2015-06-16 - Exploit Integration

CVE-2015-3104/3105 (Flash up to and Exploit Kits

Spotted by TrendMicro, Magnitude is now exploiting CVE-2015-3105 patched with Flash

Magnitude :

Magnitude Successfully exploit Flash in IE11 on Windows 7
and pushes 2 Cryptowall

Flash Sample in that pass : 58d1022923950ad1452c72f46b1ee3d0
Fiddler sent to VT

Angler EK :

[Edit : In a previous version i wrote it was CVE-2015-3105. Fixed after I received multiple notification (from TrendMicro and Microsoft)  telling me exploit here is not the same as in Magnitude]
Angler EK successfully exploit Flash in IE11 on Windows 7 and executes
bedep in Memory
Flash sample in that pass :   ae3b7af878a4a53e93d8af479bc508dd  Another one : 695e17f2d0bf19633c820aaa4ec3d126
Fiddler sent to VT.

Nuclear Pack :

Thx brooks_li for spotting the move
Nuclear Pack exploiting Flash on Windows 8.1 in Internet Explorer 11
Pushing Troldesh.A 2015.06-18

Sample in that pass : 2f41190173744e2e4fc2783ef4bf57dc
Fiddler sent to VT

Read More :
Magnitude Exploit Kit Uses Newly Patched Adobe Vulnerability; US, Canada, and UK are Most At Risk - 2015-06-16 - Peter Pi - TrendMicro

CVE-2015-3104 CVE-2015-3105 Magnitude Nuclear Pack Angler EK