is a detection for obfuscated script files that exploit a vulnerability in Internet Explorer. The vulnerability has been resolved with the release of Microsoft Security Update MS10-018
Once Exploit:JS/Sykipot.A successfully exploits the vulnerability, it can execute arbitrary code. The following shellcode detections are observed to be associated with Exploit:JS/Sykipot.A:
These exploits usually attempts to download and execute arbitrary files from certain domains. Some of the domains they are known to connect to are:
As of these writing, the above domains are not available.
Analysis by Francis Allan Tan Seng
There are no common symptoms associated with this threat. Alert notifications from installed antivirus software may be the only symptom(s).