SiteCheck Signatures

  1. Home
  2. Signatures
  3. SiteCheck Signatures
  4. malware-entry-mwiframehd31

malware-entry-mwiframehd31

Description: Javascript encoded used to hide an iframe.

It uses javascript to read an encoded text from inside the html page. Once
decoded, it loads a malicious iframe to the site visitor.

Domains used to host the malware:
http://moshonken.com (and many others)

Affecting: Any web site (no specific target)

Malware sample: