Suspicious code or malicious?

See: http://app.webinspector.com/public/reports/20919538
Given as full malicious: http://killmalware.com/askyourdoctor.com.ng/
Malicious iFrame found.
size: 100x100
src: htxp://hulmeux.net/?click=929968 → http://labs.sucuri.net/?details=hulmeux.net
http://sitecheck2.sucuri.net/results/askyourdoctor.com.ng
malware: http://labs.sucuri.net/db/malware/malware-entry-mwanomalysp8
and http://labs.sucuri.net/db/malware/malware-entry-mwblk2
This URL is reported by Google as suspicious
See: https://www.virustotal.com/nl/url/1d8953f279c18d83a7f85f75844b88c2b77b2c44c966a7ef0df26d937cb5bf41/analysis/
Given as blacklisted: http://quttera.com/detailed_report/askyourdoctor.com.ng
Google Safe browsing: http://www.google.com/safebrowsing/diagnostic?site=http%3A%2F%2Faskyourdoctor.com.ng&hl=en
iFrame Check: Suspicious

');</sc... Excessive Header Wrning and Clickjacking Warning. Server software vuln: apache/2.2.25 (unix) mod_ssl/2.2.25 openssl/1.0.0-fips mod_jk/1.2.37 mod_auth_passthrough/2.1 mod_bwlimited/1.4 frontpage/5.0.2.2635 CMS: microsoft frontpage 6.0

pol

Avast detects an HTML:IFrame.inf threat there.

7/51 on VT now: https://www.virustotal.com/en/url/1d8953f279c18d83a7f85f75844b88c2b77b2c44c966a7ef0df26d937cb5bf41/analysis/1395852201/

Hi Steven Winderlich,

Thank you establishing we are being protected by avast!

pol

No problem inside a VM.

Just tested some malwares and sent 5 undetected ones to their lab. :slight_smile:

SHA1 checked here https://www.virustotal.com/en/file/cccf4cb1306068f0c5455b898efb6d5ddf54496b09d46bc2d48d86bb5d67cc01/analysis/