generic_javascript_obfuscation5 in www.fundacioncanal.com

On 2020-06-30T20:18:04.886813+00:00 we found pattern generic_javascript_obfuscation5, type: Suspicious, (JavaScript obfuscation is frequently used to hide malicious code (or with hope to protect intellectual property)) in the page https://www.fundacioncanal.com/canaledu… referenced from https://www.fundacioncanal.com/canaledu… .

Code sample:

b'["open","opening","close","closing","select","selecting","\xc2\xba{\x1e\xc2\x95\xc3\xa7-","\xc2\xba{\x1e\xc2\x95\xc3\xa7-ing"],g=["opening","closing","selecting","\xc2\xba{\x1e\xc2\x95\xc3\xa7-ing"];b.call(this,c,d),c.on("*",' … b'["jquery","require","./results","./selection/single","./selection/\xc2\x9a\xc3\xa9m\xc2\x8a\xc2\x99^","./selection/placeholder","./selection/allowClear","./selection/search","./selection/eventRelay","./utils","./translation","./diacritics","./data/select","./data/array","./data/ajax","./data/tags","./data/tokenizer","./data/minimumInputLength","./data/maximumInputLength","./data/maximumSelectionLength","./dropdown","./dropdown/search","./dropdown/hidePlaceholder","./dropdown/infiniteScroll","./dropdown/attachBody","./dropdown/mini'

This feature is experimental so please feel free to contact us if you feel any of the reported issues is a false positive or you want to suggest a pattern that should be detected (we are using Yara standard).

Fully automated RESTful API is now available. Subscribe for your free trial today!