SecurityHome.eu Exploit.HTML.IframeBof.BN

Home / malware PDF

Exploit.HTML.IframeBof.BN

First posted on 21 November 2011.
Source: BitDefender
Aliases :
There are no other names known for Exploit.HTML.IframeBof.BN.
Explanation :
The script exploits a vulnerability discovered on Internet Explorer 5.0 (blnmgr.dll). When executed, the script adds the following clsid: "083863f1-70de-11d0-b4d0-00a0c911ce86". The shellcode of the exploit is then executed on the remote host. It first tries to resolve its imports and after that tries to download and execute a file from the address: http://freedom.tih[hidden]. After the files is executed, the browser is being closed. The files is saved with the name m00.exe
Last update 21 November 2011

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20