|
http://bbs.jueduizuan.com
The exploit downloads trojan dropper ri.exe, copies it and attempts to launch as svchost.exe 
The attempt to execute svchost.exe (ri.exe) fails because ri.exe is blocked from downloading, therefore, cannot execute. File: ri.exe Status:INFECTED/MALWARE MD5: 4fae9734c0b06526fcf6399a96607c04 http://winzipices.cn Spoofed .gif file CODE 
EXPLOIT BLOCKED 
File: test.exe Status: INFECTED MALWARE MD5: 5c9322a95aaafbfabfaf225277867f5b |
