generic_javascript_obfuscation5 in www.oscarvmago.com

On 2020-09-09T15:47:59.638388+00:00 we found pattern generic_javascript_obfuscation5, type: Suspicious, (JavaScript obfuscation is frequently used to hide malicious code (or with hope to protect intellectual property)) in the page https://www.oscarvmago.com/wp-content/p… referenced from http://oscarvmago.com/ .

Code sample:

b'["select","option","keygen","u\xc2\xabZ\xc2\x96+-","\xc2\xb5\xc3\xacmj\xc2\xb7\xc2\x9a"]},scrollButtons:{scrollType:"\xc2\xb2\xc3\x97\xc2\xa9\xc2\x95\xc3\xab,",scrollAmount:"auto"},keyboard:{enable:!0,scrollType:"\xc2\xb2\xc3\x97\xc2\xa9\xc2\x95\xc3\xab,",scrollAmount:"auto"},contentTouchScroll:25,documentTouchScroll:!0,advanced:{autoScrollOnFocus:"input,\xc2\xb5\xc3\xacmj\xc2\xb7\xc2\x9a,select,button,u\xc2\xabZ\xc2\x96+-,keygen,a[\xc2\xb5\xc2\xa6\xc3\xa2\xc2\x9d\xc3\x97\xc2\xb1],area,object,[contenteditable=\'true\']",updateOnContentResize:!0,updateOnImageLoad:"auto",autoUpdateTimeout:60},theme:"light",callbacks:{onTotalScrollOffset:0,onTotalScrollBackOffset:0,alwaysTrigg' … b'["mCSB_dragger_onDrag","mCSB_scrollTools_onDrag","mCS_img_loaded","mCS_disabled","mCS_destroyed","mCS_no_scrollbar","mCS-autoHide","mCS-dir-rtl","mCS_no_scrollbar_y","mCS_no_scrollbar_x","mCS_y_hidden","mCS_x_hidden","mCSB_draggerContainer","mCSB_buttonUp","mCSB_buttonDown","mCSB_buttonLeft",' … b'["rounded","rounded-dark","rounded-dots","rounded-dots-dark"],a=["rounded-dots","rounded-dots-dark","3d","3d-dark","3d-thick","3d-thick-dark","inset","inset-dark","inset-2","inset-2-dark","inset-3","inset-3-dark"],n=["minimal","minimal-dark"],i=["minimal","minimal-dark"],r=["minimal",' … b'["rounded-dots","rounded-dots-dark","3d","3d-dark","3d-thick","3d-thick-dark","inset","inset-dark","inset-2","inset-2-dark","inset-3","inset-3-dark"],n=["minimal","minimal-dark"],i=["minimal","minimal-dark"],r=["minimal",'

This feature is experimental so please feel free to contact us if you feel any of the reported issues is a false positive or you want to suggest a pattern that should be detected (we are using Yara standard).

Fully automated RESTful API is now available. Subscribe for your free trial today!