JSUNPACK
A Generic JavaScript Unpacker
CAUTION: jsunpack was designed for security researchers and computer professionals
Enter a single URL (or paste JavaScript to decode):

Upload a PDF, pcap, HTML, or JavaScript file
Private? Help: privacy | uploads
Default Referer
Description

Submission permanent link 1a2690b3c3138bdeb0dd09dc08904f001088764b (Received 2018-07-12 02:40:43, script )

URLStatus
guuatwe.com/cgi-bin/in.cgi?02010258020000000019f696fa242c146581fe980f00 status: (referer=http:/www.ask.com/web?q=puppies)failure: <urlopen error [Errno -2] Name or service not known>

127.0.0.1/undefined

guuatwe.com/cgi-bin/in.cgi?02010258020000000019f696fa242c146581fe980f status: (referer=http:/www.ask.com/web?q=puppies)failure: <urlopen error [Errno -2] Name or service not known>

All Malicious or Suspicious Elements of Submission

suspicious: MSsetSlice CVE-2006-3730 detected setSlice WebViewFolderIcon.WebViewFolderIcon.1
malicious: AOLSuperBuddyActiveX CVE-2006-5820 detected Sb.SuperBuddy.1
suspicious: Warning detected /warning CVE-NO-MATCH Shellcode Engine Binary Threshold /warning CVE-NO-MATCH Shellcode Engine Length 65536
suspicious: Warning detected /warning CVE-NO-MATCH Shellcode NOP len 9999 /warning CVE-NO-MATCH Shellcode Engine Binary Threshold /warning CVE-NO-MATCH Shellcode Engine Length 65536
script malicious
[malicious:7] script
     info: [decodingLevel=0] found JavaScript
     error: undefined variable F0VTp03Y
     error: undefined function F0VTp03Y
     info: DecodedGenericCLSID detected 02BF25D5-8C17-4B23-BC80-D3488ABDDC6B 77829F14-D911-40FF-A2F0-D11DB8D6D0BC BD96C556-65A3-11D0-983A-00C04FC29E36
     suspicious: MSsetSlice CVE-2006-3730 detected setSlice WebViewFolderIcon.WebViewFolderIcon.1
     info: ActiveXDataObjectsMDAC detected MSXML2.ServerXMLHTTP Microsoft.XMLHTTP
     malicious: AOLSuperBuddyActiveX CVE-2006-5820 detected Sb.SuperBuddy.1
     suspicious: Warning detected /warning CVE-NO-MATCH Shellcode Engine Binary Threshold /warning CVE-NO-MATCH Shellcode Engine Length 65536
     info: [javascript variable] URL=guuatwe.com/cgi-bin/in.cgi?02010258020000000019f696fa242c146581fe980f
     info: [open] URL=guuatwe.com/cgi-bin/in.cgi?02010258020000000019f696fa242c146581fe980f00
     info: [element] URL=127.0.0.1/undefined
     info: [decodingLevel=1] found JavaScript
     info: [decodingLevel=2] found JavaScript
     suspicious: Warning detected /warning CVE-NO-MATCH Shellcode NOP len 9999 /warning CVE-NO-MATCH Shellcode Engine Binary Threshold /warning CVE-NO-MATCH Shellcode Engine Length 65536
     info: [3] no JavaScript
     info: file: saved script to (6a32a8eef0903ade4a991dd2aa86c592a9e58cd1)
     file: 6a32a8eef0903ade4a991dd2aa86c592a9e58cd1: 34692 bytes
     file: c1866c0509b9d5420eb7ed30ee3b4817a7b9fb8f: 24343 bytes
     file: d12654e8c54c879bf42e66f1c2377d2fbd59c1ff: 7903 bytes
     file: 81ef8703053092be0352ce3655bb81e4872edbe4: 704 bytes

Decoded Files
6a32/a8eef0903ade4a991dd2aa86c592a9e58cd1 from script (34692 bytes, 1 hidden) download

c186/6c0509b9d5420eb7ed30ee3b4817a7b9fb8f from script (24343 bytes, 664 hidden) download

d126/54e8c54c879bf42e66f1c2377d2fbd59c1ff from script (7903 bytes, 664 hidden) download

81ef/8703053092be0352ce3655bb81e4872edbe4 from script (704 bytes) download