[Owasp-cape-town] Interesting javascript found in spam

Christo christo.goosen at owasp.org
Sun Nov 22 19:58:52 UTC 2015


Hi

Found this interesting as I found this in my own Spam folder. Even more
interesting was the .co.za domain it was supposedly sent from. Had a
look at the source of the email and seems it passed through some of
Internet Solutions servers.

Essentially a javascript downloader obsfucated by concatenating a string
through functions declared in a unsorted fashion, but called in the
specific order for execution.

https://isc.sans.edu/diary/Malicious+spam+with+zip+attachments+containing+.js+files/20153

CG
-- 
OWASP Logo

 
Christo Goosen
OWASP Cape Town Chapter Leader
OWASP Foundation
https://www.owasp.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-cape-town/attachments/20151122/b9c0042a/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: owasp_logo.png
Type: image/png
Size: 331357 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-cape-town/attachments/20151122/b9c0042a/attachment-0001.png>


More information about the Owasp-cape-town mailing list