See: https://quttera.com/detailed_report/www.telkom.co.id (risk awareness demands)
Also consider: https://www.virustotal.com/gui/url/9b74448b9b2ae1ae599861f88ee952a2eeed4de41a43d7763f991105c1bcc66e/details
It appears that the suspicious file detected by Quttera is an SVG image file (/images/icon/ic_explore_more.svg) with a unique MD5 hash (EFAAF5ADE809350EBFFCF2C7F2AB020B). The file is categorised as S.Susp.Image.gen, which suggests that it’s a generic detection for a suspicious image file.
The Threat MD5 value (596B0A7D7D13116B6BE0AE47FF1CA7E9) seems to be a different value, but it’s likely related to the same file. This could be a checksum or a secondary hash used for identification purposes.
The provided details are quite limited, but here are some potential observations: (A.I.'s comment)->
Suspicious code injection: The file contains a script block ([[<![CDATA[…]]]), which is not typical in SVG files. This could indicate that the file is attempting to inject malicious code or execute a script.
Potential exploitation: The presence of a script block raises concerns about potential exploitation. Malware authors might use SVG files as a vector to deliver malicious payloads or execute arbitrary code.
Possible malware payload: The S.Susp.Image.gen threat name suggests that this file might be associated with malware or a malicious payload. The Microsoft Azure website has known vulnerabilities.
polonus