New Blackhole HTML Infector found30 Aug 2012 I came up with this sample today from MDL, I analyzed it and wrote report in VT with the below URL: https://www.virustotal.com/file/bb95e70c6ea8aaf8134bf9c9645aef715e4b4806004afbcfa9cd572b44939d82/analysis/1346296410/
It is a new infection injected code, kinda long, but malzilla and jsunpack break them after 3loop in tries. It was uploaded by 2012 Aug30th 11:30 in the infected server. Very new. No wonder VT has the Detection Ratio of (2/42)
It redirected you to the infected payload using the Java exploit
The payload detection ratio is 11/42 and can be viewed here:
You can grab the sample directly from the infection source, still up/alive.
Or contact me for more details.