generic_javascript_obfuscation5 in cdn.radiantmediatechs.com

On 2020-06-30T21:25:09.055891+00:00 we found pattern generic_javascript_obfuscation5, type: Suspicious, (JavaScript obfuscation is frequently used to hide malicious code (or with hope to protect intellectual property)) in the page https://cdn.radiantmediatechs.com/rmp/r… referenced from http://portal.al.go.leg.br/ .

Code sample:

b'["tvmanchet.com.br","radioradical.com.br","fotodicas.com","player.logicahost.com.br","tvparaiba.com.br","tvpopbrasil.com.br","cda1.com.br","tvsucessonhrs.com","tvsearaemchamas.com.br","hostradio.com.br","tvgaranhuns.blogspot.com","atalaiatv.blogspot.com","bllog-tv.blogspot.com","www.infogfl.com.br",' … b'["arynews.tv","arydigital.tv","aryqtv.tv","aryzindagi.tv","arymusik.tv","arysports.tv","arytube.tv","aryfilmfestival.com","arylive.com","migary.com","api.arynews.tv","aryfeast.com","jeetopakistan.com","karachikings.com.pk","api.karachikings.com.pk","demo.arynews.tv",' … b'["www.misericordiamariatv.org","v2.misericordiamariatv.org","www.divinamadre.org","www.comunidadefigueira.org.br","comunidadefigueira.org.br","mmtv.grupoite.dyndns.org","www.fraterinternacional.org"],"j\xc2\x9aV\xc2\x86+^\xc2\x96+-":[]},{"license":"\xc3\x9dL\xc3\x8d\xc3\x80D\xc3\x8d\xc3\x84\x01\x1e\xc2\x8e\xc2\x91\xc3\x9d\xc2\xa7\x1d\xc2\x99\xc2\xb0\x1d\xc3\x9a","blacklist":[],"whitelist":["everyeye.it","everyeye.net","forumeye.it"]},{"license":"\xc3\x85\xc2\x84\xc3\x8c\xc3\x8cD\xc3\x8d\xc3\x84\x05\x1d\xc3\x97\xc3\x95\xc2\x9c\xc2\x9e\x19\xc2\x9c\xc2\xb4Y\xc2\x99","blacklist":[],"whitelist":[]},{"license":"\xc3\x88L\xc3\x8d\xc3\x94D\xc3\x8d\xc3\x84\x01\x1d\xc3\x82Q\xc2\x9e\xc2\x8c\xc2\x91\xc2\x99\xc3\xa0Y\xc3\x9d",' … b'["atlanticcitywebcam.com","ftlauderdalebeachcam.com","ftlauderdalewebcam.com","fllbeachcam.com","juneauharborwebcam.com","keywestharborwebcam.com","kittycatcam.com","mahobeachcam.com","miamiairportcam.com","morganhillwebcam.com","njwildlifecam.com","nyharborwebcam.com","paradiseislandcam.com","pompanobeachcam.com","palmbeachinletwebcam.com","portarubawebcam.com","portbermudawebcam.com","portcanaveralwebcam.com","portevergladeswebcam.com","porteverglades.tv","portfever.com","portmiamiwebcam.com","portnassauw' … b'["tutorah.tv","tutorahkids.tv","www.100fm.co.il","www.tutorah.tv","www.tutorahkids.tv","100fm.multix.co.il","xtml2.streamgates.net","zplayer.streamgates.net","cplayer.streamgates.net"],"j\xc2\x9aV\xc2\x86+^\xc2\x96+-":[]},{"license":"\xc3\x99L\xc3\x8d\xc3\x86\x04\xc3\x8d\xc3\x84\x05\x1c\xc2\xb5\xc2\x91\xc2\x99\xc3\xab\x1d\xc2\x9b\xc3\x8a\xc2\x91\xc2\x9a",' … b'["onnowplay.com","franklytavares.com","irmaosdotados.com.br","agathalira.com.br","brunohot.com.br","erickplay.com","huctorstudios.com","johnputao.online","onnow.me","pietrobecker.com","primoshot.com.br","sabundao.com","surfistamlk.com.br","thayo.online","thoys.me","veltinsouza.com.br","victorferrazinternational.com","fitter.com.br","igrejadefatima.com.br","moradanova.com.br","oleaooficial.com","esposagulosinha.com","exxtevaoprod.com","mlkkarioka.com.br","couplehotbrazil.com","fernandofonsecaoficial.com.br",'

This feature is experimental so please feel free to contact us if you feel any of the reported issues is a false positive or you want to suggest a pattern that should be detected (we are using Yara standard).

Fully automated RESTful API is now available. Subscribe for your free trial today!