HTML_OBFUS.DK
Troj/JSRedir-O(Sophos), Virus.JS.Redirector(Ikarus)
Windows 2000, Windows Server 2003, Windows XP (32-bit, 64-bit), Windows Vista (32-bit, 64-bit), Windows 7 (32-bit, 64-bit)
Threat Type: Trojan
Destructiveness: No
Encrypted:
In the wild: Yes
OVERVIEW
This Trojan executes when a user accesses certain websites where it is hosted.
This is the Trend Micro detection for files that contain malicious IFRAME tags. Once a user visits an affected Web page, this HTML script launches a hidden IFRAME that connects to a malicious URL. It redirects browsers to certain sites.
TECHNICAL DETAILS
26,625 bytes
HTML, HTM
28 Apr 2009
Connects to URLs/IPs
Arrival Details
This Trojan executes when a user accesses certain websites where it is hosted.
Other Details
This is the Trend Micro detection for files that contain malicious IFRAME tags.
Once a user visits an affected Web page, this HTML script launches a hidden IFRAME that connects to a malicious URL.
It redirects browsers to the following sites:
- {BLOCKED}.{BLOCKED}.2.195/jquery.js