RFI Attacks

Suspected Attacks 462568

[Details]


Exploit kit with 22 exploits and updated obfuscation techniques

While investigating an attack, I came across a piece of javascript that was quite unusual. Most javascript obfuscated malware uses custom “packers” if you will to mangle the actual code that performs the attack. This code must become “unpacked” at some point to be interpreted by the web browser. Simply looking for document.write or eval [...]

Share
October 22nd, 2008 | Tags: , , , | Category: Malware scripts and other formats, Reverse Engineering | One comment

Analyzing a malicious pdf – Troj/PDFJs-A

I picked up a copy of a malicious pdf a week or so ago that was trying to infected a workstation. Lets crack it open and see what’s inside. Virus Total MD5: bccb814a5bcba72be31cdaf4e8805a7b Filename: pdf.pdf Simply running the file command on the pdf returns the following: pdf.pdf: PDF document, version 1.4 Running strings on pdf.pdf [...]

Share
September 4th, 2008 | Tags: , , , | Category: Malware Binaries (exe/dll), Malware scripts and other formats, Reverse Engineering | Leave a comment