Home Testimonials Company Support 1–888–873–0817
PRICING SUPPORT LOGIN
Home Notes Malware Signatures About

Malware entry: MW:JS:INCLUDE:DOCUMENT-WRITE

Description: A suspicious javascript remote include was identified in the site. It it used to load malware from a PHP file from external locations and uses document-write to encode the request.

This is done to hide the original URL and make it harder for scanners to identify the malware.

Not very common type of malware. Some URLs:



Those are often used to redirect the browser of anyone visiting the site to Fake AV (anti virus). However, since this is a generic rule, the malware can change from site to site.

Affecting: Any web site (no specific target).

Clean up: Nothing specific.

Last update: Aug/2012

Malware dump:

For all our web-based malware signatures, go here: http://labs.sucuri.net/?malwaredb