Analyzing a new exploit pack

From Botnets.fr
Jump to navigation Jump to search

(Publication) Link to the old Wiki page : [1] / Google search: [2]

Analyzing a new exploit pack
Botnet
Malware
Botnet/malware group
Exploit kits Kein
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2012 / 2012-08-15
Editor/Conference Kahu Security
Link http://www.kahusecurity.com/2012/analyzing-a-new-exploit-pack/ (Archive copy)
Author Darryl
Type Blogpost

Abstract

A new exploit pack has recently appeared and is getting a decent amount of drive-by traffic. This pack employs several exploits and includes two different social engineering ploys so there’s something for everyone.

This pack can be primarily found on the kein.hk domain so let’s call this the “Kein Exploit Pack”. Here are the parts of this pack that we’ll be analyzing. As you can see, the majority of the exploits used in this pack is outdated but they have little AV coverage.

Bibtex

 @misc{Darryl2012BFR1096,
   editor = {Kahu Security},
   author = {Darryl},
   title = {Analyzing a new exploit pack},
   date = {15},
   month = Aug,
   year = {2012},
   howpublished = {\url{http://www.kahusecurity.com/2012/analyzing-a-new-exploit-pack/}},
 }