JSUNPACK
A Generic JavaScript Unpacker
CAUTION: jsunpack was designed for security researchers and computer professionals
Enter a single URL (or paste JavaScript to decode):

Upload a PDF, pcap, HTML, or JavaScript file
Private? Help: privacy | uploads
Default Referer
Description

Submission permanent link 524dbaad18ee4754f7b465a755772f8e4a4d50ff (Received 2018-04-07 10:40:08, script )

URLStatus
guuatwe.com/cgi-bin/in.cgi?02010258020000000019f696fa242c146581fe980f00 status: (referer=http:/www.ask.com/web?q=puppies)failure: <urlopen error [Errno -2] Name or service not known>

guuatwe.com/cgi-bin/in.cgi?02010258020000000019f696fa242c146581fe980f status: (referer=http:/www.ask.com/web?q=puppies)failure: <urlopen error [Errno -2] Name or service not known>

127.0.0.1/undefined

All Malicious or Suspicious Elements of Submission

suspicious: MSsetSlice CVE-2006-3730 detected setSlice WebViewFolderIcon.WebViewFolderIcon.1
malicious: AOLSuperBuddyActiveX CVE-2006-5820 detected Sb.SuperBuddy.1
suspicious: Warning detected /warning CVE-NO-MATCH Shellcode Engine Binary Threshold /warning CVE-NO-MATCH Shellcode Engine Length 65536
suspicious: Warning detected /warning CVE-NO-MATCH Shellcode NOP len 9999 /warning CVE-NO-MATCH Shellcode Engine Binary Threshold /warning CVE-NO-MATCH Shellcode Engine Length 65536
script malicious
[malicious:7] script
     info: [decodingLevel=0] found JavaScript
     error: undefined variable F0VTp03Y
     error: undefined function F0VTp03Y
     info: DecodedGenericCLSID detected 02BF25D5-8C17-4B23-BC80-D3488ABDDC6B 77829F14-D911-40FF-A2F0-D11DB8D6D0BC BD96C556-65A3-11D0-983A-00C04FC29E36
     suspicious: MSsetSlice CVE-2006-3730 detected setSlice WebViewFolderIcon.WebViewFolderIcon.1
     info: ActiveXDataObjectsMDAC detected MSXML2.ServerXMLHTTP Microsoft.XMLHTTP
     malicious: AOLSuperBuddyActiveX CVE-2006-5820 detected Sb.SuperBuddy.1
     suspicious: Warning detected /warning CVE-NO-MATCH Shellcode Engine Binary Threshold /warning CVE-NO-MATCH Shellcode Engine Length 65536
     info: [javascript variable] URL=guuatwe.com/cgi-bin/in.cgi?02010258020000000019f696fa242c146581fe980f
     info: [open] URL=guuatwe.com/cgi-bin/in.cgi?02010258020000000019f696fa242c146581fe980f00
     info: [element] URL=127.0.0.1/undefined
     info: [decodingLevel=1] found JavaScript
     info: [decodingLevel=2] found JavaScript
     suspicious: Warning detected /warning CVE-NO-MATCH Shellcode NOP len 9999 /warning CVE-NO-MATCH Shellcode Engine Binary Threshold /warning CVE-NO-MATCH Shellcode Engine Length 65536
     info: [3] no JavaScript
     info: file: saved script to (6a32a8eef0903ade4a991dd2aa86c592a9e58cd1)
     file: 6a32a8eef0903ade4a991dd2aa86c592a9e58cd1: 34692 bytes
     file: 79387f5d3db06237a51e3c9797e52f44ae0fb0cf: 24343 bytes
     file: e390debdd73977cda802b2270e123352cacc3e58: 7903 bytes
     file: 776e33b14917782225daa59486faf493a74738d6: 704 bytes

Decoded Files
6a32/a8eef0903ade4a991dd2aa86c592a9e58cd1 from script (34692 bytes, 1 hidden) download

7938/7f5d3db06237a51e3c9797e52f44ae0fb0cf from script (24343 bytes, 664 hidden) download

e390/debdd73977cda802b2270e123352cacc3e58 from script (7903 bytes, 664 hidden) download

776e/33b14917782225daa59486faf493a74738d6 from script (704 bytes) download