generic_javascript_obfuscation5 in www.fundacioncanal.com

On 2020-06-30T20:18:04.858007+00:00 we found pattern generic_javascript_obfuscation5, type: Suspicious, (JavaScript obfuscation is frequently used to hide malicious code (or with hope to protect intellectual property)) in the page https://www.fundacioncanal.com/canaledu… referenced from https://www.fundacioncanal.com/canaledu… .

Code sample:

b'["u\xc3\xa7"\xc2\x99\xc2\xa9l","\xc2\xb6\x1a.\xc2\xb1\xc2\xa9\xc3\x9d","mark","prefix","postfix","encoder","decoder","\xc2\x9d\xc3\xa8\x1a\xc2\xb6+\xc3\x9eBefore","\xc2\x9d\xc3\xa8\x1a\xc2\xb6+\xc3\x9e","edit",'

This feature is experimental so please feel free to contact us if you feel any of the reported issues is a false positive or you want to suggest a pattern that should be detected (we are using Yara standard).

Fully automated RESTful API is now available. Subscribe for your free trial today!