SecurityHome.eu Trojan:JS/PhoexRef.E

Home / malware PDF

Trojan:JS/PhoexRef.E

First posted on 19 April 2012.
Source: Microsoft
Aliases :
Trojan:JS/PhoexRef.E is also known as JS/Iframe.CX trojan (ESET), Mal/Iframe-AE (Sophos).
Explanation :
Trojan:JS/PhoexRef.E is an obfuscated JavaScript malware that is capable of redirecting compromised websites to malicious domains.

Top

Trojan:JS/PhoexRef.E is an obfuscated JavaScript malware that is capable of redirecting compromised websites to malicious domains. It is sometimes embedded in websites and displays the following message:

Trojan:JS/PhoexRef.E is capable of injecting IFrames to compromised websites that redirect to certain URLs, for example:

<removed>.dyndns-server.com/g/<random characters>.js

<removed>.44.250.173:8080/navigator/jueoaritjuir.php

3yuut.<removed>.servegame.org/g/<random characters>.js

<removed>.168.5.140:8080/navigator/jueoaritjuir.php

<removed>.net/main.php?page=722f375fbeeac5a2

Analysis by Patrick Estavillo

Last update 19 April 2012

TOP

Malware :

Last 20

Trojan:JS/PhoexRef.E

Aliases :

Explanation :

Malware :

Family: