Submission permanent link 617712587c1d029c7282d90abeb364ca13377697 (Received 2013-11-16 00:07:24, http://imgsrc.ru/raphip/34640166.html )

imgsrc.ru/raphip/34640166.html saved 9542 bytes 18a121d4d70081e3c9966a475d814d1fd9bd1db6

All Malicious or Suspicious Elements of Submission

imgsrc.ru/raphip/34640166.html benign
[nothing detected] imgsrc.ru/raphip/34640166.html
     status: (referer=http:/www.ask.com/web?q=puppies)saved 9542 bytes 18a121d4d70081e3c9966a475d814d1fd9bd1db6
     info: [script] imgsrc.ru/js/js.js
     info: [img] s3.us.icdn.ru/r/raphip/5/34481595NxO.jpg
     info: [img] s3.us.icdn.ru/r/raphip/7/34481597JKl.jpg
     info: [img] s3.us.icdn.ru/r/raphip/5/34481795CMP.jpg
     info: [img] s3.us.icdn.ru/r/raphip/4/34481834EPg.jpg
     info: [img] s3.us.icdn.ru/r/raphip/4/34640154llP.jpg
     info: [img] s3.us.icdn.ru/r/raphip/7/34640157rVo.jpg
     info: [img] s3.us.icdn.ru/r/raphip/9/34640159She.jpg
     info: [img] s3.us.icdn.ru/r/raphip/2/34640162Yog.jpg
     info: [img] s3.us.icdn.ru/r/raphip/3/34640163nyh.jpg
     info: [img] s3.us.icdn.ru/r/raphip/5/34640165IPs.jpg
     info: [img] s3.us.icdn.ru/r/raphip/6/34640166JOW.jpg
     info: [img] s3.us.icdn.ru/r/raphip/9/34918329kKz.jpg
     info: [script] imgsrc.ru/js/myjs13.js
     info: [img] imgsrc.ru/images/down.png
     info: [img] imgsrc.ru/images/up.png
     info: [img] imgsrc.ru/images/nologo.gif
     info: [img] imgsrc.ru/images/flags/us.png
     info: [script] onclickads.net/apu.php?zoneid=4293&lim=3
     info: [img] counter.rambler.ru/top100.cnt?1933515
     info: [decodingLevel=0] found JavaScript
     error: undefined variable s
     info: [element] URL=www.google-analytics.com/ga.js
     info: [1] no JavaScript
     file: 18a121d4d70081e3c9966a475d814d1fd9bd1db6: 9542 bytes
     file: 5809d3145354164e801df9c79cfd04f441bb2a83: 103 bytes

Decoded Files
18a1/21d4d70081e3c9966a475d814d1fd9bd1db6 from imgsrc.ru/raphip/34640166.html (9542 bytes, 47 hidden) download

5809/d3145354164e801df9c79cfd04f441bb2a83 from imgsrc.ru/raphip/34640166.html (103 bytes) download

www.google-analytics.com/ga.js benign
[nothing detected] (element) www.google-analytics.com/ga.js
     status: (referer=imgsrc.ru/raphip/34640166.html)saved 39937 bytes cdf559d894969e1bf394e1e8f1e7eab89c9805e5
     info: [decodingLevel=0] found JavaScript
     file: cdf559d894969e1bf394e1e8f1e7eab89c9805e5: 39937 bytes

Decoded Files
cdf5/59d894969e1bf394e1e8f1e7eab89c9805e5 from www.google-analytics.com/ga.js (39937 bytes) download

imgsrc.ru/js/js.js benign
[nothing detected] (script) imgsrc.ru/js/js.js
     status: (referer=imgsrc.ru/raphip/34640166.html)saved 5795 bytes 9c6907978bd0e3bef47a32464ef291a2c86fdad5
     info: [decodingLevel=0] found JavaScript
     file: 9c6907978bd0e3bef47a32464ef291a2c86fdad5: 5795 bytes

Decoded Files
9c69/07978bd0e3bef47a32464ef291a2c86fdad5 from imgsrc.ru/js/js.js (5795 bytes, 923 hidden) download

onclickads.net/apu.php?zoneid=4293&lim=3 benign
[nothing detected] (script) onclickads.net/apu.php?zoneid=4293&lim=3
     status: (referer=imgsrc.ru/raphip/34640166.html)saved 22987 bytes 1600cc9459a6ab560c09159a0c6e4eee69da0b6d
     info: [decodingLevel=0] found JavaScript
     error: undefined function K[M]
     error: undefined variable K
     error: undefined variable M
     info: [decodingLevel=1] found JavaScript
     error: line:3: SyntaxError: missing ; before statement:
          error: line:3: ;window.location="';var W="write";var A='ipt>';var n='ipt>window.close();</scr';var f='data:text/html,><scr>-Q){window[A]();window[z]();}this[n][S9]=function(r){var I="main";with(r){this[k]=r[k];this[I]=function(){var C7="location";var H8="about:blank";va
          error: line:3: .................^
     error: undefined function ({E4:(function (r, I) {return r != I;}), R9:(function (r, I) {return r >= I;}), T4:(function (r, I) {return r !== I;}), K0:(function (r, I) {return r == I;}), K9:(function (r, I) {return r > I;}), v9:(function (r, I) {return r < I;}), Q2:(function (r, I) {return r != I;}), O0:(function (r, I) {return r < I;}), U9:(function (r, I, k, z) {return r * I * k * z;}), c9:(function (r, I) {return r < I;}), C9:(function (r, I) {return r < I;}), u2:(function (r, I) {return r < I;}), V9:(function (r, I) {return r > I;}), D9:(function (r, I) {return r == I;}), i2:(function (r, I) {return r >= I;}), e9:(function (r, I) {return r < I;}), H0:(function (r, I) {return r == I;}), P9:(function (r, I) {return r == I;}), t2:(function (r, I) {return r == I;}), p2:(function (r, I) {return r == I;}), B4:(function (r, I) {return r == I;}), G2:(function (r, I) {return r == I;}), R0:(function (r, I) {return r < I;}), X4:(function (r, I) {return r != I;}), V0:(function (r, I) {return r == I;}), r4:(function (r, I) {return r == I;}), g4:(function (r, I) {return r > I;}), y4:(function (r, I) {return r * I;}), C0:(function (r, I) {return r == I;}), f9:(function (r, I) {return r > I;}), m4:(function (r, I) {return r == I;}), S2:(function (r, I) {return r == I;}), w2:(function (r, I) {return r == I;}), j0:(function (r, I) {return r < I;}), z2:(function (r, I) {return r < I;}), a4:(function (r, I) {return r * I;}), q4:(function (r, I) {return r == I;}), l2:(function (r, I) {return r < I;}), h9:(function (r, I) {return r != I;}), o4:(function (r, I) {return r < I;}), U4:(function (r, I) {return r != I;}), L2:(function (r, I) {return r >= I;}), H9:(function (r, I) {return r / I;}), b2:(function (r, I) {return r < I;}), u:{}, N4:(function (r, I) {return r === I;}), I0:(function (r, I) {return r === I;}), x4:(function (r, I) {return r == I;}), Z2:(function (r, I) {return r != I;}), M2:(function (r, I) {return r == I;}), s2:(function (r, I) {return r == I;}), Y4:(function (r, I) {return r == I;}), n2:(function (r, I) {return r >= I;}), d4:(function (r, I) {return r == I;}), W4:(function (r, I) {return r >= I;}), F0:(function (r, I) {return r === I;}), k4:(function (r, I) {return r < I;}), J2:(function (r, I) {return r < I;}), y9:(function (r, I) {return r * I;}), A0:(function (r, I) {return r < I;}), c0:(function (r, I) {return r != I;})})
     error: line:1: SyntaxError: invalid assignment left-hand side
     info: Decoding option navigator.systemLanguage=en and navigator.systemLanguage=zh-cn and browser=IE7/XP and browser=IE8/Vista and browser=Opera and browser=Firefox,      0 bytes
     info: Decoding option navigator.systemLanguage=en and navigator.systemLanguage=zh-cn and browser=IE7/XP and browser=IE8/Vista and browser=Opera and browser=Firefox,      31 bytes
     info: [2] no JavaScript
     file: 1600cc9459a6ab560c09159a0c6e4eee69da0b6d: 22987 bytes
     file: bf4514b8eaaf01872e8fd765636757f65752a9cd: 24868 bytes
     file: 743b8fba6c205cec044576e844e7462f8a010dd6: 31 bytes

Decoded Files
1600/cc9459a6ab560c09159a0c6e4eee69da0b6d from onclickads.net/apu.php?zoneid=4293&lim=3 (22987 bytes) download

bf45/14b8eaaf01872e8fd765636757f65752a9cd from onclickads.net/apu.php?zoneid=4293&lim=3 (24868 bytes) download

743b/8fba6c205cec044576e844e7462f8a010dd6 from onclickads.net/apu.php?zoneid=4293&lim=3 (31 bytes) download

imgsrc.ru/js/myjs13.js benign
[nothing detected] (script) imgsrc.ru/js/myjs13.js
     status: (referer=imgsrc.ru/raphip/34640166.html)saved 1742 bytes d1c93c17f7a99e9f44805c48de4772a269f4ab6c
     info: ActiveXDataObjectsMDAC detected Microsoft.XMLHTTP
     info: [decodingLevel=0] found JavaScript
     file: d1c93c17f7a99e9f44805c48de4772a269f4ab6c: 1742 bytes

Decoded Files
d1c9/3c17f7a99e9f44805c48de4772a269f4ab6c from imgsrc.ru/js/myjs13.js (1742 bytes, 30 hidden) download