« previous next »
Pages: [1]   Go Down

Author Topic: urlquery and Quttera detect, VT and sucuri does not?  (Read 1097 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 34051
  • malware fighter
urlquery and Quttera detect, VT and sucuri does not?
« on: February 13, 2017, 10:23:29 PM »
See flagged: http://urlquery.net/report.php?id=1487018637931
where Fortinet alerts -js.users.51.la/17862113.js as malware....
Quttera flags the same: -js.users.51.la/17862113.js
Severity:   Potentially Suspicious
Reason:   Detected procedure that is commonly used in suspicious activity.
Details:   Too low entropy detected in string [['<a href="-http://www.51.la/?17862113" target="_blank" title="51.La %26#x7F51;%26#x7AD9;%26#x6D41;%26#x91CF;%26#']] of length 277 which may point to obfuscation or shellcode.
Also produces an error: ": Invalid IPv6 URL".
Vulnerability info:
Aktual PHP:   5.7, 5.6, 5.5 (5.4 EOL, 5.3 and 5.2 unsafe)

Missed here: https://sitecheck.sucuri.net/results/ag8.site 

polonus

Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »