Avast WEBforum

Other => Viruses and worms => Topic started by: polonus on January 25, 2019, 05:46:16 PM

Title: Website still infested with malware?
Post by: polonus on January 25, 2019, 05:46:16 PM

Re: https://urlhaus.abuse.ch/url/110383/   
50 minutes ago: https://www.virustotal.com/nl/file/981e0d084f78e268294fe3c0a5ecc4869bb189aff927a6b6a5da0cad61b4fca4/analysis/1548431159/
PHISHing galore on IP: https://checkphish.ai/ip/172.93.205.162
Spam hack involved website: https://aw-snap.info/file-viewer/?protocol=not-secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=XnZiW250fG5nanx5fC5eXW0%3D~enc
Alerted: https://urlquery.net/report/1db549bb-eb7f-4e9f-8cb3-108960b5c0f1
83 best policy hints: https://webhint.io/scanner/729b8b21-81b3-4c6a-9c71-4114e813e14a
Spamhaus blacklisted: https://sitecheck.sucuri.net/results/cvbintangjaya.com
Confirmed retirable library: https://retire.insecurity.today/#!/scan/83aa3bd4e40575b6f76d6f6fa695dcc42facc7ab5feb59966ed77041051fbdd9
DOM-XSS URL scan: htxp://cvbintangjaya.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Number of sources found: 41 ; number of sinks found: 17
Browsing not recommended: https://www.scamner.com/check/cvbintangjaya.com

polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)

Title: Re: Website still infested with malware?
Post by: Pondus on January 25, 2019, 06:16:12 PM

Quote

Website still infested with malware?

Scanning the full URL it seems to be still alive

-cvbintangjaya.com/wp-content/themes/business-epic/template-parts/sserv.jpg
https://www.virustotal.com/#/url/5d36ddb771d40506aa7da1853223ddee31d3d2f6da1de6a11a1cd8ae66e27cfa/detection

https://www.virustotal.com/#/file/981e0d084f78e268294fe3c0a5ecc4869bb189aff927a6b6a5da0cad61b4fca4/detection


Also blocked by TrendMicro  https://global.sitesafety.trendmicro.com/index.php

Title: Re: Website still infested with malware?
Post by: polonus on January 25, 2019, 07:14:06 PM

Hi Pondus,

Good, avast detects that then as Win32:Malware-gen,

polonus