Multi-stage exploit installing trojan

Introduction

ESET researchers receive and analyze thousands of new malware samples every day. Earlier this year, one of them caught our attention because it was not an ordinary executable file, but a preference file used by a specific program. Further analysis quickly revealed the file actually is malicious and exploited a vulnerability in the software in order to execute code while it is parsed.

This article will take a deep dive into how the exploit works and briefly describe the final payload.

Multi-stage exploit installing trojan