Analyzing a new exploit pack
Jump to navigation
Jump to search
(Publication) Google search: [1]
| Analyzing a new exploit pack | |
|---|---|
| Botnet | |
| Malware | |
| Botnet/malware group | |
| Exploit kits | Kein |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2012 / 2012-08-15 |
| Editor/Conference | Kahu Security |
| Link | http://www.kahusecurity.com/2012/analyzing-a-new-exploit-pack/ (Archive copy) |
| Author | Darryl |
| Type | Blogpost |
Abstract
“ A new exploit pack has recently appeared and is getting a decent amount of drive-by traffic. This pack employs several exploits and includes two different social engineering ploys so there’s something for everyone.
This pack can be primarily found on the kein.hk domain so let’s call this the “Kein Exploit Pack”. Here are the parts of this pack that we’ll be analyzing. As you can see, the majority of the exploits used in this pack is outdated but they have little AV coverage.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1096,
editor = {Kahu Security},
author = {Darryl},
title = {Analyzing a new exploit pack},
date = {15},
month = Aug,
year = {2012},
howpublished = {\url{http://www.kahusecurity.com/2012/analyzing-a-new-exploit-pack/}},
}