2009/9/5 Platonides Platonides@gmail.com:
David Gerard, how did you get the link to threatexpert.com? The behavior of 01cd53443e3e7a7453a85a58191558c7 is one from malware, but the submission being on 21 July 2009 makes me doubt that it really is that the file.
I Googled for a description of the malware's name.
VirusTotal analysis show the result as clean, but if it was an inoffensive PoC written on the IT department, why did they use a packer?
I'm not sure if anyone has contacted Jornada to check his bona fides as yet.
- d.