Misooo 0 Posted October 24, 2023 Share Posted October 24, 2023 Hi guys, can you please provide more info about "JS/Agent.RDF Trojan" threat? Website (JS) is maybe false positive detected, but I can not find any further info about this. Thanks Link to comment Share on other sites More sharing options...
Administrators Marcos 5,168 Posted October 24, 2023 Administrators Share Posted October 24, 2023 What website was the detection triggered on? Link to comment Share on other sites More sharing options...
Misooo 0 Posted October 24, 2023 Author Share Posted October 24, 2023 smf.sk Link to comment Share on other sites More sharing options...
Administrators Solution Marcos 5,168 Posted October 24, 2023 Administrators Solution Share Posted October 24, 2023 The website is indeed infected: Link to comment Share on other sites More sharing options...
thae 11 Posted October 24, 2023 Share Posted October 24, 2023 Got another JS/Agent.RCW Trojan for www.sprintbox.de What do you look for in the raw details to determine if it might be a true positive? Something like obfuscated JS? For the named website I found function _0x9e23(_0x14f71d,_0x4c0b72){const _0x4d17dc=_0x4d17(); ...$andSoOn... Does this look like strange, obfuscated JS? Link to comment Share on other sites More sharing options...
Recommended Posts