VML vulnerability - code

Hello,
I believe I have caught an html email with VML exploit.
I would like to share this with people who really know their stuff. Who can I send this for analysis?
Mrk

P.S. I wonder if testing it with IE4fs in Linux will work??

 

TNT comes to my mind. I´m sure that the folks at PrevX and antivirus researchers will appreciate it too.

 

Hello,
Got any links, I'm too lazy to search...
Mrk

 

Yes, please if you can you please save the original message and e-mail it to me at 4kibqc702@sneakemail.com zipped with password "infected".

Thanks.

NB: I'm gonna close this e-mail address as soon as I get the message.

 

E-mails for submitting samples to AV companies

 

Me too please

Contact me in pvt

Marco

 

Hi Mrk

If you want to share with a wider audience of vendors and researchers you could always upload the file to MIRT for widespread distribution

http://www.castlecops.com/f81-Unknown_Files.html

 

Hello,
Before I make too much wind, I wanted to see how other people analyze it. I could be absolutely wrong of course...
MIRT is not loading for me right now.... Do you want it?
Mrk

 

I think that CastleCops is receiving a DDoS caused by hosting of Gmer. The entire site loads too slowly here.

 

Yes please.I have PM'ed you an addy and will put it up on MIRT with a link back to this topic.

TIA

 

Curious?

Whats so special about this particular exploit?

I have been looking at 5 different htm files with varying exploits and was wondering is the one circulating in emails somehow different?

Exploit.JS.XMLCore.a

Exploit.HTML.VML.d

Exploit.HTML.IESlice.d

Downloader.JS.Agent.bx

Downloader.JS.Agent.cd