78baf3e8e1f9cfa9-1300741890
Certainly suspicious: http://wepawet.iseclab.org/view.php?hash=89f3bf0f6ed7794002a9b667fcb78b3a&t=1299592349&type=js
Anubis report: http://anubis.iseclab.org/?action=result&task_id=13ff26b92def16be42db86b5432719aa5
detected by Ikarus as: Trojan.Win32.Vundo (Sig-Id:1527345)
polonus