Embedded JavaScript in SWF

In a blog published in November titled “Explore the CVE-2010-3654 matryoshka“, we discussed a 0-day Shockwave (SWF) exploit that uses JavaScript to do malicious actions. In this blog, we discuss another advanced way SWF malware is combined with JavaScript only this time, without using a 0-day exploit. In January we noticed a very large spike…

0

Explore the CVE-2010-3654 matryoshka

We recently discovered a sample that is trying to exploit the 0-day Adobe vulnerability tracked by CVE-2010-3654. This sample is being distributed as a PDF file, and it has a lot of complicated steps before the final payload is executed. Analyzing this sample is like working your way through a matryoshka doll.   The analysis…

0