Attention: We will be transitioning to a new AAD or Microsoft Entra ID from the week of May 20, 2024. In case your tenant requires admin consent, please refer to this document located at Overview of user and admin consent - Microsoft Entra ID | Microsoft Learn and grant access to App ID: 6ba09155-cb24-475b-b24f-b4e28fc74365 with graph permissions for Directory.Read.All and User.Read for continued access.
Send us feedback
Thank you for your feedback
We couldn't find the malware. Try searching for the malware you’ve encountered. If you opened this link from a Microsoft product, please
use the Feedback Hub app
to report the invalid URL.
We couldn't find the malware. We’ve returned search results instead. If you opened this link from a Microsoft product, please
use the Feedback Hub app
to report the invalid URL.
Exploit:JS/Mult.DU is a trojan that runs various exploit codes depending on the version of Java installed in the affected computer. It may also send certain information to a remote attacker.
JS/Mult describes a group of threats, written in JavaScript, that attempt to exploit multiple vulnerabilities on affected computers in order to download, execute or otherwise run arbitrary code. The malicious JavaScript may be hosted on compromised or malicious websites, embedded in specially crafted PDF files, or could be called by other malicious scripts.
Exploit:JS/Mult.DB is the detection for a specifically obfuscated shellcode, embedded in PDF files, that targets software vulnerabilities in Adobe Acrobat and Adobe Reader.
Exploit:JS/Mult.DL is a detection for malicious obfuscated JavaScript that redirects to exploit code, depending on what is supported by the browser that executes the script. The script also displays a fake 404-error message.
Exploit:JS/Mult.DY is the detection for infected webpages containing an IFrame that redirects users to a malicious website. The compromised webpages are usually found in websites running a vulnerable version of the osCommerce v2.2 software.
Exploit:JS/Mult.CZ is the detection for shellcode that is part of a group of threats, usually written in JavaScript, that attempts to exploit particular vulnerabilities in order to download and run arbitrary files. This malicious code may be hosted on compromised websites, and called by other malicious scripts.
Exploit:JS/Mult.DJ is a detection for an obfuscated JavaScript often distributed through compromised websites. It is designed to exploit multiple known vulnerabilities in the web browser.
Exploit:JS/Mult.AH is a malicious JavaScript that attempts to execute multiple instances of code to exploit a potentially vulnerable operating system environment. The malware could download arbitrary files and send details about the affected computer to a remote attacker.
Exploit:JS/Mult.BS is the generic detection for obfuscated shellcode embedded in JavaScript that downloads and executes files from a remote server. It is usually embedded in a JavaScript file hosted in a compromised or malicious Web site. When the page containing the JavaScript is accessed, for example if a user visits a compromised site, the JavaScript is executed, triggering the shellcode to run.
Exploit:JS/Mult.BB is a detection for obfuscated shellcode embedded in a Javascript file. It may be embedded in Web pages or PDF files. It attempts to exploit various vulnerabilities, for example, certain ones in Adobe Acrobat/Reader or those resolved by the Microsoft MS06-057 and MS06-014 security updates.
Files detected as Exploit:JS/Mult.BB may perform any number of malicious actions, such as downloading other malware.
Exploit:JS/Mult.BC is the generic detection for obfuscated shellcode embedded in a JavaScript that downloads and executes files from a remote server. It is usually embedded in a JavaScript file hosted in a compromised or malicious Web site. When the page containing the JavaScript is accessed, for example if a user visits a compromised site, the JavaScript is executed, triggering the shellcode to run.
Exploit:JS/Mult.CR is a detection for a malicious shellcode that exploits a vulnerability in Internet Explorer (CVE-2010-0806) that could allow remote execution of arbitrary code.
Exploit:JS/Mult.CY is a generic detection for the obfuscated shellcode embedded in a JavaScript that attempts to exploit a vulnerability in the Microsoft Video ActiveX Control (CVE-2008-0015), resulting in the potential download and execution of files from a remote server.
Exploit:JS/Mult.DA is a detection for obfuscated scripts using a specific JavaScript packer. Scripts detected as Exploit:JS/Mult.DA attempt to exploit the HTML Object Memory Corruption Vulnerability in Internet Explorer. This vulnerability is discussed in, and mitigated using, the Microsoft Security Bulletin MS10-002.
Exploit:JS/Mult.DC is the detection for a specifically obfuscated JavaScript, embedded in PDF files, that targets software vulnerabilities in Adobe Acrobat and Adobe Reader.
Exploit:JS/Mult.AF is a detection for code that exploits a certain vulnerability in Internet Explorer 7 in order to download and run arbitrary files.
Files detected as Exploit:JS/Mult.AF may arrive in the system when a user browses certain sites using a vulnerable version of Internet Explorer. When a webpage that includes Exploit:JS/Mult.AF is loaded, the vulnerability in Internet Explorer is exploited.
Exploit:JS/Mult.AI is a detection for code that exploits a certain vulnerability in Internet Explorer 7 in order to download and run arbitrary files.
Files detected as Exploit:JS/Mult.AI may arrive in the system when a user browses certain sites using a vulnerable version of Internet Explorer. When a webpage that includes Exploit:JS/Mult.AI is loaded, the vulnerability in Internet Explorer is exploited.
Exploit:JS/Mult.AG is a detection for malicious shellcode that attempts to exploit certain vulnerabilities in order to download and run arbitrary files. The shellcode is obfuscated.
Some files detected as Exploit:JS/Mult.AG may arrive in the system when a user browses certain sites using a vulnerable version of Internet Explorer. When a webpage that includes Exploit:JS/Mult.AG is loaded, the shellcode is executed in the system.
This is the case for files detected as Exploit:JS/Mult.AG that may be associated with a vulnerability in Internet Explorer as discussed in Microsoft Security Advisory (961051). Users are advised to refer to these resources for more information.
