Exp/20124792-B

Exp/20124792-B Description

Type: Adware

Exp/20124792-B is an exploit that proliferates via two websites which have been affected by the Internet Explorer zero-day remote code execution vulnerability. The first website serves the Uyghur people of East Turkestan. The Uyghur website encompasses a folder called 'netyanus' which incorporates several files. One of the files, the HTML file, is found as Exp/20124792-B. Internet users who visit the Uyghur website set their PC in danger of being corrupted by Exp/20124792-B. The file called 'news.html', found as Exp/20124792-B, decodes the obfuscated zero-day exploit code inside 'robots.txt', and runs it.

Technical Information

File System Details

Exp/20124792-B creates the following file(s):
# File Name Detection Count
1 robots.txt N/A
2 today.swf N/A
3 Helps.html N/A
4 xsainfo.jpg N/A
5 deployJava.js N/A
6 news.html N/A
7 exploit.html N/A

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.