t's friday afternoon, I had a bit of free time and stumbled across this tweet by PhysicalDrive0 (thx!) two hours ago and thought to give it a try to finally add a new article to this Blog (first of 2014):
https://twitter.com/PhysicalDrive0/status/479921770838102017
So, I went to Google to search for the domain of the Embassy of Greece Beijing and added the (allegedly) malicious java file package that was found by PhysicalDrive0:
URL: http://www.grpressbeijing.com/1.jar (malicious!)
Next, I loaded the 1.jar file into Java Decompiler to get the source code.
more here...........http://thegoldenmessenger.blogspot.de/2014/06/blitzanalysis-embassy-of-greece-beijing.html
https://twitter.com/PhysicalDrive0/status/479921770838102017
So, I went to Google to search for the domain of the Embassy of Greece Beijing and added the (allegedly) malicious java file package that was found by PhysicalDrive0:
URL: http://www.grpressbeijing.com/1.jar (malicious!)
Next, I loaded the 1.jar file into Java Decompiler to get the source code.
more here...........http://thegoldenmessenger.blogspot.de/2014/06/blitzanalysis-embassy-of-greece-beijing.html