JSUNPACK
A Generic JavaScript Unpacker
CAUTION: jsunpack was designed for security researchers and computer professionals
Enter a single URL (or paste JavaScript to decode):

Upload a PDF, pcap, HTML, or JavaScript file
Private? Help: privacy | uploads
Default Referer
Description

Submission permanent link b529f931f31ee808c6ada3eecb137bff2d2ae5a1 (Received 2018-03-04 15:31:13, http://jsunpack.jeek.org/dec/getfile?hash=c08e/879c15299b9ff71980263cadd8fb0000152d )

URLStatus
jsunpack.jeek.org/dec/getfile?hash=c08e/879c15299b9ff71980263cadd8fb0000152d saved 3590 bytes f6b85e11539ca23cc1c7c7d47e27f4fbaf0451a1

All Malicious or Suspicious Elements of Submission

malicious: Alert detected /alert CVE-2010-0249 MSIEUseAfterFree (CreateElement called 499 times)
suspicious: Warning detected /warning CVE-NO-MATCH Shellcode NOP len 1581129 /warning CVE-NO-MATCH Shellcode Engine Length 65536 /warning CVE-NO-MATCH Shellcode NOP len 9999 /warning CVE-NO-MATCH Shellcode Engine Binary Threshold
suspicious: shellcode of length 261824/130912
jsunpack.jeek.org/dec/getfile?hash=c08e/879c15299b9ff71980263cadd8fb0000152d malicious
[malicious:10] (ipaddr:204.152.206.106) jsunpack.jeek.org/dec/getfile?hash=c08e/879c15299b9ff71980263cadd8fb0000152d
     status: (referer=www.google.com/trends/hottrends)saved 3590 bytes f6b85e11539ca23cc1c7c7d47e27f4fbaf0451a1
     info: [img] jsunpack.jeek.org/dec/getfile?hash=c08e/aurora.gif
     info: [decodingLevel=0] found JavaScript
     malicious: Alert detected /alert CVE-2010-0249 MSIEUseAfterFree (CreateElement called 499 times)
     suspicious: Warning detected /warning CVE-NO-MATCH Shellcode NOP len 1581129 /warning CVE-NO-MATCH Shellcode Engine Length 65536 /warning CVE-NO-MATCH Shellcode NOP len 9999 /warning CVE-NO-MATCH Shellcode Engine Binary Threshold
     suspicious: shellcode of length 261824/130912
     info: [element] URL=jsunpack.jeek.org/dec/getfile?hash=c08e/undefined
     info: [1] no JavaScript
     info: file: saved jsunpack.jeek.org/dec/getfile?hash=c08e/879c15299b9ff71980263cadd8fb0000152d to (f6b85e11539ca23cc1c7c7d47e27f4fbaf0451a1)
     file: f6b85e11539ca23cc1c7c7d47e27f4fbaf0451a1: 3590 bytes
     file: cef64216670dbcd283e81ad80ed30752084e861d: 823951 bytes
     file: e9e487d7e83c700b26567e3f36b6720a464f0455: 261824 bytes

Decoded Files
f6b8/5e11539ca23cc1c7c7d47e27f4fbaf0451a1 from jsunpack.jeek.org/dec/getfile?hash=c08e/879c15299b9ff71980263cadd8fb0000152d (3590 bytes, 1264 hidden) download

cef6/4216670dbcd283e81ad80ed30752084e861d from jsunpack.jeek.org/dec/getfile?hash=c08e/879c15299b9ff71980263cadd8fb0000152d (823951 bytes) download

e9e4/87d7e83c700b26567e3f36b6720a464f0455 from jsunpack.jeek.org/dec/getfile?hash=c08e/879c15299b9ff71980263cadd8fb0000152d (261824 bytes) download


jsunpack.jeek.org/dec/getfile?hash=c08e/undefined benign
[nothing detected] (element) jsunpack.jeek.org/dec/getfile?hash=c08e/undefined
     status: (referer=jsunpack.jeek.org/dec/getfile?hash=c08e/879c15299b9ff71980263cadd8fb0000152d)saved 13 bytes fba27a8f051685d011f6f69636b97caf06aabeda
     info: [0] no JavaScript
     file: fba27a8f051685d011f6f69636b97caf06aabeda: 13 bytes

Decoded Files
fba2/7a8f051685d011f6f69636b97caf06aabeda from jsunpack.jeek.org/dec/getfile?hash=c08e/undefined (13 bytes) download