Home / malware Exploit:JS/Sykipot.A
First posted on 19 April 2019.
Source: MicrosoftAliases :
Exploit:JS/Sykipot.A is also known as Exploit.JS.CVE-2010-0806.j, Exploit.JS.CVE-2010-0806, JS.Sykipot, JS_SYKIPOT.F.
Explanation :
Exploit:JS/Sykipot.A is a detection for obfuscated script files that exploit a vulnerability in Internet Explorer. The vulnerability has been resolved with the release of Microsoft Security Update MS10-018. Once Exploit:JS/Sykipot.A successfully exploits the vulnerability, it can execute arbitrary code. The following shellcode detections are observed to be associated with Exploit:JS/Sykipot.A: Exploit:Win32/ShellCode.A Exploit:Win32/Senglot.AI Exploit:Win32/ShellCode.gen!A These exploits usually attempts to download and execute arbitrary files from certain domains. Some of the domains they are known to connect to are: lagoon.org/nte/ gghbtyagthr.com/nte/ qjieaicqfir.com/nte/ As of these writing, the above domains are not available. Analysis by Francis Allan Tan Seng
Last update 19 April 2019
