Home Testimonials Company Support 1–888–873–0817
Home Notes Malware Signatures About
Malware definitions (web based)

Encoded javascript

Javascript is a language (code) that can be executed directly by the browser and many other applications that support it (PDF, email readers, etc).

Javascript malware. Because it is a full programming language executed by the browser, attackers use it heavily to run malicious code from the compromised sites. It can range from simple remote source includes, to heavily obfuscated payloads to redirect users to spam, exploit kits (drive by downloads), fake AV and anything else you can imagine.

Example of javascript malware:

Simple remote includes:

This code loads whatever content is inside rec-creations.com/player.js and is executed by the browser of the victim.

Encoded javascript: There are so many variations, ranging from an iframe builder hidden:

To a remote code included hidden in hex:

Or to a more complex blackhole exploit kit enconding type: