RTF variant of CVE-2017-8759 - From Exploit to Payload

Forum for analysis and discussion about malware.

RTF variant of CVE-2017-8759 - From Exploit to Payload

Postby explo1t » Sat Sep 23, 2017 4:12 am

An interesting writeup on an RTF variant of Document exploiting CVE-2017-8759. It shows different steps of analysis from basic analysis of the Exploit File to payload.

http://www.pwncode.club/2017/09/rtf-bas ... -8759.html

The final stage of the payload is fetched from: www.thyssenkrupp-marinesystems.org. Is it a legitimate and compromised site?
explo1t
 
Posts: 3
Joined: Sat Sep 23, 2017 4:10 am
Reputation point: 0

Return to Malware

Who is online

Users browsing this forum: ea56f45e66e2c and 11 guests