TROJ_OTFSPLOIT.A


 ALIASES:

Exploit-CVE2015-2426 (McAfee), Exp.CVE-2015-2426.A (Symantec)

 PLATFORM:

Windows

 OVERALL RISK RATING:
 DAMAGE POTENTIAL:
 DISTRIBUTION POTENTIAL:
 REPORTED INFECTION:
 INFORMATION EXPOSURE:

  • Threat Type: Trojan

  • Destructiveness: No

  • Encrypted:

  • In the wild: Yes

  OVERVIEW

Infection Channel:

Downloaded from the Internet

This Trojan arrives as a component bundled with malware/grayware packages.

It requires its main component to successfully perform its intended routine.

  TECHNICAL DETAILS

File Size:

367,260 bytes

File Type:

Other

Memory Resident:

Yes

Initial Samples Received Date:

23 Jul 2015

Arrival Details

This Trojan arrives as a component bundled with malware/grayware packages.

Other Details

This Trojan requires its main component to successfully perform its intended routine.

It is a zero-day exploit for the following vulnerability:

NOTES:

These are maliciously constructed OpenType fonts which are used to exploit the above-mentioned vulnerability. Thus, allowing remote code execution in the affected system.

The vulnerability affects Windows Vista, Server 2008, 7, 8, 8.1, Server 2012, RT, RT 8.1, Server 2008 R2, and Server 2012 R2.