hi
I Have been asked to analyze a website with suspicious activity such as drive-by download malware.
The source code of page is this:
I can't understand the value of attribute that be sended to q.php through get method
vywnynlp=30:1g:1g:1o:1i&fgmv=r&vvoujby=1i:31:32:1g:1n:1h:1l:1l:1n:31&kxt=1f:1d:1f:1d:1f:1d:1f
Please help me and say how can I decode the encrypted value .
I Have been asked to analyze a website with suspicious activity such as drive-by download malware.
The source code of page is this:
Code:
< iframe src=" /ca172171ce451f92c398830a954d402b/q.php?vywnynlp= 30:1g:1g:1o:1i&fgmv=r&vvoujby=1i:31:32:1g:1n:1h:1l:1l:1n:31&kxt=1f:1d:1f:1d:1f:1d:1f"> <iframe >vywnynlp=30:1g:1g:1o:1i&fgmv=r&vvoujby=1i:31:32:1g:1n:1h:1l:1l:1n:31&kxt=1f:1d:1f:1d:1f:1d:1f
Please help me and say how can I decode the encrypted value .
