--
The IE Exploiter v1.0/2.0The tool is first know to have emerged back in 2002, with its latest version released in 2004. It was first branded

as the "Fearless IE Exploiter" and then returned back to it's original name.
Description of the v1.0 : "
Fearless IE Exploiter allows you to embed executable files into HTML documents, that when viewed in an unpatched version of Internet Explorer 5.* will automatically download and execute the .exe". And the
description of v2.0 : "
IE Exploiter v2 is a very simple tool that creates a HTML file with an embedded executable file. Once the HTML file is viewed the executable file will overwrite notepad.exe on the target system and then execute it using the view-source: prefix."
Result: 22/32 (68.75%)
File size: 149359 bytes
MD5: 315cd35aa5a0334697832e83fac7b0dc
SHA1: 71a7929f7781d969a63e532cd8cd877940a2ca12

--
King's IE Exploiter
King's IE Exploiter is an Arabic DIY exploit embedding tool released around 2004. Despite that the malware embedded sites generated on-the-fly come totally unobfuscated, we will yet wait and see the eventual release of such feature.
Result: 6/32 (18.75%)
File size: 253440 bytes
MD5: e6052d3abf95429fd761feef0a695470
SHA1: 9f91e21bf9e8898a09c36b31bb1f5afff3cb8f35

-- Zephyrus
Again relased around 2004, the description reads : "
Its a prove of concept tool to generate a Stench MediaPlayer Exploit file more infos about stench can be found here http://malware.com or at here AVP calls it exploit.win32.zephyrus"
Result: 30/32 (93.75%)

--
God's Will
The description reads : "A GODMESSAGE page is an HTML page that works with an ACTIVEX bug founded in IE5.5/OUTLOOK/OUTLOOK EXPRESS. Thanks to this bug when someone view our godmessaged page he downloads an HTA file in his STARTUP FOLDER.'
Result: 32/32 (100%)
--
Ed Html Infector
The description of the tool circa 2004 reads : "Ed HTML Infector is a very simple tool that creates HTML file with an embedded executable file within."
Result: 14/32 (43.75%)
File size: 118784 bytes
MD5: 94c642903318f89d410c64d46f2047aa
SHA1: b834cd34283e541dccb5aad81fb49ca97adbb48c
0 comments:
Post a Comment
Note: Only a member of this blog may post a comment.