MD5's of samples found in the wild up to now:

- 6249ac0674574c7df2f81801a41b85a5

- 9d63609e49e18f87973e66bdbc4236b4

- d3410dd27ba25c780abcd5c4df573303

- 1a4c84227cbf6da8724699b9b6fbb71b

- bbc2d8cb3f8ed9a3a5292408d476af14

- c91703bc8d5509003c1d0a634dcbbd06

- 2b988374bb9c0ac7d04a2999959fa978

- 17145972a2116660580f879ac690315f

- df5e0faae726386b7d2ee0fce0bfcbde

- dd47870ac7970ca8b00080d2626f7e2a

- 72d39c6837503e36b2ccec381e191b78

- f82fdcd9f1bc2caf0ffa3928648d356d

- ef8e3898330c9c4af29402776544038c

References:

-http://www.vupen.com/blog/20120117.Advanced_Exploitation_of_Windows_MS12-004_CVE-2012-0003.php

-http://blog.chackraview.net/2012/01/29/understanding-cve-2012-0003-rce-in-microsoft-windows-media-player/

-http://labs.m86security.com/tag/cve-2012-0003/

-http://hummingbird.tistory.com/3544

-http://technet.microsoft.com/en-us/security/bulletin/ms12-004