[Squirl]

NBC[dot]com exploit (RedKit) payload attached.

It attempts to assemble some binary code from base64 encoded streams and some actual raw hex - I've not got around to looking at this indepth, yet.

Enjoy :D

[reverser]

Looks like the dropper URL (hxxp://symptomshighbloodpressure.org/62.html) is down. Anyone saved it?

[reverser]

Second-stage loader extracted from 1fa5afe1ddcd083d40b5b330fd9b3613/b6420843e01a3d28ff2f179e1c373ebb44e91861fb51e72042882910a483fc9d from here.