Microsoft Malware Protection Center

Threat Research & Response Blog

Browse by Tags

  • Blog Post: Analysis of the Eleonore exploit pack shellcode

    '‚ÄčEleonore ' is a malware package that contains a collection of exploits used to compromise web pages. When the compromised web pages are viewed via vulnerable systems, the exploit payload is run. Eleonore is purchased by an attacker from an underground website. The attacker then gains access to Internet...
  • Blog Post: Some shellcode de-mystified

    The shellcode described in this post was obtained from the Eleonore v1.2 exploit kit. High-level details about that kit are mentioned in my April 2012 blog post . This post is a technical view of the actual shellcode and is intended to be instructive to the inquisitive reader. Since this code is relatively...