Skip to content
master
Switch branches/tags
Go to file
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 

README.md

marveloptics_malware

Deobfuscated and reverse engineered javascript malware

Writeup: https://blog.jse.li/posts/marveloptics-malware/

This malware was found on https://www.marveloptics.com/ embedded in the following URLs:

https://www.marveloptics.com/templates/moptics/js/vendor/modernizr.js
https://www.marveloptics.com/libraries/openid/openid.js

sha256 hashes:

cc4eb4839266c655c1bd4868d2994f68e44effd3249322eb37d3673954904f30  modernizr.js
d691b626a821c1bf93d1d75e4e8f0891c81b6f7a1e2c479eacdc18b9ec48d492  openid.js

Original copies are available in the original/ folder of this repository.

deobfuscated.js contains the output of js-beautify -x -s 2 original/openid.js > deobfuscated.js

pretty.js contains my own renamed variables and extensive comments.

About

Deobfuscated + reverse engineered javascript malware

Resources

Releases

No releases published

Packages

No packages published