'JSredirector') on this site. Thanks again! ;)
So... Unzip the file and you will find index.html with JS code.
Index.html contains encoded JS code:
Decoding (1st obfuscated) unescape() string in Burp:
Second one - trcat()- we can try to check by analysing code in JSDetox:
Now, again using Burp, we will decode this string:
We can see a nice link to tangoing {.} com domain but since the page is down,
few information you can grab in old VirusTotal scans:
That's all for this case;)
o/
No comments:
Post a Comment
What do You think...?