Analysis report for http://85.234.190.13/tds/in.cgi?default

Sample Overview

URLhttp://85.234.190.13/tds/in.cgi?default
MD563e7a8a467205c6c2d6c078de506b30c
Analysis Started2010-07-29 01:42:15
Report Generated2010-07-29 01:42:34
Jsand version1.02.02

See the report for domain 85.234.190.13.

Detection results

DetectorResult
Jsand 1.02.02malicious

Exploits

NameDescriptionReference
JWS command-line injectionJava Web Start Arbitrary command-line injectionCVE-2010-0886

Deobfuscation results

Evals

No evals.

Writes

Network Activity

Requests

URLStatusContent Type
http://85.234.190.13/tds/in.cgi?default302text/html
http://194.8.250.227/bomj/200text/html

Redirects

FromTo
http://85.234.190.13/tds/in.cgi?defaulthttp://194.8.250.227/bomj/

ActiveX controls

Shellcode and Malware

No shellcode was identified.

Additional (potential) malware:

URLTypeHashAnalysis
http://194.8.250.227/bomj/helpctrall.asx N/A N/A
http://194.8.250.227/bomj/load.php?spl=java_dt_ie -J-jar -J\\91.188.60.234\public\photo1.jpg none N/A N/A