generic_javascript_obfuscation in fedex.epresis.com

On 2019-12-02T21:32:53.726256+00:00 we found suspicious pattern generic_javascript_obfuscation, type: Suspicious, (JavaScript obfuscation is frequently used to hide malicious code (or with hope to protect intellectual property)) in the page http://fedex.epresis.com/

The suspicious code sample:

b'atob' … b"'/assets/js/mvc/loginpage/i18n'" … b'%2B' … b'%2B' … b'%2B' … b'%2F' … b'%2B' … b'%2F' … b'%2F' … b'%2B' … b'%2B' … b'%2F' … b'%2B' … b'%2B' … b'%2B' … b'%2F' … b'%2F' … b'%2F' … b'%2F' … b'%3D' … b'%3A' … b'%2F' … b'%2F' … b'%2F'

This feature is experimental so please feel free to contact us if you feel any of the reported issues is a false positive or you want to suggest a pattern that should be detected (we are using Yara standard).

Fully automated RESTful API is now available. Subscribe for your free trial today!