« previous next »
Pages: [1]   Go Down

Author Topic: This Heodo malware website flagged?  (Read 770 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33900
  • malware fighter
This Heodo malware website flagged?
« on: July 28, 2020, 02:54:36 PM »
Detected - FILE_25536075.doc VT-> 75514f8a313510c6ac38b4519c8e4720f8d55a6003fe8dbcde5fac3178b30f20

See: https://urlhaus.abuse.ch/url/420644/  -> https://urlhaus.abuse.ch/browse.php?search=75514f8a313510c6ac38b4519c8e4720f8d55a6003fe8dbcde5fac3178b30f20

Nothing flagged here: https://aw-snap.info/file-viewer/?protocol=not-secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=I3x2WyNzZ317e24ubnt0~enc

Site issue not found: https://sitecheck.sucuri.net/results/davidsgreen.net

No Word Press CMS alerts.

Next to the malware opens up to -https://en.aoebbs.cn/static/js/common.js?aCW  *
Number of sources found: 66
Number of sinks found: 60
&
Results from scanning URL: -https://en.aoebbs.cn/home.php?mod=misc&ac=sendmail&rand=1595940265
Number of sources found: 32
Number of sinks found: 35

JS errors in *
Quote
["Not JSON",{}]
 chrome-extension://dhdgffkkebhmkfjojejmpbldmpobfkfo/userscript.html?name=JSON%2520formatter.user.js&id=e5f12c29-d603-44a5-8840-ce0b54122d95:277 loadJSON()
 chrome-extension://dhdgffkkebhmkfjojejmpbldmpobfkfo/userscript.html?name=JSON%2520formatter.user.js&id=e5f12c29-d603-44a5-8840-ce0b54122d95:303 formatJSON()
 chrome-extension://dhdgffkkebhmkfjojejmpbldmpobfkfo/userscript.html?name=JSON%2520formatter.user.js&id=e5f12c29-d603-44a5-8840-ce0b54122d95:49 eval()

["Not JSONP",{}]
 chrome-extension://dhdgffkkebhmkfjojejmpbldmpobfkfo/userscript.html?name=JSON%2520formatter.user.js&id=e5f12c29-d603-44a5-8840-ce0b54122d95:296 loadJSON()
 chrome-extension://dhdgffkkebhmkfjojejmpbldmpobfkfo/userscript.html?name=JSON%2520formatter.user.js&id=e5f12c29-d603-44a5-8840-ce0b54122d95:303 formatJSON()
 chrome-extension://dhdgffkkebhmkfjojejmpbldmpobfkfo/userscript.html?name=JSON%2520formatter.user.js&id=e5f12c29-d603-44a5-8840-ce0b54122d95:49 eval()

ERROR: Execution of script 'Dat Peer Detector v 1.1' failed! require is not defined
 chrome-extension://dhdgffkkebhmkfjojejmpbldmpobfkfo/userscript.html?name=Dat%2520Peer%2520Detector%2520v%25201.1.user.js&id=8385c705-e043-490a-99d4-4d0e8f6b7f45:1 eval()
 chrome-extension://dhdgffkkebhmkfjojejmpbldmpobfkfo/userscript.html?name=Dat%2520Peer%2520Detector%2520v%25201.1.user.js&id=8385c705-e043-490a-99d4-4d0e8f6b7f45:1 eval()
 chrome-extension://dhdgffkkebhmkfjojejmpbldmpobfkfo/userscript.html?name=Dat%2520Peer%2520Detector%2520v%25201.1.user.js&id=8385c705-e043-490a-99d4-4d0e8f6b7f45:161 eval()

SyntaxError: Invalid regular expression flags
  eval ()()
  :3:98()
  Object.c [as F_c] (:2:146)()
  Object.E_u (:3:267)()
  la (eval at exec_fn (:1:147), :60:53)()
  Object.create (eval at exec_fn (:1:147), :71:325)()
  d (eval at exec_fn (:1:147), :13:89)()

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)
« Last Edit: July 28, 2020, 02:59:38 PM by polonus »
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »