SecurityHome.eu Trojan:JS/Iframe.AY

Home / malware PDF

Trojan:JS/Iframe.AY

First posted on 05 April 2012.
Source: Microsoft
Aliases :
Trojan:JS/Iframe.AY is also known as JS/IFrame.KV (Norman), JS/iFrame.T.3 (Avira), Trojan.JS.Iframe.BBF (BitDefender), JS.IFrame.236 (Dr.Web), Trojan.JS.IFrame (Ikarus), Trojan.JS.Iframe.zy (Kaspersky), Troj/JsDown-AH (Sophos), JS.AddedIframe (Symantec).
Explanation :
Trojan:JS/Iframe.AY is a malicious JavaScript file that is embedded into malicious or compromised webpages, usually via SQL injection or through Blackhat search engine optimization (SEO) poisoning.

Top

Trojan:JS/Iframe.AY is a malicious JavaScript file that is embedded into malicious or compromised webpages, usually via SQL injection or through Blackhat search engine optimization (SEO) poisoning.

Installation

If a user visits a website that contains this malicious JavaScript, it redirects them to another website that may download other malware into the computer.

Payload

Redirects webpages

In the wild, a webpage that contains Trojan:JS/Iframe.AY may redirect to any of the following URLs:

bigdeal777.com/gate.php?f=955155&r=

bigdeal777.com/gate.php?f=963551&r=

bigdeal777.com/gate.php?f=963852&r=

bigdeal777.com/gate.php?f=963853&r=

bigdeal777.com/gate.php?f=963870&r=

bigdeal777.com/gate.php?f=964354&r=

bigdeal777.com/gate.php?f=971386&r=

bigdeal777.com/gate.php?f=972560&r=

bigdeal777.com/gate.php?f=973176&r=

bigdeal777.com/gate.php?f=974445&r=

bigdeal777.com/gate.php?f=974567&r=

bigdeal777.com/gate.php?f=975130&r=

bigdeal777.com/gate.php?f=975953&r=

bigdeal777.com/gate.php?f=977328&r=

bigdeal777.com/gate.php?f=979281&r=

bigdeal777.com/gate.php?f=979798&r=

bigdeal777.com/gate.php?f=980383&r=

bigdeal777.com/gate.php?f=980710&r=

bigdeal777.com/gate.php?f=980951&r=

bigdeal777.com/gate.php?f=980960&r=

bigdeal777.com/gate.php?f=982652&r=

bigdeal777.com/gate.php?f=982853&r=

bigdeal777.com/gate.php?f=984461&r=

bigdeal777.com/gate.php?f=984540&r=

bigdeal777.com/gate.php?f=985332&r=

bigdeal777.com/gate.php?f=985389&r=

bigdeal777.com/gate.php?f=985832&r=

bigdeal777.com/gate.php?f=986062&r=

bigdeal777.com/gate.php?f=986255&r=

bigdeal777.com/gate.php?f=987378&r=

bigdeal777.com/gate.php?f=990857&r=

bigdeal777.com/gate.php?f=991246&r=

dealstart77.com/gate.php?f=973522&r=

s1.kaluchka1.in/gate.php?f=881520&r=

s1.kaluchka1.in/gate.php?f=957354&r=

s1.kaluchka1.in/gate.php?f=957386&r=

s1.kaluchka1.in/gate.php?f=960935&r=

unclesammm.com/gate.php?f=863829&r=

unclesammm.com/gate.php?f=864516&r=

unclesammm.com/gate.php?f=960076&r=

unclesammm.com/gate.php?f=960937&r=

unclesammm.com/gate.php?f=962249&r=

unclesammm.com/gate.php?f=962434&r=

unclesammm.com/gate.php?f=963473&r=

unclesammm.com/gate.php?f=964354&r=

unclesammm.com/gate.php?f=964698&r=

unclesammm.com/gate.php?f=964818&r=

unclesammm.com/gate.php?f=964851&r=

unclesammm.com/gate.php?f=967237&r=

zalupka.in/gate/gate.php?f=511595&r=

zumobtr.ru/gate.php?f=1002489&r=

zumobtr.ru/gate.php?f=975701&r=

Analysis by Hyun Choi

Last update 05 April 2012

TOP

Malware :

Last 20

Trojan:JS/Iframe.AY

Aliases :

Explanation :

Malware :

Family: