|
Description:
This JavaScript may be downloaded from remote sites by other malware. It may be downloaded from certain remote sites. It may be hosted on a Web site and run when a user accesses the said Web site.
This obfuscated JavaScript usually comes from a series of URL redirection. One of our tests traces this back to http://{BLOCKED}w.kz/index.php. Users who accidentally visit the said site is redirected to http://bro.tw/in.cgi?3 which leads to other malicious Web sites.
It also accesses Web sites to download file(s). As a result, malicious routines of the downloaded files are exhibited on the affected system.
For additional information about this threat, see:
Solution
Technical Details
Description created: Jun. 22, 2009 3:25:36 AM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
