SiteCheck Signatures

  1. Home
  2. Signatures
  3. SiteCheck Signatures
  4. malware-entry-mwiframehd429

malware-entry-mwiframehd429

Description:

Malicious iframe hidden inside a javascript file and getting loaded with a innerHTML+appendChild call. It is used to distribute malware from external web sites while not being visible to the user.

 

Domains used in this attack:


http://klijk.ath.cx/index.php?tp=dd4e8540318ab369
http://wwws.cz.cc/index.php?tp=d52b36cfb64cad94
(and many others)

Affecting:

Any web site sites (no specific target)

 

Clean up:

This malware is generally hidden inside the javascript files. Sign up here to get it clean up: Signup

 

Malware dump (sample of malware):