generic_javascript_obfuscation5 in labelmand.nl

On 2020-05-23T00:04:24.372549+00:00 we found pattern generic_javascript_obfuscation5, type: Suspicious, (JavaScript obfuscation is frequently used to hide malicious code (or with hope to protect intellectual property)) in the page http://labelmand.nl/wp-content/plugins/… referenced from http://labelmand.nl/ .

Code sample:

b'["fill","stroke","stopColor","color","backgroundColor","borderColor","borderTopColor","n\xc2\x8a\xc3\x9dz\xc2\xb4b\xc2\x82\x1bB\xc2\xa2Z+","borderBottomColor","borderLeftColor","\xc2\xa2\xc3\xabe\xc2\x8aw\xc2\x82\xc2\xa2Z+"],transformsBase:["translateX","translateY","scale","scaleX","scaleY","skewX","skewY","rotateZ"],transforms3D:["\xc2\xb6\xc2\xb6\xc2\xa7\xc2\xb1\xc3\xba+\xc2\x98\xc3\xb7\xc2\xab\xc2\xb2\xc2\x97\xc2\x9c\xc2\xb6+\xc3\x9e","translateZ","scaleZ","rotateX",' … b'["translateX","translateY","scale","scaleX","scaleY","skewX","skewY","rotateZ"],transforms3D:["\xc2\xb6\xc2\xb6\xc2\xa7\xc2\xb1\xc3\xba+\xc2\x98\xc3\xb7\xc2\xab\xc2\xb2\xc2\x97\xc2\x9c\xc2\xb6+\xc3\x9e","translateZ","scaleZ","rotateX",' … b'["\xc2\xa2\xc3\xb7\xc2\xab~Z0","\xc2\xa2\xc3\xb7\xc2\xab~Z0X","\xc2\xa2\xc3\xb7\xc2\xab~Z0Y"],~\xc3\xa9\xc3\x9c\xc2\xb6*\'(e,t){v.CSS.setPropertyValue(u,t,"hidden")}),v.CSS.setPropertyValue(u,"\xc2\xa6\xc2\x8b"\xc2\xb6*\'",e.\xc2\xa6\xc2\x8b"\xc2\xb6*\'),v.CSS.setPropertyValue(u,"~\xc2\x89\xc3\xadJ,\xc3\x9e",e.~\xc2\x89\xc3\xadJ,\xc3\x9e),v.CSS.setPropertyValue(u,"boxSizing","content-box"),$.each(["\xc2\x9a)\xc3\x96\xc2\x89\xc3\x9ba","\xc2\x99\xc2\xacV\xc2\x89\xc3\x9ba","width","minHeight","maxHeight","height"],~\xc3\xa9\xc3\x9c\xc2\xb6*\'(e,t){v.CSS.setPropertyValue(u,t,s+"%")}),v.CSS.setPropertyValue(u,"paddingLeft",s+"em"),l.percentToPxWidth=N.lastPercentToPxWidth=(parseFloat(x.getPropertyValue(u,"width",null,!0))' … b'["reverse",.125],["reverse",.125],["reverse",.125],["reverse",.125],["reverse",.125],[{scaleX:1,scaleY:1,rotateZ:0},.2]]},"transition.fadeIn":{defaultDuration:500,calls:[[{opacity:[1,0]}]]},"transition.fadeOut":{defaultDuration:500,calls:[[{opacity:[0,1]}]]},"transition.flipXIn":{defaultDuration:700,calls:[[{opacity:[1,0],\xc2\xb6\xc2\xb6\xc2\xa7\xc2\xb1\xc3\xba+\xc2\x98\xc3\xb7\xc2\xab\xc2\xb2\xc2\x97\xc2\x9c\xc2\xb6+\xc3\x9e:[800,800],rotateY:[0,-55]}]],reset:{\xc2\xb6\xc2\xb6\xc2\xa7\xc2\xb1\xc3\xba+\xc2\x98\xc3\xb7\xc2\xab\xc2\xb2\xc2\x97\xc2\x9c\xc2\xb6+\xc3\x9e:0}},"transition.flipXOut":{defaultDuration:700,calls:[[{opacity:[0,1],\xc2\xb6\xc2\xb6\xc2\xa7\xc2\xb1\xc3\xba+\xc2\x98\xc3\xb7\xc2\xab\xc2\xb2\xc2\x97\xc2\x9c\xc2' … b'["reverse",.125],["reverse",.125],["reverse",.125],["reverse",.125],[{scaleX:1,scaleY:1,rotateZ:0},.2]]},"transition.fadeIn":{defaultDuration:500,calls:[[{opacity:[1,0]}]]},"transition.fadeOut":{defaultDuration:500,calls:[[{opacity:[0,1]}]]},"transition.flipXIn":{defaultDuration:700,calls:[[{opacity:[1,0],\xc2\xb6\xc2\xb6\xc2\xa7\xc2\xb1\xc3\xba+\xc2\x98\xc3\xb7\xc2\xab\xc2\xb2\xc2\x97\xc2\x9c\xc2\xb6+\xc3\x9e:[800,800],rotateY:[0,-55]}]],reset:{\xc2\xb6\xc2\xb6\xc2\xa7\xc2\xb1\xc3\xba+\xc2\x98\xc3\xb7\xc2\xab\xc2\xb2\xc2\x97\xc2\x9c\xc2\xb6+\xc3\x9e:0}},"transition.flipXOut":{defaultDuration:700,calls:[[{opacity:[0,1],\xc2\xb6\xc2\xb6\xc2\xa7\xc2\xb1\xc3\xba+\xc2\x98\xc3\xb7\xc2\xab\xc2\xb2\xc2\x97\xc2\x9c\xc2\xb6+\xc3\x9e:[800,800],ro' … b'["reverse",.125],["reverse",.125],["reverse",.125],[{scaleX:1,scaleY:1,rotateZ:0},.2]]},"transition.fadeIn":{defaultDuration:500,calls:[[{opacity:[1,0]}]]},"transition.fadeOut":{defaultDuration:500,calls:[[{opacity:[0,1]}]]},"transition.flipXIn":{defaultDuration:700,calls:[[{opacity:[1,0],\xc2\xb6\xc2\xb6\xc2\xa7\xc2\xb1\xc3\xba+\xc2\x98\xc3\xb7\xc2\xab\xc2\xb2\xc2\x97\xc2\x9c\xc2\xb6+\xc3\x9e:[800,800],rotateY:[0,-55]}]],reset:{\xc2\xb6\xc2\xb6\xc2\xa7\xc2\xb1\xc3\xba+\xc2\x98\xc3\xb7\xc2\xab\xc2\xb2\xc2\x97\xc2\x9c\xc2\xb6+\xc3\x9e:0}},"transition.flipXOut":{defaultDuration:700,calls:[[{opacity:[0,1],\xc2\xb6\xc2\xb6\xc2\xa7\xc2\xb1\xc3\xba+\xc2\x98\xc3\xb7\xc2\xab\xc2\xb2\xc2\x97\xc2\x9c\xc2\xb6+\xc3\x9e:[800,800],rotateY:55}]],reset' … b'["reverse",.125],["reverse",.125],[{scaleX:1,scaleY:1,rotateZ:0},.2]]},"transition.fadeIn":{defaultDuration:500,calls:[[{opacity:[1,0]}]]},"transition.fadeOut":{defaultDuration:500,calls:[[{opacity:[0,1]}]]},"transition.flipXIn":{defaultDuration:700,calls:[[{opacity:[1,0],\xc2\xb6\xc2\xb6\xc2\xa7\xc2\xb1\xc3\xba+\xc2\x98\xc3\xb7\xc2\xab\xc2\xb2\xc2\x97\xc2\x9c\xc2\xb6+\xc3\x9e:[800,800],rotateY:[0,-55]}]],reset:{\xc2\xb6\xc2\xb6\xc2\xa7\xc2\xb1\xc3\xba+\xc2\x98\xc3\xb7\xc2\xab\xc2\xb2\xc2\x97\xc2\x9c\xc2\xb6+\xc3\x9e:0}},"transition.flipXOut":{defaultDuration:700,calls:[[{opacity:[0,1],\xc2\xb6\xc2\xb6\xc2\xa7\xc2\xb1\xc3\xba+\xc2\x98\xc3\xb7\xc2\xab\xc2\xb2\xc2\x97\xc2\x9c\xc2\xb6+\xc3\x9e:[800,800],rotateY:55}]],reset:{\xc2\xb6\xc2\xb6\xc2\xa7\xc2\xb1\xc3\xba+\xc2\x98\xc3\xb7' … b'["reverse",.125],[{scaleX:1,scaleY:1,rotateZ:0},.2]]},"transition.fadeIn":{defaultDuration:500,calls:[[{opacity:[1,0]}]]},"transition.fadeOut":{defaultDuration:500,calls:[[{opacity:[0,1]}]]},"transition.flipXIn":{defaultDuration:700,calls:[[{opacity:[1,0],\xc2\xb6\xc2\xb6\xc2\xa7\xc2\xb1\xc3\xba+\xc2\x98\xc3\xb7\xc2\xab\xc2\xb2\xc2\x97\xc2\x9c\xc2\xb6+\xc3\x9e:[800,800],rotateY:[0,-55]}]],reset:{\xc2\xb6\xc2\xb6\xc2\xa7\xc2\xb1\xc3\xba+\xc2\x98\xc3\xb7\xc2\xab\xc2\xb2\xc2\x97\xc2\x9c\xc2\xb6+\xc3\x9e:0}},"transition.flipXOut":{defaultDuration:700,calls:[[{opacity:[0,1],\xc2\xb6\xc2\xb6\xc2\xa7\xc2\xb1\xc3\xba+\xc2\x98\xc3\xb7\xc2\xab\xc2\xb2\xc2\x97\xc2\x9c\xc2\xb6+\xc3\x9e:[800,800],rotateY:55}]],reset:{\xc2\xb6\xc2\xb6\xc2\xa7\xc2\xb1\xc3\xba+\xc2\x98\xc3\xb7\xc2\xab\xc2\xb2\xc2\x97\xc2\x9c\xc2\xb6+\xc3\x9e:0,r' … b'["100%","50%"],transformOriginY:["100%","100%"],scaleX:[1,0],scaleY:[1,0],translateX:[0,-700],translateZ:0}]],reset:{transformOriginX:"50%",transformOriginY:"50%"}},"transition.swoopOut":{defaultDuration:850,calls:[[{opacity:[0,1],transformOriginX:["50%","100%"],transformOriginY:["100%","100%"],scaleX:0,scaleY:0,translateX:-700,translateZ:0}]],reset:{transformOriginX:"50%",transformOriginY:"50%",scaleX:1,scaleY:1,translateX:0}},"transition.whirlIn":{defaultDuration:850,calls:[[{opacity:[1,0],transformOrigin' … b'["100%","100%"],scaleX:[1,0],scaleY:[1,0],translateX:[0,-700],translateZ:0}]],reset:{transformOriginX:"50%",transformOriginY:"50%"}},"transition.swoopOut":{defaultDuration:850,calls:[[{opacity:[0,1],transformOriginX:["50%","100%"],transformOriginY:["100%","100%"],scaleX:0,scaleY:0,translateX:-700,translateZ:0}]],reset:{transformOriginX:"50%",transformOriginY:"50%",scaleX:1,scaleY:1,translateX:0}},"transition.whirlIn":{defaultDuration:850,calls:[[{opacity:[1,0],transformOriginX:["50%","50%"],transformOriginY' … b'["50%","100%"],transformOriginY:["100%","100%"],scaleX:0,scaleY:0,translateX:-700,translateZ:0}]],reset:{transformOriginX:"50%",transformOriginY:"50%",scaleX:1,scaleY:1,translateX:0}},"transition.whirlIn":{defaultDuration:850,calls:[[{opacity:[1,0],transformOriginX:["50%","50%"],transformOriginY:["50%","50%"],scaleX:[1,0],scaleY:[1,0],rotateY:[0,160]},1,{easing:"easeInOutSine"}]]},"transition.whirlOut":{defaultDuration:750,calls:[[{opacity:[0,"easeInOutQuint",1],transformOriginX:["50%","50%"],transformOrigi' … b'["100%","100%"],scaleX:0,scaleY:0,translateX:-700,translateZ:0}]],reset:{transformOriginX:"50%",transformOriginY:"50%",scaleX:1,scaleY:1,translateX:0}},"transition.whirlIn":{defaultDuration:850,calls:[[{opacity:[1,0],transformOriginX:["50%","50%"],transformOriginY:["50%","50%"],scaleX:[1,0],scaleY:[1,0],rotateY:[0,160]},1,{easing:"easeInOutSine"}]]},"transition.whirlOut":{defaultDuration:750,calls:[[{opacity:[0,"easeInOutQuint",1],transformOriginX:["50%","50%"],transformOriginY:["50%","50%"],scaleX:0,scaleY' … b'["50%","50%"],transformOriginY:["50%","50%"],scaleX:[1,0],scaleY:[1,0],rotateY:[0,160]},1,{easing:"easeInOutSine"}]]},"transition.whirlOut":{defaultDuration:750,calls:[[{opacity:[0,"easeInOutQuint",1],transformOriginX:["50%","50%"],transformOriginY:["50%","50%"],scaleX:0,scaleY:0,rotateY:160},1,{easing:"swing"}]],reset:{scaleX:1,scaleY:1,rotateY:0}},"transition.shrinkIn":{defaultDuration:750,calls:[[{opacity:[1,0],transformOriginX:["50%","50%"],transformOriginY:["50%","50%"],scaleX:[1,1.5],scaleY:[1,1.5],tr' … b'["50%","50%"],scaleX:[1,0],scaleY:[1,0],rotateY:[0,160]},1,{easing:"easeInOutSine"}]]},"transition.whirlOut":{defaultDuration:750,calls:[[{opacity:[0,"easeInOutQuint",1],transformOriginX:["50%","50%"],transformOriginY:["50%","50%"],scaleX:0,scaleY:0,rotateY:160},1,{easing:"swing"}]],reset:{scaleX:1,scaleY:1,rotateY:0}},"transition.shrinkIn":{defaultDuration:750,calls:[[{opacity:[1,0],transformOriginX:["50%","50%"],transformOriginY:["50%","50%"],scaleX:[1,1.5],scaleY:[1,1.5],translateZ:0}]]},"transition.shri' … b'["50%","50%"],transformOriginY:["50%","50%"],scaleX:0,scaleY:0,rotateY:160},1,{easing:"swing"}]],reset:{scaleX:1,scaleY:1,rotateY:0}},"transition.shrinkIn":{defaultDuration:750,calls:[[{opacity:[1,0],transformOriginX:["50%","50%"],transformOriginY:["50%","50%"],scaleX:[1,1.5],scaleY:[1,1.5],translateZ:0}]]},"transition.shrinkOut":{defaultDuration:600,calls:[[{opacity:[0,1],transformOriginX:["50%","50%"],transformOriginY:["50%","50%"],scaleX:1.3,scaleY:1.3,translateZ:0}]],reset:{scaleX:1,scaleY:1}},"transiti' … b'["50%","50%"],scaleX:0,scaleY:0,rotateY:160},1,{easing:"swing"}]],reset:{scaleX:1,scaleY:1,rotateY:0}},"transition.shrinkIn":{defaultDuration:750,calls:[[{opacity:[1,0],transformOriginX:["50%","50%"],transformOriginY:["50%","50%"],scaleX:[1,1.5],scaleY:[1,1.5],translateZ:0}]]},"transition.shrinkOut":{defaultDuration:600,calls:[[{opacity:[0,1],transformOriginX:["50%","50%"],transformOriginY:["50%","50%"],scaleX:1.3,scaleY:1.3,translateZ:0}]],reset:{scaleX:1,scaleY:1}},"transition.expandIn":{defaultDuration:7' … b'["50%","50%"],transformOriginY:["50%","50%"],scaleX:[1,1.5],scaleY:[1,1.5],translateZ:0}]]},"transition.shrinkOut":{defaultDuration:600,calls:[[{opacity:[0,1],transformOriginX:["50%","50%"],transformOriginY:["50%","50%"],scaleX:1.3,scaleY:1.3,translateZ:0}]],reset:{scaleX:1,scaleY:1}},"transition.expandIn":{defaultDuration:700,calls:[[{opacity:[1,0],transformOriginX:["50%","50%"],transformOriginY:["50%","50%"],scaleX:[1,.625],scaleY:[1,.625],translateZ:0}]]},"transition.expandOut":{defaultDuration:700,calls' … b'["50%","50%"],scaleX:[1,1.5],scaleY:[1,1.5],translateZ:0}]]},"transition.shrinkOut":{defaultDuration:600,calls:[[{opacity:[0,1],transformOriginX:["50%","50%"],transformOriginY:["50%","50%"],scaleX:1.3,scaleY:1.3,translateZ:0}]],reset:{scaleX:1,scaleY:1}},"transition.expandIn":{defaultDuration:700,calls:[[{opacity:[1,0],transformOriginX:["50%","50%"],transformOriginY:["50%","50%"],scaleX:[1,.625],scaleY:[1,.625],translateZ:0}]]},"transition.expandOut":{defaultDuration:700,calls:[[{opacity:[0,1],transformOrig' … b'["innerHeight","innerWidth","off","offset","on","outerHeight","outerWidth","scrollLeft",'

This feature is experimental so please feel free to contact us if you feel any of the reported issues is a false positive or you want to suggest a pattern that should be detected (we are using Yara standard).

Fully automated RESTful API is now available. Subscribe for your free trial today!