generic_javascript_obfuscation5 in creative.cmrdr.com

On 2020-08-04T03:33:53.211161+00:00 we found pattern generic_javascript_obfuscation5, type: Suspicious, (JavaScript obfuscation is frequently used to hide malicious code (or with hope to protect intellectual property)) in the page https://creative.cmrdr.com/widgets/stri… referenced from https://go.schjmp.com/ .

Code sample:

b'["de","fr","es","it","ru","pt","ja","nl","pl","ro","no","sv","el","ar","hu","cs","tr",' … b'["cs","de","el","en","es","fr","hi","hu","it","ja","ko","nb","nl","pl","pt","ru","sv",' … b'["female","females","maleFemale","}\xc3\xa9\xc2\x9a\xc2\x95\xc3\xa4\xc3\xabjy\xc3\xb2"]),Zo(Jo,Rr,["male","males","maleTranny"]),Zo(Jo,Fr,["tranny","\xc2\xb6\xc2\xb6\xc2\xa7\xc2\x9e\'\xc2\xac","}\xc3\xa9\xc2\x9a\xc2\x95\xc3\xa4\xc3\xabjy\xc3\xb2",'

This feature is experimental so please feel free to contact us if you feel any of the reported issues is a false positive or you want to suggest a pattern that should be detected (we are using Yara standard).