File link
http://web292.webbox443.server-home.org/install.exe
77 kb - packed install.exe
analysis link
http://www.virustotal.com/analisis/4ebbd8e0045798cee6e505f79fe88671
___
Full-Disclosure - We believe in it.
Charter:
hi there lord_mulder,
i wanted to report some spyware like behavior about smplayer_portable.exe
i have just downloaded MPUI.2008-06-16.Full-Package.exe from
http://mulder.dummwiedeutsch.de/home/?page=projects#mplayer
and installed it completely - codecs + mplayer + smplayer
on running
sir,
please look into the home page of the above URL http://www.sgbau.ac.in/
this webpage hosts a malware script :Virus.VBS.Redlof.k
more info about this malware can be found over here :
http://www.viruslist.com/en/search?VN=Virus.VBS.Redlof.k
as this server / domain / ip address is either
at the end of the homepage there is a code fragment Script
Language=VBScript which is a virus Virus.VBS.Redlof.k ( more info
http://www.viruslist.com/en/search?VN=Virus.VBS.Redlof.k )
here are the phone numbers from the website
http://www.sgbau.ac.in/PhDirectory.htm but no one seems to be