Re: http://killmalware.com/rudocast.com/#
Re: https://www.virustotal.com/en/url/c50e052bb055868595bad3fd1ea23dc4f49c6a9adfa7ffce03034e1707a0a6a8/analysis/
Re: index.html
Severity: Malicious
Reason: Detected malicious PHP content
Details: Website Potentially Defaced
Offset: 79
Threat dump: *Known javascript malware. Details: http://sucuri.net/malware/entry/MW:IFRAME:HD28
See: -http://pastebin.com/yBBZnbY1 (script source D3V1L)
Threat dump MD5: 038E916B0DF65E9D9CF7E86159BA1133
File size[byte]: 5821
File type: HTML
Page/File MD5: B656950D0102AB6E740E7A7B5ED5511E
Comodo - TrojWare.JS.Iframe.BC
DrWeb - SCRIPT.Virus
KasperskyHEUR:- Trojan.Script.Iframer
Jiangmin- Trojan/Script.Gen
VIPRE -Trojan-Clicker.HTML.IFrame.fh (v)
Norman- Iframe.YU
Scan duration[sec]: 0.013000
11 issues (problems as error and warnings): https://mxtoolbox.com/domain/rudocast.com/
pol
P.S. Avast should detect something like HTML:Iframe-CV [Trj]. Can someone confirm this? Pondus, what do you have here as results?
D