generic_javascript_obfuscation5 in www.stilts.com

On 2020-08-01T23:28:09.347383+00:00 we found pattern generic_javascript_obfuscation5, type: Suspicious, (JavaScript obfuscation is frequently used to hide malicious code (or with hope to protect intellectual property)) in the page https://www.stilts.com/wp-content/plugi… referenced from http://stilts.com/ .

Code sample:

b'["text","search","url","tel","email","\xc2\xa5\xc2\xab,\xc3\x82\xc2\x8a\xc3\x9d","number","\xc2\xb5\xc3\xacmj\xc2\xb7\xc2\x9a"],C=[27,33,34,35,36,37,38,39,40,8,46],k="#ccc",I="placeholdersjs",R=RegExp("(?:^|\\s)"+I+"(?!\\S)"),V="data-placeholder-value",P="data-placeholder-active",D="data-placeholder-type",U="data-placeholder-submit",j="data-placeholder-bound",q="data-placeholder-focus",Q="data-placeholder-live",z="data-placeholder-maxlength",'

This feature is experimental so please feel free to contact us if you feel any of the reported issues is a false positive or you want to suggest a pattern that should be detected (we are using Yara standard).

Fully automated RESTful API is now available. Subscribe for your free trial today!