PossibleExecutable in www.trionworlds.com

On 2019-01-25T03:08:02.843460+00:00 we found suspicious pattern PossibleExecutable, type: Suspicious, (Attempt to load a Windows executable file from a web page that may me malware or potentially unwanted software or benign plug-in such as Adobe Flash) in the page https://www.trionworlds.com/archeage/wp… referenced from https://www.trionworlds.com/archeage/en/ .

The suspicious code sample:

b".exe'" … b'<object id="fancybox-swf" classid='

This feature is experimental so please feel free to contact us if you feel any of the reported issues is a false positive or you want to suggest a pattern that should be detected (we are using Yara standard).

Fully automated RESTful API is now available. Subscribe for your free trial today!