Exploit:JS/Colkit.A

Exploit:JS/Colkit.A is the detection for obfuscated, malicious JavaScript code that redirects to or loads files that may exploit a vulnerable version of Java, Adobe Reader, and Adobe Flash, possibly in an attempt to load malware onto your computer.

You can be exposed to the code we detect as Exploit:JS/Colkit.A if you visit a malicious or compromised webpage.

Exploit:JS/Colkit.A attempts to check if the following applications are installed your computer:

• Java
• Adobe Reader
• Adobe Flash

Based on the presence and version of these products, Exploit:JS/Colkit.A attempts to load one or more of the following URLs:

• vrdaxim.pw/<removed>/wedding_simply.pdf
• vrdaxim.pw/<removed>/vegetation-particle_sheep.pdf
• vrdaxim.pw/<removed>/sharp-mother-procession.swf
• vrdaxim.pw/<removed>/quota_reprimand.jar

When these URLs are loaded, they may launch an exploit that targets vulnerable versions of Java, Adobe Reader, or Adobe Flash that you may have installed on your computer.

At the time of analysis, these URLs were unavailable and we are unable to confirm the exact nature of the exploit. However, we suspect that the URLs use exploits that could download and run other malware on your computer.

Analysis by Jonathan San Jose