SiteCheck Signatures

  1. Home
  2. SiteCheck Signatures
  3. malware-entry-mwjsanon7



A suspicious remote javascript include was identified. It was set in an non-standard place (before the <html> tag) and was used to distribute malware to someone visiting the infected web site.



This is not a signature-based rule, but looks for anomaly behaviours that indicate the presence of malware. In this case, our engine found it to be malicious (related to drive-by downloads).



Any web site sites (no specific target)


Clean up:

This malware is generally hidden inside the PHP or ASP files. Sign up here to get it clean up: Signup


Malware dump (sample of malware):