Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Only Google Safebrowsing protecting us from HTML/Drop.Agent.AB?
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Only Google Safebrowsing protecting us from HTML/Drop.Agent.AB? (Read 1215 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 33939
malware fighter
Only Google Safebrowsing protecting us from HTML/Drop.Agent.AB?
«
on:
September 29, 2014, 04:32:55 PM »
See:
https://www.virustotal.com/nl/url/4d385bd654c19c6185acf91a00973d844ede3face7f4dd7507cbfabbade91375/analysis/1412000182/
and detected here:
http://quttera.com/detailed_report/brasilconect.net
/index.html
Severity: Malicious
Reason: Detected reference to blacklisted domain
Details: Detected reference to malicious blacklisted domain wXw.brasilconect.net
File size[byte]: 128312
File type: HTML
Page/File MD5: 933E6853C79EE58C90B145AED3490058
Scan duration[sec]: 0.075000
Potentially harmful site compromised: IP badness history:
https://www.virustotal.com/nl/ip-address/187.17.98.129/information/
Nothing here:
http://urlquery.net/report.php?id=1412000750249
Code hick-up:
ine:21: SyntaxError: missing ; before statement:
error: line:21: Set FSO = CreateObject("Scripting.FileSystemObject")
error: line:21: ^
error: line:20: SyntaxError: XML tag name mismatch (expected link):
error: line:20: </head>
error: line:20: ..^
This blocked by Google as with malware:
http://brasilconect.net/Scripts/swfobject_modified.js
And no-break spaces in code found benign to hold elements together or create multiple spaces!
pol
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pondus
Probably Bot
Posts: 37626
Not a avast user
Re: Only Google Safebrowsing protecting us from HTML/Drop.Agent.AB?
«
Reply #1 on:
September 29, 2014, 05:35:17 PM »
brasilconect.net html - detected by almost evryone
https://www.virustotal.com/nb/file/2bb81ea27441f20e3ee1152026dcff271c8f0bc4b2b5268cc21bd2f7601330c6/analysis/1412004824/
Killmalware
http://killmalware.com/brasilconect.net/
«
Last Edit: September 29, 2014, 06:15:52 PM by Pondus
»
Logged
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Only Google Safebrowsing protecting us from HTML/Drop.Agent.AB?