Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
unknown_html malware here...pdf exploit, part of Phoenix exploit kit!
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: unknown_html malware here...pdf exploit, part of Phoenix exploit kit! (Read 1549 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 33913
malware fighter
unknown_html malware here...pdf exploit, part of Phoenix exploit kit!
«
on:
December 28, 2011, 12:36:42 AM »
See:
http://www.virustotal.com/url-scan/report.html?id=61551356323e1bd6543f9f4a69f5b734-1325024109
See:
http://www.virustotal.com/file-scan/report.html?id=12a5d18ee896e59954bdce0f4acc7212eebe03dae1834ef4ce160ac5afa5c4a8-1325027814
Found suspicious here:
http://urlquery.net/report.php?id=13647
Here is where avast detects it:
http://www.virustotal.com/file-scan/report.html?id=9825fa21aad427062268a1d0fccba4d946afcf578761abef4dffa6874b31e64f-1325028132
as JS:Pdfka-gen [Expl] to inspect the code at the bottom go here:
http://jsunpack.jeek.org/?report=dd801b2382f6f8f10f3ef660f252aa924923934d
(only for security savvy and with script blockers active and in a VM)
same pdf code here:
http://jsunpack.jeek.org/dec/go?report=821bb9092a2c604238213913a8f1db7b5705e882
this time from -lmserv15.info/zenstat/jqcwjtfzjrxlet.pdf pdf exploit, part of Phoenix exploit kit,
polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
unknown_html malware here...pdf exploit, part of Phoenix exploit kit!