Home / malware Exploit:JS/Axpergle.J
First posted on 08 January 2020.
Source: MicrosoftAliases :
There are no other names known for Exploit:JS/Axpergle.J.
Explanation :
Installation
The threat determines what browser, operating system and the version of various applications you are using.
It checks if you have vulnerable versions of Internet Explorer, Microsoft Silverlight, Adobe Flash Player, or Java.
Payload
Exploits vulnerabilities in Internet Explorer and Microsoft Silverlight
If you're using Internet Explorer, the threat tries to exploit the vulnerability referred to as CVE-2013-2551.
The threat also checks if the Microsoft Silverlight plugin is installed and enabled. If it is, it tries to exploit the vulnerability referred to as CVE-2013-0074, which we detect as Exploit:MSIL/CVE-2013-0074.
Exploits vulnerabilities in Adobe Flash Player
The threat checks for vulnerabilities in Adobe Flash Player and tries to exploit the vulnerabilities referred to as CVE-2013-0634 (we detect this as Exploit:SWF/CVE-2013-0634) and CVE-2013-5329.
Exploits vulnerabilities in the Java Runtime Environment
The threat checks for vulnerabilities in Java. We have observed it attempting to exploit the vulnerability CVE-2013-2460, which we detect as Exploit:Java/CVE-2013-2460.
Downloads malware
If the threat successfully exploits a vulnerability, it tries to download malware onto your PC. We have observed this threat trying to download files from the following URLs:
8d3.duurfresn.net// 9bfnzp9biy.julianilx.info/ /> 9p0knmgx8e.gijacquvoe.com/ / pointrail.rehobothkitchens.com/ / rce61kxe6j.vkoigiyjl.com/ / uv2wq.edmonsowo.com/ / vientiteollisuutta.rehobothkitchenandbath.com/ / wagetenurezdrzemnac.rehobothkitchenandbath.com/ / ygolotno.rehobothkitchens.com/ /
We have seen it try to download Trojan:Win32/Reveton.
Additional information
This threat is part of the exploit kit called "Angler". See our page on exploits for more information.Last update 08 January 2020
