{ "id": "d4cc747c-30cf-477c-a2bd-71a6cbab639f", "created_at": "2026-04-06T00:16:10.120704Z", "updated_at": "2026-04-10T03:20:06.014244Z", "deleted_at": null, "sha1_hash": "738907539718dedcc9a08a010f26b105e3e9c5fe", "title": "Jan 17 Trojan Darkmoon.B EXE Haiti relief from santi_nidas@yahoo.com 17 Jan 2010 13:15:02 -0800 PST", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 151862, "plain_text": "Jan 17 Trojan Darkmoon.B EXE Haiti relief from\r\nsanti_nidas@yahoo.com 17 Jan 2010 13:15:02 -0800 PST\r\nArchived: 2026-04-05 17:15:59 UTC\r\nThis message contains a zip attachment with  ârâfâI.exe (Darkmoon.B) and a 20100118.pdf  (containing pictures).\r\nDownload the A4754BE7B34ED55FAFF832EDADAC61F6 -Darkmoonb.zip (password protected\u003c please contact me if\r\nyou need it)\r\nThe message is in Japanese\r\nFrom: santi_nidas@yahoo.com [mailto:santi_nidas@yahoo.com]\r\nSent: Sunday, January 17, 2010 4:15 PM\r\nTo: xxxxxxxxxxx\r\nSubject: ハイチの救援活動が難航 7千人埋葬、時間との勝負\r\nハイチの救援活動が難航 7千人埋葬、時間との勝負\r\n 【ポルトープランス共同】大地震発生から2日が経過したハイチでは14日、現地入りした欧米の救援チーム\r\nが倒壊家屋の下敷きになった被災者の捜索活動を始めるなど、国際的な救援活動が本格化した。しかし、人員や\r\n医薬品が不足し活動は難航している。\r\n ロイター通信によると、プレバル・ハイチ大統領は同日、地震による死者約7千人が既に墓地に埋葬されたと\r\n述べた。国連の潘基文事務総長は「発生後、72時間が鍵だ」と述べ、時間との勝負になっていることを強調し\r\nた。\r\n 国連や米CNNテレビによると、米の救援チームが14日朝、首都ポルトープランスで倒壊した平和維持活動\r\n(PKO)部隊の本部ビルに下敷きになっていたエストニアの警備要員の男性(38)を救助。現地には災害救\r\n助犬を連れたフランス隊のほか、スペイン、ドミニカ共和国などの救援チームが続々と到着、活動を始めた。事\r\n務総長は「今後、各国からさらに派遣される」と語った。\r\n 被災地では医師、医療品不足が深刻化。国連や各国は救援物資の運搬、配布に全力を挙げる方針だ。ただ、ロ\r\nイター通信によると、甚大な被害を受けたポルトープランスの空港は人員や物資を運ぶ航空機で満杯状態とな\r\nり、米連邦航空局(FAA)は米国から同空港への飛行を当面見合わせるよう指示した。\r\nSubject: Haiti relief deadlock seven people buried in 1000, race against time\r\n  Haiti's troubled rescue seven people buried in 1000, race against time\r\n[Co] from a large earthquake in Port au Prince in Haiti two days after the 14th, and now he will begin his search for victims\r\nburied under collapsed houses in the West entered the local rescue team, the international relief activities in earnest.\r\nHowever, a lack of activity and medical personnel are faced with difficulties. \r\nAccording to Reuters, the president said pre-Barbera Haiti, said seven were killed by the earthquake that buried thousands of\r\npeople already. UN Secretary General Ban Ki-moon \"after a failure, but 72 hours is key,\" and emphasized that it is a race\r\nhttp://contagiodump.blogspot.com/2010/01/jan-17-trojan-darkmoonb-exe-haiti.html\r\nPage 1 of 3\n\nagainst time. CNN television said the United Nations and the United States, North Korea has 14 rescue teams in the U.S.,\r\ncollapsed in the capital Port peacekeeping operations (PKO) security personnel in Estonia men had been buried in the\r\nheadquarters of the troops (38) rescued the . In addition to the local disaster relief team with a dog on France, Spain,\r\nDominican Republic, such as rescue teams continued to arrive and we started to work. Secretary-General \"We will also be\r\ndispatched from the country,\" he said. Doctors in disaster areas, a shortage of medical supplies. The United Nations and\r\ninternational transportation of relief supplies, we will make a concerted effort to distribute. However, according to Reuters,\r\nthe airport of Port-au-affected state and became filled with enormous aircraft carrying personnel and supplies, Federal\r\nAviation Administration (FAA) has asked to postpone the airport's flight from the U.S. did. \r\nHeaders\r\nReceived: from  (santi_nidas@218.67.131.82 with login)\r\n        by smtp113.plus.mail.sp1.yahoo.com with SMTP; 17 Jan 2010 13:15:02 -0800 PST\r\nX-Yahoo-SMTP: APkRSTKswBAltjtRmEcOWOvp0HAuXtE8\r\nX-YMail-OSG:\r\n6TNaz1oVM1nFg57xH0ABi34Uqp874reW9HI.wvjrQ6E1IzS13PFJujNh3DivLqjPCewT1TINsHkCsU8adegb_w2ZTwgc0YPhZmye5uDpETKWVa_REo\r\nX-Yahoo-Newman-Property: ymail-5\r\nMessage-ID:\r\nHostname:    218.67.131.82\r\n      ISP:    China Unicom Tianjin province network\r\n      Organization:    China Unicom Tianjin province network\r\n      Country:    China\r\n       City:    Tianjin\r\n      Latitude:    39.1422\r\n      Longitude:    117.1767\r\n ârâfâI.exe\r\n  http://www.virustotal.com/analisis/81d634888b069313492b30f737ed07085f335d1cc29964050514412bf5d4b7d1-\r\n1263879006\r\n File _r_f_I.exe received on 2010.01.19 05:30:06 (UTC)\r\nResult: 14/41 (34.15%)\r\nAntivirus     Version     Last Update     Result\r\nAhnLab-V3    5.0.0.2    2010.01.18    Win-Trojan/Agent.45056.AMQ\r\nAntiy-AVL    2.0.3.7    2010.01.18    Trojan/Win32.Agent.gen\r\nAvast    4.8.1351.0    2010.01.18    Win32:Malware-gen\r\nCAT-QuickHeal    10.00    2010.01.19    Trojan.Agent.cvpr\r\nComodo    3632    2010.01.19    TrojWare.Win32.Trojan.Agent.~IAZ\r\nDrWeb    5.0.1.12222    2010.01.19    Trojan.Siggen.27190\r\nF-Secure    9.0.15370.0    2010.01.19    Trojan:W32/Agent.LGJ\r\nGData    19    2010.01.19    Win32:Malware-gen\r\nJiangmin    13.0.900    2010.01.18    Trojan/Agent.cule\r\nKaspersky    7.0.0.125    2010.01.19    Trojan.Win32.Agent.dbzx\r\nnProtect    2009.1.8.0    2010.01.18    Trojan/W32.Agent.45056.TM\r\nSophos    4.49.0    2010.01.19    Troj/DarkMoon-B\r\nTrendMicro    9.120.0.1004    2010.01.19    BKDR_POISON.SME\r\nViRobot    2010.1.19.2143    2010.01.19    Trojan.Win32.Agent.45056.HO\r\nAdditional information\r\nFile size: 45056 bytes\r\nMD5...: a4754be7b34ed55faff832edadac61f6\r\nPDF inside zip\r\nFile 20100118.pdf received on 2010.01.19 05:30:36 (UTC)\r\nhttp://www.virustotal.com/analisis\r\n/27f63881ec53b66e863cc91bef587ab52d51a04f9771a4c0a5215f41d38d60d3-1263879036\r\nCurrent status: finished\r\nhttp://contagiodump.blogspot.com/2010/01/jan-17-trojan-darkmoonb-exe-haiti.html\r\nPage 2 of 3\n\nResult: 0/41 (0%)\r\nSource: http://contagiodump.blogspot.com/2010/01/jan-17-trojan-darkmoonb-exe-haiti.html\r\nhttp://contagiodump.blogspot.com/2010/01/jan-17-trojan-darkmoonb-exe-haiti.html\r\nPage 3 of 3", "extraction_quality": 1, "language": "EN", "sources": [ "ETDA", "Malpedia" ], "references": [ "http://contagiodump.blogspot.com/2010/01/jan-17-trojan-darkmoonb-exe-haiti.html" ], "report_names": [ "jan-17-trojan-darkmoonb-exe-haiti.html" ], "threat_actors": [], "ts_created_at": 1775434570, "ts_updated_at": 1775791206, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/738907539718dedcc9a08a010f26b105e3e9c5fe.pdf", "text": "https://archive.orkl.eu/738907539718dedcc9a08a010f26b105e3e9c5fe.txt", "img": "https://archive.orkl.eu/738907539718dedcc9a08a010f26b105e3e9c5fe.jpg" } }