CVE-2018-4878 was first demonstrated being exploited in the wild by TEMP.Reaper.
This repository contains the POC we created from the analysed malware, which is known to work against 32-bit versions of Flash 27 by exploiting a Use-After-Free vulnerability.
Successful exploitation provides the attacker with a ByteArray object capable of modifying process memory.
The full breakdown of the vulnerability can be found here.