Help with JavaScript Malware !

I just received today a phishing email which had an HTML attachment and of course it asked me to click the attached file.

By opening the attached file as text I noticed it's packed with scrambled / encoded JavaScript which unfortunately I don't speak fluently.

I have uploaded the file on my webserver and I scanned with QualysGuard Malware Detection service which runs the discovered malware in a sandbox OS to detect the effects on an ordinary PC but unfortunately I didn't get any results.

By unscrambling some URLs I found remote calls to http://onnoe.ru:8080/index.php?pid=10 which gave me a hint that this malware might be used as trojan / botnet harvester.

So, I would appreciate if anybody could take a look at the malware JavaScript and share the results with me .. I'm extremely curious on what it does.

Anyways, here is the culprit JS code saved as txt.

Thank you!



Thank you for reading this post. You can now Read Comments (2) or Leave A Trackback. Print This Post Print This Post

2 Responses to “Help with JavaScript Malware !


Subscribe without commenting


Leave a Reply

Note: Any comments are permitted only because the site owner is letting you post, and any comments will be removed for any reason at the absolute discretion of the site owner.

CommentLuv badge