The malicious code were encoded as you can see from image.
The malicious code decoded and showed redirect users to exploit site "suptullog.com"
"suptullog.com" site...thanks to robtex.com
When connecting to "suptullog.com", (PDF Exploit) "http://suptullog.com//image/pfre.php" it try to exploit users sytem through PDF vulnerability. An PDF file was downloaded into system to exploit Heap Spray PDF function Collab.getIcon() and Adobe util.printf()
Malicious PDF will redirect to (Trojan)"http://suptullog.com/image/ouet.php" to download malicious file called "install.exe"
Note:If you think the information benefit to you, click on advertisement to support me for domain fees.
Disclaimer:
Whatever url links that posted above contain malicious files/trojan/virus that could harm your systems and information be stolen;Usage:URL links that posted only used for IT security officers, researchers and personal collection only. Any farmful actions totally prohibited. Used it with your own risks and wisely. Whatever risks, and consequences is totally out from to this web owner responsibility.
0 comments:
Post a Comment