Pondus
9
SOPHOS analyis confirms infected
showfilmfirst.com.htm -- identity created/updated (New detection Troj/JSRedir-DC)
NORMAN analysis
showfilmfirst.com.htm : Processed - JS/IFrame.EE
Above website page is injected with malicious script which further writes an iframe “htxp://86.55.140.203/…” and again it redirects to malicious script hosted at legitimate website “htxp://tongho.co.th/…”