SecurityHome.eu Trojan:JS/Redirector.HQ

Home / malware PDF

Trojan:JS/Redirector.HQ

First posted on 22 November 2011.
Source: SecurityHome
Aliases :
Trojan:JS/Redirector.HQ is also known as HTML/Refresh.AU trojan (ESET).
Explanation :
Trojan:JS/Redirector.HQ is an HTML file containing a particular tag that allows it to load a specific webpage from a certain IP address.

Top

Trojan:JS/Redirector.HQ is an HTML file containing a particular tag that allows it to load a specific webpage from a certain IP address.

It contains the HTML tag "meta http-equiv='refresh'" to load the webpage from the IP address "31.<removed>.184.197". The webpage may contain arbitrary content, including malicious files.

At the time of this writing, the IP address is no longer accessible.

Analysis by Daniel Chipiristeanu

Last update 22 November 2011

TOP

Malware :

Backdoor:Win32/Heloag.A
Exploit:Win32/CVE-2011-3402
Trojan:Win32/Obfac
Exploit:Win32/Pdfjsc.YP
TrojanDownloader:Win32/Bofang.B

Last 20

Family:

Trojan:JS/Redirector.FK
Trojan:JS/Redirector.BQ
Trojan:JS/Redirector.I
Trojan:JS/Redirector.FB
Trojan:JS/Redirector.N
Trojan:JS/Redirector.JA
Trojan:JS/Redirector.JE
Trojan:JS/Redirector.DC
Trojan:JS/Redirector.DT
Trojan:JS/Redirector.CC