Hi there,
Today, I accidentally clicked on a shortened url from a skype message. The contact is trusted, and probably got infected.
I did a quick scan of the url with various automated tools and got a few hits. The url also included a query string with my skype username.
Basically, it loads an obfuscated JavaScript file.
This is one report from an automated tool:
https://www.reverse.it/sample/9ab412136 ... onmentId=4
BehavesLike.JS.DownloaderShell
Another tool spit out: js.Phish
Don't know if these are platform independent or just Windows or OSX (or Linux)
I'm on a Linux machine.
Today, I accidentally clicked on a shortened url from a skype message. The contact is trusted, and probably got infected.
I did a quick scan of the url with various automated tools and got a few hits. The url also included a query string with my skype username.
Basically, it loads an obfuscated JavaScript file.
This is one report from an automated tool:
https://www.reverse.it/sample/9ab412136 ... onmentId=4
BehavesLike.JS.DownloaderShell
Another tool spit out: js.Phish
Don't know if these are platform independent or just Windows or OSX (or Linux)
I'm on a Linux machine.
Attachments
The script
(4.45 KiB) Downloaded 35 times
(4.45 KiB) Downloaded 35 times