2014-11-15 - VASTKID.COM GENERATED SWEET ORANGE GATE AND FAILED RIG EK INFECTION

ASSOCIATED FILES:

 


Above:  Two infection chains that didn't work out.

Above:  Malicious script for Rig EK gate.

 

INFECTION TRAFFIC

COMRPOMISED WEBSITE:

 

PATH TO SWEET ORANGE EK GATE:

 

RIG EK GATE:

 

RIG EK:

 

SNORT EVENTS

ET & ET PRO SIGNATURE HITS FROM SGUIL ON SECURITY ONION:

SOURCEFIRE VRT SIGNATURE HITS FROM SNORT 2.9.6.2:

 

PRELIMINARY MALWARE ANALYSIS

MALWARE FROM THE EXPLOIT KIT:

 

 

FINAL NOTES

Once again, here are the associated files:

ZIP files are password-protected with the standard password.  If you don't know it, look at the "about" page of this website.

Click here to return to the main page.