generic_javascript_obfuscation5 in sagrada-familia.edu.ar

On 2020-09-15T02:20:24.665537+00:00 we found pattern generic_javascript_obfuscation5, type: Suspicious, (JavaScript obfuscation is frequently used to hide malicious code (or with hope to protect intellectual property)) in the page https://sagrada-familia.edu.ar/wp-conte… referenced from http://www.sagrada-familia.edu.ar/ .

Code sample:

b"['Years','Months','Weeks','Days','Hours','Minutes','Seconds'],labels1:['Year','Month','Week','Day','Hour','Minute','Second'],compactLabels:['y','m','w','d'],whichLabels:null,digits:['0','1','2','3','4','5','6','7','8','9'],timeSeparator:':',isRTL:false}},_getters:['\xc2\x81\xc3\xabS\xc2\x8ag\xc2\xac'],_rtlClass:pluginName+'-rtl',_sectionClass:pluginName+'-section',_amountClass:pluginName+'-amount',_periodClass:pluginName+'-period',_rowClass:pluginName+'-row',_holdingClass:pluginName+'-holding',_showClass:pluginName+'-show',_descrC" … b"['Year','Month','Week','Day','Hour','Minute','Second'],compactLabels:['y','m','w','d'],whichLabels:null,digits:['0','1','2','3','4','5','6','7','8','9'],timeSeparator:':',isRTL:false}},_getters:['\xc2\x81\xc3\xabS\xc2\x8ag\xc2\xac'],_rtlClass:pluginName+'-rtl',_sectionClass:pluginName+'-section',_amountClass:pluginName+'-amount',_periodClass:pluginName+'-period',_rowClass:pluginName+'-row',_holdingClass:pluginName+'-holding',_showClass:pluginName+'-show',_descrClass:pluginName+'-descr'," … b"['y','m','w','d'],whichLabels:null,digits:['0','1','2','3','4','5','6','7','8','9'],timeSeparator:':',isRTL:false}},_getters:['\xc2\x81\xc3\xabS\xc2\x8ag\xc2\xac'],_rtlClass:pluginName+'-rtl',_sectionClass:pluginName+'-section',_amountClass:pluginName+'-amount',_periodClass:pluginName+'-period',_rowClass:pluginName+'-row',_holdingClass:pluginName+'-holding',_showClass:pluginName+'-show',_descrClass:pluginName+'-descr'," … b"['0','1','2','3','4','5','6','7','8','9'],timeSeparator:':',isRTL:false}},_getters:['\xc2\x81\xc3\xabS\xc2\x8ag\xc2\xac'],_rtlClass:pluginName+'-rtl',_sectionClass:pluginName+'-section',_amountClass:pluginName+'-amount',_periodClass:pluginName+'-period',_rowClass:pluginName+'-row',_holdingClass:pluginName+'-holding',_showClass:pluginName+'-show',_descrClass:pluginName+'-descr',"

This feature is experimental so please feel free to contact us if you feel any of the reported issues is a false positive or you want to suggest a pattern that should be detected (we are using Yara standard).