SiteCheck Signatures

  1. Home
  2. Docs
  3. SiteCheck Signatures
  4. mwdocumentwrite-encoded17

mwdocumentwrite-encoded17

Description:

A malicious code was detected hidden inside a encoded javascript block. It is using "document.write(unescape" to print the spam-related content.

This code is generally hidden inside the javascript files.

 
Affecting: Any web site. No specific target detected

Clean up: You can also sign up with us and let our team remove the malware for you.

 
Loads spam from multiple sources:


http://www.uspharmacy247.com/product.php?prod=Fioricet
(and many other domains).

 
Malware dump (sample of malware):

(no sample available)