Home / malware Sykipot
First posted on 16 January 2012.
Source: SecurityHomeAliases :
There are no other names known for Sykipot.
Explanation :
Exploit:JS/Sykipot.A is a detection for obfuscated script files that exploit a vulnerability in Internet Explorer. The vulnerability has been resolved with the release of Microsoft Security Update MS10-018.
Exploit:JS/Sykipot.A is a detection for obfuscated script files that exploit a vulnerability in Internet Explorer. The vulnerability has been resolved with the release of Microsoft Security Update MS10-018.
Once Exploit:JS/Sykipot.A successfully exploits the vulnerability, it can execute arbitrary code. The following shellcode detections are observed to be associated with Exploit:JS/Sykipot.A:
Exploit:Win32/ShellCode.A
Exploit:Win32/Senglot.AI
Exploit:Win32/ShellCode.gen!A
These exploits usually attempts to download and execute arbitrary files from certain domains. Some of the domains they are known to connect to are:
lagoon.org/nte/
gghbtyagthr.com/nte/
qjieaicqfir.com/nte/
As of these writing, the above domains are not available.Last update 16 January 2012
