For a few weeks now, a new command has been added in Koobface's C&C.
This small picture has a size of 19.439 Bytes (Bitmap is only 999 Bytes). The command decrypts extra data with the key (193854730d993dfgdfjkng345). This is the decrypt routine:
The malware is known as Trojan-PSW.Win32.LdPinch, a password stealer.
Edit: imageshack.us was contacted, the picture has been removed