Search This Blog

Ring Ø Labs DOES NOT advocate using any of the malware, techniques, or information presented here for harm and doing so may violate the law. These topics are for mitigation and educational purposes only. We also employ browser mining to reduce the need for ADs. Read more about us here

Tuesday, July 11, 2017

CVE2017-0199 RTF Exploit Analysis

CVE2017-0199 utilizes a link type confusion vulnerability in RTF documents to download malicious HTA files from remote servers.






RING Ø LABS
Malware Report

FILE DETAILS



Filename
Unpaid_Invoice_829182.doc
Packer
Obfuscated .NET
Hash
1cfd12688b1f93545a3dc91366c86825
Type
CVE2017-0199 - RTF Exploit
Video