See: http://urlquery.net/report.php?id=14259
See: -http://jsunpack.jeek.org/dec/go?report=b4b52f3db718fe38f8cb03cbbb91d6b820477248
Go visit above link only if security savvy, with script blocking actibe and in a VM.
This malcode = Trojan.Script.Iframe wrought via a PHP exploit, malware has been with us since 2009,
and still in the collection of the last 5 nasty encoded javascript malware, according to the Sucuri Global Malware View page. For detection see: http://vscan.urlvoid.com/file/ce181856f995d014ed087c09095ae0fa/NDI0MTc4LXBocA==/
But sucuri detects:
Scan for: -http://monyer.com/game/game1/424178.php
Hostname: -monyer.com
IP address: 99.198.113.90
Blacklist status
Domain clean by Google Safe Browsing: -monyer.com -
Domain clean by Norton Safe Web: -monyer.com -
Domain clean on Phish tank: -monyer.com -
Domain clean on the Opera browser: -monyer.com -
Domain clean on Sucuri IP/URL malware blacklist: -monyer.com -
web site: -monyer.com/game/game1/424178.php
status: Site infected with malware
Malware found on javascript file:
-http://monyer.com/game/game1/424178.php/404javascript.js
Known javascript malware.
Details: http://sucuri.net/malware/entry/MW:JS:229
Malware found in the URL:
-http://monyer.com/game/game1/424178.php
Known javascript malware.
Details: http://sucuri.net/malware/entry/MW:JS:229
Malware found in the URL:
-http://monyer.com/game/game1/424178.php/404testpage4525d2fdc
Known javascript malware.
Details: http://sucuri.net/malware/entry/MW:JS:229
For de-obfuscation results see: http://wepawet.iseclab.org/view.php?hash=d0cb565f4997589fe616e37d3e75c177&t=1325522735&type=js
polonus