This could be a newer variant of Popads Exploit Kit: http://doc.emergingthreats.net/bin/view/Main/2016065 → Magnitude EK exploit abused: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2551 (also java exploits) The specific researcher for this type of malcode is “kafeine” → https://twitter.com/kafeine/status/387027354293264385 also see contributions here: http://www.malwaresigs.com/?s=popads & http://www.malwaresigs.com/2013/06/14/dotcachef/ & http://www.malwaresigs.com/?s=popads links author = Kuluoz
polonus