This is to detect CVE 2016_7200 used against Microsoft Edge. While I understand edge isn't supported by cuckoo as far as I know it is more in case an EK just fires it at a system so more just trying to get ahead of things even though it is simple enough to validate UA is edge only and then fire exploit.
This is to detect CVE 2016_7200 used against Microsoft Edge. While I understand edge isn't supported by cuckoo as far as I know it is more in case an EK just fires it at a system so more just trying to get ahead of things even though it is simple enough to validate UA is edge only and then fire exploit.
http://malware.dontneedcoffee.com/2017/01/CVE-2016-7200-7201.html
Exploit analysis here: http://blogs.360.cn/360safe/2016/11/29/three-roads-lead-to-rome-2/ POC here: https://github.com/theori-io/chakra-2016-11