SiteCheck Signatures

  1. Home
  2. Signatures
  3. SiteCheck Signatures
  4. mwjs-encoded-dadong1

mwjs-encoded-dadong1

Description: Our scanners identified an encrypted (encoded) javascript block that used the Dadong's JSXX 0.XX encoder. This code is often seeing on compromised sites with the latest 0-day exploit for Java.

We have been seeing it on other infections, but not very frequently (Aug/2012).


http://ok.aa24.net/meeting/index.html
http://59.120.154.62/meeting/index.html
62.152.104.149/public/meeting/index.html

Affecting: No specific targeted.

Clean up: Malware is hidden at the javascript files.

Last update: Aug/2012.

Malware dump: