See: https://www.virustotal.com/en/url/9fd59b11752891e986b93ab7b402589d63b565ea45daeef03634463c8c919da4/analysis/1365439946/
and accordingly: https://www.virustotal.com/en/file/a54d8de88272b9f68828c890837827f6d7fefd55379856059cf44bfeeed371dd/analysis/1365439951/
See: http://zulu.zscaler.com/submission/show/df1cb12f68f18fb8690cc355dc464c0b-1365440224
Should this come in the category PUP detection? Or is it a PHISH?
Clean mx flags this: Up(nil): unknown_html ARIN US abuse at cogentco dot com 38.102.129.22 to 38.102.129.22 mochibot.com htxp://mochibot.com/my/core.swf?mv=8&fv=6&v=WIN 6,0,79,0&swfid=e9ee8478&l=10301&f=_level0&t=1

polonus

Well it seems that the malware has been closed from 2012-11-23 11:40:52 henceon after being active for 8.2 hours.
And conflicting enough it has been given up as from 2013-04-07 19:37:56 CEST, so is this a resurrection?
See safe virus viewer here: http://support.clean-mx.de/clean-mx/view_virusescontent.php?url=http%3A%2F%2Fmochibot.com%2Fmy%2Fcore.swf%3Fmv%3D8%26amp%3Bfv%3D9%26amp%3Bv%3DWIN%25209%252C0%252C280%252C0%26amp%3Bswfid%3D2b3d715f%26amp%3Bl%3D10301%26amp%3Bf%3D_level0%26amp%3Bsb%3DlocalTrusted%26amp%3Bt%3D1
(for the security aware only - view with browser script protection and in a VM)

Want to know the why? This site has been flagged as PHISH: http://www.websecurityguard.com/detail.aspx?domain=mochibot.com&url=mochibot.com

polonus