JSUNPACK
A Generic JavaScript Unpacker
CAUTION: jsunpack was designed for security researchers and computer professionals
Enter a single URL (or paste JavaScript to decode):

Upload a PDF, pcap, HTML, or JavaScript file
Private? Help: privacy | uploads
Default Referer
Description

Submission permanent link f1f01b8769d50f2c34eae1f1062a84210982d1dc (Received 2018-07-12 02:58:21, script )

URLStatus
guuatwe.com/cgi-bin/in.cgi?02010258020000000019f696fa242c146511024944 status: (referer=http:/www.ask.com/web?q=puppies)failure: <urlopen error [Errno -2] Name or service not known>

guuatwe.com/cgi-bin/in.cgi?02010258020000000019f696fa242c14651102494400 status: (referer=http:/www.ask.com/web?q=puppies)failure: <urlopen error [Errno -2] Name or service not known>

127.0.0.1/undefined

All Malicious or Suspicious Elements of Submission

suspicious: MSsetSlice CVE-2006-3730 detected setSlice WebViewFolderIcon.WebViewFolderIcon.1
malicious: AOLSuperBuddyActiveX CVE-2006-5820 detected Sb.SuperBuddy.1
suspicious: Warning detected /warning CVE-NO-MATCH Shellcode Engine Length 65536 /warning CVE-NO-MATCH Shellcode Engine Binary Threshold
suspicious: Warning detected /warning CVE-NO-MATCH Shellcode Engine Binary Threshold /warning CVE-NO-MATCH Shellcode Engine Length 65536
suspicious: Warning detected /warning CVE-NO-MATCH Shellcode NOP len 9999 /warning CVE-NO-MATCH Shellcode Engine Binary Threshold /warning CVE-NO-MATCH Shellcode Engine Length 65536
script malicious
[malicious:7] script
     info: [decodingLevel=0] found JavaScript
     error: undefined variable F0VTp03Y
     error: undefined function F0VTp03Y
     info: DecodedGenericCLSID detected 77829F14-D911-40FF-A2F0-D11DB8D6D0BC BD96C556-65A3-11D0-983A-00C04FC29E36 02BF25D5-8C17-4B23-BC80-D3488ABDDC6B
     suspicious: MSsetSlice CVE-2006-3730 detected setSlice WebViewFolderIcon.WebViewFolderIcon.1
     info: ActiveXDataObjectsMDAC detected Microsoft.XMLHTTP MSXML2.ServerXMLHTTP
     malicious: AOLSuperBuddyActiveX CVE-2006-5820 detected Sb.SuperBuddy.1
     suspicious: Warning detected /warning CVE-NO-MATCH Shellcode Engine Length 65536 /warning CVE-NO-MATCH Shellcode Engine Binary Threshold
     info: [javascript variable] URL=guuatwe.com/cgi-bin/in.cgi?02010258020000000019f696fa242c146511024944
     info: [open] URL=guuatwe.com/cgi-bin/in.cgi?02010258020000000019f696fa242c14651102494400
     info: [element] URL=127.0.0.1/undefined
     info: [decodingLevel=1] found JavaScript
     info: DecodedGenericCLSID detected 02BF25D5-8C17-4B23-BC80-D3488ABDDC6B 77829F14-D911-40FF-A2F0-D11DB8D6D0BC BD96C556-65A3-11D0-983A-00C04FC29E36
     info: ActiveXDataObjectsMDAC detected MSXML2.ServerXMLHTTP Microsoft.XMLHTTP
     suspicious: Warning detected /warning CVE-NO-MATCH Shellcode Engine Binary Threshold /warning CVE-NO-MATCH Shellcode Engine Length 65536
     info: [decodingLevel=2] found JavaScript
     suspicious: Warning detected /warning CVE-NO-MATCH Shellcode NOP len 9999 /warning CVE-NO-MATCH Shellcode Engine Binary Threshold /warning CVE-NO-MATCH Shellcode Engine Length 65536
     info: [3] no JavaScript
     info: file: saved script to (cbc69f001e439fe53b6510c7e67c10bc1735f44f)
     file: cbc69f001e439fe53b6510c7e67c10bc1735f44f: 34688 bytes
     file: 8c61ee5fac9518d6de5b3c2a3eed5731775aac92: 24340 bytes
     file: 5791bc3d21ff148af962f1af5ca9cd9283fdb987: 7902 bytes
     file: eee01c0f831f75f4cba6724fd29b1e2c33f63ed8: 704 bytes

Decoded Files
cbc6/9f001e439fe53b6510c7e67c10bc1735f44f from script (34688 bytes, 1 hidden) download

8c61/ee5fac9518d6de5b3c2a3eed5731775aac92 from script (24340 bytes, 664 hidden) download

5791/bc3d21ff148af962f1af5ca9cd9283fdb987 from script (7902 bytes, 664 hidden) download

eee0/1c0f831f75f4cba6724fd29b1e2c33f63ed8 from script (704 bytes) download