Detects a crypto drainer that hides commonly within the
file named utils.js and has a seperate showMess.js file
with functions used to send window alerts.
title: SMU Crypto Drainer d9da4dc1
description: |
Detects a crypto drainer that hides commonly within the
file named `utils.js` and has a seperate `showMess.js` file
with functions used to send window alerts.
references:
- https://urlscan.io/result/d9da4dc1-2252-45b6-b23a-2860b3d31531
- https://urlscan.io/result/b7c65cea-65fe-44c8-ae80-40407936ddc9
- https://urlscan.io/search/#filename%3A%22utils.js%22%20AND%20filename%3A%22showMess.js%22
detection:
drainerFiles:
requests|contains|all:
- 'utils.js'
- 'showMess.js'
alertFunctions:
js|contains|all:
- 'showSuccess'
- 'showError'
- 'showInfo'
backendEndpoint:
js|contains: 'logo1.png'
condition: drainerFiles and alertFunctions and backendEndpoint
tags:
- kit
- crypto_drainer.smu
- cryptocurrency
- cryptocurrency.ethereum