Thanks to EKWatcher and his decoding skills saving me a lot of time.
As we can see more and more of those "XMLDOM" checks in exploit kits i decided to write here some of the checks spotted. This is a fast moving area and it will be hard to keep up to date with this, but this may give an idea of how it's being used.
more here........http://malware.dontneedcoffee.com/2014/10/cve-2013-7331-and-exploit-kits.html
As we can see more and more of those "XMLDOM" checks in exploit kits i decided to write here some of the checks spotted. This is a fast moving area and it will be hard to keep up to date with this, but this may give an idea of how it's being used.
more here........http://malware.dontneedcoffee.com/2014/10/cve-2013-7331-and-exploit-kits.html