SecurityHome.eu Trojan:JS/Redirector.JL

Home / malware PDF

Trojan:JS/Redirector.JL

First posted on 28 February 2013.
Source: Microsoft
Aliases :
Trojan:JS/Redirector.JL is also known as HTML/ScrInject.B.Gen (ESET), JS/Redirector.JL.1 (Avira), Troj/JSRedir-GW (Sophos), Trojan.JS.Redirector (Ikarus), JS/Redir (AVG).
Explanation :

Installation

Trojan:JS/Redirector.JL may be detected on your computer if you visit a malicious or compromised webpage.

The trojan is a JavaScript that may be injected into malicious or compromised webpages via SQL injection.

Payload

If you visit a webpage that contains Trojan:JS/Redirector.JL, your browser may be redirected to a malicious website. Your browser may continue to be redirected multiple times.

These malicious websites may contain other malware, including rogues and exploits.

In the wild, we have observed this trojan redirecting web browsers to a number of URLs, including the following:

fgthyj.com/<removed>.php

hgbyju.com/<removed>.php

hnjhkm.com/<removed>.php

nikjju.com/<removed>.php

nmmkmm.com/<removed>.php

statsmy.com/<removed>.php

stmyst.com/<removed>.php

Note that this list is not exhaustive.

Analysis by Karthik Selvaraj

Last update 28 February 2013

TOP

Malware :

Last 20

Trojan:JS/Redirector.JL

Aliases :

Explanation :

Malware :

Family: