2015-06-16 - Exploit Integration

CVE-2015-3104/3105 (Flash up to 17.0.0.188) and Exploit Kits




Spotted by TrendMicro, Magnitude is now exploiting CVE-2015-3105 patched with Flash 18.0.0.160

Magnitude :
2015-06-16

Magnitude Successfully exploit Flash 17.0.0.188 in IE11 on Windows 7
and pushes 2 Cryptowall
2015-06-16


Flash Sample in that pass : 58d1022923950ad1452c72f46b1ee3d0
Fiddler sent to VT

Angler EK :
2015-06-17

[Edit : In a previous version i wrote it was CVE-2015-3105. Fixed after I received multiple notification (from TrendMicro and Microsoft)  telling me exploit here is not the same as in Magnitude]
Angler EK successfully exploit Flash 17.0.0.188 in IE11 on Windows 7 and executes
bedep in Memory
2015-06-17
Flash sample in that pass :   ae3b7af878a4a53e93d8af479bc508dd  Another one : 695e17f2d0bf19633c820aaa4ec3d126
Fiddler sent to VT.

Nuclear Pack :
2015-06-18

Thx brooks_li for spotting the move
Nuclear Pack exploiting Flash 17.0.0.188 on Windows 8.1 in Internet Explorer 11
Pushing Troldesh.A 2015.06-18

Sample in that pass : 2f41190173744e2e4fc2783ef4bf57dc
Fiddler sent to VT

Read More :
Magnitude Exploit Kit Uses Newly Patched Adobe Vulnerability; US, Canada, and UK are Most At Risk - 2015-06-16 - Peter Pi - TrendMicro

EXPLOIT-KIT
CVE-2015-3104 CVE-2015-3105 Magnitude Nuclear Pack Angler EK