generic_javascript_obfuscation5 in viadata.store

On 2020-05-23T18:29:49.939224+00:00 we found pattern generic_javascript_obfuscation5, type: Suspicious, (JavaScript obfuscation is frequently used to hide malicious code (or with hope to protect intellectual property)) in the page http://viadata.store/player/PLAYER-2001… referenced from https://tamilyogi.fm/category/tamilyogi… .

Code sample:

b'["\xc2\xb2\xc3\xa6\xc3\xad\xc2\x8a\xc3\x99^", "vars", "embed", "url", "heartbeat", "thumbnails", "v\xc2\x8c\'\xc2\x96\xc2\x86\xc2\x9d", "points", "remove", ' … b"['50%', '75%', '100%', '125%', '150%', '175%', '200%', '250%', '300%', " … b"['0', '0.2', '0.3', '0.4', '0.5', '0.6', '0.7', '0.8', '0.9', " … b"['ffffff', 'ffeeab', '72ccf8', '62de50', 'faed54', 'feba54', 'e8bbff', 'ffc7d1', 'aaaaaa', 'd9bb8c', 'b3fee8', '4bd9ac', 'FEF370', 'D90000', '073DA0', '409829', '644082', "

This feature is experimental so please feel free to contact us if you feel any of the reported issues is a false positive or you want to suggest a pattern that should be detected (we are using Yara standard).

Fully automated RESTful API is now available. Subscribe for your free trial today!