JSUNPACK
A Generic JavaScript Unpacker
CAUTION: jsunpack was designed for security researchers and computer professionals
Enter a single URL (or paste JavaScript to decode):

Upload a PDF, pcap, HTML, or JavaScript file
Private? Help: privacy | uploads
Default Referer
Description

Submission permanent link 216d9b3fe16100a76c3c5e9df802e5c2f2eb148b (Received 2017-08-12 18:13:18, 00601560.pdf )

URLStatus

All Malicious or Suspicious Elements of Submission

malicious: Utilprintf CVE-2008-2992 detected
malicious: collectEmailInfo CVE-2007-5659 detected
malicious: CollabgetIcon CVE-2009-0927 detected
suspicious: Warning detected /warning CVE-NO-MATCH Shellcode Engine Length 65536 /warning CVE-NO-MATCH Shellcode NOP len 253 /warning CVE-NO-MATCH Shellcode NOP len 9999 /warning CVE-NO-MATCH Shellcode NOP len 261899 /warning CVE-NO-MATCH Shellcode NOP len 231 /warning CVE-NO-MATCH Shellcode Engine Binary Threshold
malicious: shellcode of length 307/231
malicious: shellcode URL=search-network-plus.com/load.php?a=a&st=Internet Explorer 6.0&e=3
suspicious: maxruntime exceeded 10 seconds (incomplete) 0 bytes
suspicious: Warning detected /warning CVE-NO-MATCH Shellcode NOP len 261899 /warning CVE-NO-MATCH Shellcode NOP len 231 /warning CVE-NO-MATCH Shellcode Engine Binary Threshold /warning CVE-NO-MATCH Shellcode Engine Length 65536 /warning CVE-NO-MATCH Shellcode NOP len 253 /warning CVE-NO-MATCH Shellcode NOP len 9999
upload malicious
[malicious:10] [PDF] upload
     info: [decodingLevel=0] JavaScript in PDF 84009 bytes, with 87 bytes headers
     info: [decodingLevel=1] found JavaScript
     malicious: Utilprintf CVE-2008-2992 detected
     malicious: collectEmailInfo CVE-2007-5659 detected
     malicious: CollabgetIcon CVE-2009-0927 detected
     suspicious: Warning detected /warning CVE-NO-MATCH Shellcode Engine Length 65536 /warning CVE-NO-MATCH Shellcode NOP len 253 /warning CVE-NO-MATCH Shellcode NOP len 9999 /warning CVE-NO-MATCH Shellcode NOP len 261899 /warning CVE-NO-MATCH Shellcode NOP len 231 /warning CVE-NO-MATCH Shellcode Engine Binary Threshold
     malicious: shellcode of length 307/231
     malicious: shellcode URL=search-network-plus.com/load.php?a=a&st=Internet Explorer 6.0&e=3
     info: [decodingLevel=2] found JavaScript
     error: undefined function sly
     suspicious: maxruntime exceeded 10 seconds (incomplete) 0 bytes
     info: Decoding option app.viewerVersion=8.0,      1106 bytes
     info: Decoding option app.viewerVersion=9.1,      0 bytes
     info: Decoding option app.viewerVersion=,      1649 bytes
     suspicious: Warning detected /warning CVE-NO-MATCH Shellcode NOP len 261899 /warning CVE-NO-MATCH Shellcode NOP len 231 /warning CVE-NO-MATCH Shellcode Engine Binary Threshold /warning CVE-NO-MATCH Shellcode Engine Length 65536 /warning CVE-NO-MATCH Shellcode NOP len 253 /warning CVE-NO-MATCH Shellcode NOP len 9999
     info: file: saved upload to (6045554853a61681d7264260cdd1072bbdc113ac)
     file: 6045554853a61681d7264260cdd1072bbdc113ac: 607083 bytes
     file: 6d364e74f510fb513547ab20cc9520a429e2b5e2: 84096 bytes
     file: 5494d4abd36dd1e91f2f3e47de24af065bccf880: 6784 bytes
     file: be7f8a77f560360e6ba0956f7f0855f26ce3e9a4: 307 bytes
     file: 66e47054b4f6401dbfb29ccf2366c3da29196f14: 6925 bytes
     file: 197c34c4f8fce9ef026fd33602faa7200e5391a6: 1649 bytes

Decoded Files
6045/554853a61681d7264260cdd1072bbdc113ac from upload (607083 bytes, 501889 hidden) download

6d36/4e74f510fb513547ab20cc9520a429e2b5e2 from upload (84096 bytes, 87 hidden) download

5494/d4abd36dd1e91f2f3e47de24af065bccf880 from upload (6784 bytes) download

be7f/8a77f560360e6ba0956f7f0855f26ce3e9a4 from upload (307 bytes, 127 hidden) download

66e4/7054b4f6401dbfb29ccf2366c3da29196f14 from upload (6925 bytes, 141 hidden) download

197c/34c4f8fce9ef026fd33602faa7200e5391a6 from upload (1649 bytes) download


search-network-plus.com/load.php?a=a&st=Internet Explorer 6.0&e=3 benign
[nothing detected] (shellcode) search-network-plus.com/load.php?a=a&st=Internet Explorer 6.0&e=3
     status: (referer=http:/www.ask.com/web?q=puppies)saved 19 bytes 175b8ceb0a406bdf015edeb59d2847be2fe4f847
     file: 175b8ceb0a406bdf015edeb59d2847be2fe4f847: 19 bytes

Decoded Files
175b/8ceb0a406bdf015edeb59d2847be2fe4f847 from search-network-plus.com/load.php?a=a&st=Internet Explorer 6.0&e=3 (19 bytes) download