SiteCheck Signatures

  1. Home
  2. Signatures
  3. SiteCheck Signatures
  4. malware-entry-mwjsanon7

malware-entry-mwjsanon7

Description:

A suspicious remote javascript include was identified. It was set in an non-standard place (before the <html> tag) and was used to distribute malware to someone visiting the infected web site.

 

Signature:

This is not a signature-based rule, but looks for anomaly behaviours that indicate the presence of malware. In this case, our engine found it to be malicious (related to drive-by downloads).

 

Affecting:

Any web site sites (no specific target)

 

Clean up:

This malware is generally hidden inside the PHP or ASP files. Sign up here to get it clean up: Signup

 

Malware dump (sample of malware):