SecurityHome.eu Trojan:JS/Redirector.GZ

Home / malware PDF

Trojan:JS/Redirector.GZ

First posted on 15 February 2019.
Source: Microsoft
Aliases :
Trojan:JS/Redirector.GZ is also known as JS/ScrScr.N, JS.Redirector.Gen.19, JS/Redir, Trojan.JS.Redirector.ij, JS.Click.223, JS/TrojanClicker.Agent.NAZ trojan, Trojan.JS.Redirector, Trojan-Downloader.JS.JScript.c, JS/Redirector.AF.
Explanation :
Trojan:JS/Redirector.GZ is a generic detection for specific JavaScript that attempts to redirect the affected user's browser to another website. This JavaScript is usually embedded in a malicious or compromised webpage.

Once a webpage containing this malicious JavaScript is accessed, the browser is redirected to the following URL:

82.196.5.24/js.php?

For example, if the current day and time is Monday at 10:00AM, the URL is:

82.196.5.24/js.php?1-10

As of this writing, the server is inaccessible.

Analysis by Ric Robielos
Last update 15 February 2019

TOP

Malware :

RATDispenser
Raspberry Robin
ObliqueRAT
DoppelPaymer
Dridex

Last 20

Family:

Trojan:JS/Redirector.FK
Trojan:JS/Redirector.BQ
Trojan:JS/Redirector.I
Trojan:JS/Redirector.FB
Trojan:JS/Redirector.N
Trojan:JS/Redirector.JA
Trojan:JS/Redirector.JE
Trojan:JS/Redirector.DC
Trojan:JS/Redirector.DT
Trojan:JS/Redirector.CC