Is this mdl_Blackhole exploit kit detected here?

Proof of it found here: xttp://wepawet.iseclab.org/view.php?hash=a3ee775dee6ef0ae4b5b433e7ab86840&t=1330904635&type=js
also given as malicious here: htxp://zulu.zscaler.com/submission/show/6d1ec42078f6cf1590fdad71fe4a3d61-1330965514
not detected here: htxp://vscan.urlvoid.com/file/dc97e99d5ed4886921b9e1c8f0ee5673/bWFpbi1waHA=/
See: htxp://urlquery.net/queued.php?id=28202 but no more alerts given for Blackhole exploit kit v1.2 HTTP GET request!

  • Detected Live Blackhole exploit kit
    Exploits Detected

Adobe Libtiff Libtiff integer overflow in Adobe Reader and Acrobat CVE-2010-0188
HPC URL Help Center URL Validation Vulnerability CVE-2010-1885

reported to virus AT avast dot com,

polonus

a pdf exploit is located here gwerggheesa.hopto.org/content/ap2.php?f=32

VirusTotal
https://www.virustotal.com/file/5338678ce92456bb1026f2caab90c99b91ee7d3826efa3eb8d1b28db16e12ab6/analysis/1330977274/

uploading to avast lab :wink:

Hi Pondus,

Thanks for the confirmation and the additional find. Good find. Nice it could be added to detection,

polonus