« previous next »
Pages: [1]   Go Down

Author Topic: Heavily obfuscated site  (Read 3114 times)

0 Members and 1 Guest are viewing this topic.

July 06, 2009, 10:17:39 pm
Read 3114 times

Shawn Jefferson

  • Newbie
  • Offline
  • *
  • 8
Heavily obfuscated site
I don't believe that this site is actually hosting or redirecting to any malware, but it's heavily obfuscated and it set off my IDS system this weekend.  I haven't decoded it successfully yet though, so I can't be completely sure it's not doing something bad.  Going to the site on an analysis machine didn't show anything obviously bad.

Code: [Select]
http://www.amdo.org/
I guess they want to foil any email email harvesters and web crawlers (?). 

Logged
July 07, 2009, 12:05:47 am
Reply #1

MysteryFCM

  • Administrator
  • Hero Member
  • Offline
  • *****
  • 1693
  • Personal Text
    Phishing Phanatic
    • I.T. Mate
Re: Heavily obfuscated site
Logged
Regards

Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net
July 07, 2009, 04:49:26 pm
Reply #2

Shawn Jefferson

  • Newbie
  • Offline
  • *
  • 8
Re: Heavily obfuscated site
Thanks!  I should have thought of running it through wepawet!  :-[
Logged
July 07, 2009, 05:33:13 pm
Reply #3

MysteryFCM

  • Administrator
  • Hero Member
  • Offline
  • *****
  • 1693
  • Personal Text
    Phishing Phanatic
    • I.T. Mate
Re: Heavily obfuscated site
No problem :)
Logged
Regards

Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net
Pages: [1]   Go Up
« previous next »