SiteCheck Signatures

  1. Home
  2. Signatures
  3. SiteCheck Signatures
  4. malware-entry-dwfcc-co-cc

malware-entry-dwfcc-co-cc

Description:

Malware identified and encoded inside a "document.write(String.fromCharCode" call. It is used to call an external and malicious javascript file, while making it hard to find.

Loads malware from (85.17.155.86):

captivejfu.co.cc

Affecting:

Any type of web site (no specific target).

Clean up and details:

Remove offending line from the javascript file.

Malware dump:

document.write(String.fromCharCode("=tdsjqu!uzqf>#ufyu0kbwbtdsjqu...