Monthly Archives: February 2011

Incognito Exploit Kit

Incognito is a relatively new exploit kit. It uses the following Javascript code to perform its drive-by downloads. Let’s take a closer look at the obfuscated Javascript. As you can see, it’s using arrays like crazy. There are three functions. … Continue reading

Posted in Exploit Packs, Malscript | Tagged , , , | 4 Comments

Using IE as a Malware Downloader

I recently sat in on a presentation that discussed how a malicious program was converted (and XOR’d) into a binary file. A second program downloaded the seemingly innocuous binary file and converted it back to the original malicious program on … Continue reading

Posted in Tools | Tagged , , , , | Comments Off on Using IE as a Malware Downloader