SiteCheck Signatures

  1. Home
  2. Signatures
  3. SiteCheck Signatures
  4. malware-entry-mwjs6525

malware-entry-mwjs6525

Description: We detected an iframe or javascript that loads the Phoenix Exploit kit to compromise anyone visiting the web site. This type of malware is generally heavily encoded and hidden on javascript files or at the top of the HTML/PHP/ASP pages.

Affecting: Any web site (often through outdated WordPress, Joomla, osCommerce and stolen passwords).

Domains distributing malware:


(many domains)

Clean up: You can also sign up with us and let our team remove the malware for you.

Malware dump:


wen=[ 20, 40, 50,0,60,30,10];ohm = 15;ohm--;gyp=0.009;gyp+=16;oat=5;git=0.0202;..

lop=18 ;lop+=0.013 ;chi=25;chi++;hae=0.012;hae+=0.0189;orb=0.012;orb--;..