Threat Database Malware Exploit.Java.CVE-2013-0422.z

Exploit.Java.CVE-2013-0422.z

By GoldSparrow in Malware

Exploit.Java.CVE-2013-0422.z is a Java exploit, which proliferates via a hacked website that hosts and advertises a malevolent Java applet exploiting the CVE 2013-0422 vulnerability. The malevolent Java application, Exploit.Java.CVE-2013-0422.z, circulates via the harmful website called 'minjok.com', which is a news website created in Korean and English languages incorporating mainly political events around the Korean peninsula, and is now closed. The website, which spreads Exploit.Java.CVE-2013-0422.z has been hijacked and cybercriminals embedded a single line in a page code showing the latest news about Korea. This line of code urged a victimized visitor's Internet browser to drop and run the harmful Java applet called Exploit.Java.CVE-2013-0422.z, which exists in the website. If exploited successfully, a damaging executable is added to the hacked PC and executed without the victim's interaction. The executable is set on this hacked website as well, concealing its file name as if it was a GIF image. The executable file is a dangerous application, which operates as a simple dropper and installer for the further attack stage.

File System Details

Exploit.Java.CVE-2013-0422.z may create the following file(s):
# File Name Detections
1. agentm.exe
2. javaupdates.jar

Registry Details

Exploit.Java.CVE-2013-0422.z may create the following registry entry or registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run bspire = %systemdrive%:\Temp\agentm.exe BSPIRE

Trending

Most Viewed

Loading...