Phoenix Exploit

Posted in Papers by NJ Ouchn on 26 January 2011 Tags: Malware, Phoenix Exploit

Source : MalwareIntelligence

PEK (Phoenix Exploit’s Kit) has become one of the most used by those who flood the Internet every day with different types of malicious code. Currently, a large amount of malware is distributed through this crimeware, which is also widely used for collecting information relevant to a botmaster.

Earlier we mentioned how it looks inside version 2.1 and at the same time we said that from the standpoint of design, different versions of PEK are practically very similar, with the typical dark background, the phoenix in the lower right corner and facing your authentication system trivial at first glance, but nevertheless performs a check under the SHA1 algorithm.

This time, it’s version 2.3 of PEK, the final and stable so far (there is a preliminary version 2.4 known as the 2.3r). However, despite no visible differences appear, this version also upgrade a number of “details” in your code, incorporates a number of exploits which currently represent the highest success rate.

Simple statistics
Displays information about the general data tones to the recorded information with PEK.

Continue Reading

Download Post in PDF

Save Post as PDF

About NJ Ouchn

ToolsWatch.org Principal Founder & Maintainer.

View all posts by NJ Ouchn →

Leave a Reply Cancel reply

[Paper] Blackberry Z10 Research Primer by SEC Consult

Blackberry Z10 Research Primer - 'Dissecting Blackberry 10 – An initial analysis'. The goal of this ...
[Papers] Game Engines: A 0-day’s Tale by ReVuln

This paper details several issues affecting different game engines. All the vulnerabilities discussed in this ...
[Paper] WASC: Static Analysis Technologies Evaluation Criteria v1.0 (SATEC)

The goal of the SATEC (Static Analysis Technologies Evaluation Criteria) project is to create a ...
[Report] For Their Eyes Only: The Commercialization of Digital Spying (The Citizen Lab)

The Citizen Lab is an interdisciplinary laboratory based at the Munk School of Global Affairs,at the University ...
The Art of Exploiting Injection Flaws at Black Hat Vegas 2013

(Article by Sumit 'Sid' Siddharth) Read other Sid's posts at www.notsosecure.com) So, you found a SQL ...

R.I.P Brad “the Nurse” Smith – A Blackhat Icon passed away

Dear all, This is a very sad news for the Hackers & Blackhat Community. After a ...
A Day in the Blackhat Arsenal without Brad ‘TheNurse’ Smith

This year, The Blackhat Arsenal had a bitter aftertaste without the participation of a renowned ...
Blackhat USA 2012: Interview with Stach & Liu Team about Google Diggity Project

Francis Brown Stach & Liu, LLC Francis Brown, CISA, CISSP, MCSE, is a Managing Partner at Stach ...
Blackhat USA 2012: Interview with FishNet Team about SIRA

Justin Engler FishNet Security Justin Engler is a Senior Security Consultant for FishNet Security's Application Security practice. ...
Blackhat USA 2012: Interview with Raphael Mudge about Armitage (Also Introducing CobaltStrike)

Raphael Mudge Strategic Cyber LLC Raphael Mudge is the founder of Strategic Cyber LLC, a Washington, DC ...