We're building a Angular 1.x app with Bootstrap ponents. We recently added Sentry debugging to site and just got this error:
'PAPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGX' is undefined
browser = IE 11.0
device = Other
level = error
logger = javascript
os = Windows 8.1Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; .NET4.0E; .NET4.0C; .NET CLR 3.5.30729; .NET CLR 2.0.50727; .NET CLR 3.0.30729; InfoPath.3; MDDCJS; rv:11.0) like Gecko
I found a couple of references on Twitter but nothing else. Anyone seen this before? How can I fix this?
We're building a Angular 1.x app with Bootstrap ponents. We recently added Sentry debugging to site and just got this error:
'PAPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGX' is undefined
browser = IE 11.0
device = Other
level = error
logger = javascript
os = Windows 8.1Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; .NET4.0E; .NET4.0C; .NET CLR 3.5.30729; .NET CLR 2.0.50727; .NET CLR 3.0.30729; InfoPath.3; MDDCJS; rv:11.0) like Gecko
I found a couple of references on Twitter but nothing else. Anyone seen this before? How can I fix this?
Share Improve this question edited Jun 20, 2020 at 9:12 CommunityBot 11 silver badge asked Jun 20, 2016 at 17:58 mryarblesmryarbles 3782 silver badges8 bronze badges 5- It appears others are experiencing this as well (including my pany, just today): twitter./dpaola2/status/491433981942829057 – John Washam Commented Jun 21, 2016 at 18:33
- Any ideas? Only on IE11 - still seeing this pop up sometimes – tim Commented Mar 28, 2017 at 22:23
- Seen today from IE11 on windows 8.1. Looks like hacker activity but doesn't seem to be. – markus Commented Nov 2, 2017 at 22:09
- Possibly related? social.msdn.microsoft./Forums/sqlserver/en-US/… – chiliNUT Commented Nov 2, 2017 at 22:32
-
When you remove the
sentryfrom the site, does the error disappear? – Ivan Sivak Commented Nov 4, 2017 at 21:04
2 Answers
Reset to default 6 +250That's probably a malware works, mostly reported on windows platform. As you can see from the question, ments and from the internet; all reported for windows systems. According to few malicious activity logging/analysis/reporting service (see ref links below); the malware writes/ends the file with a series of “PADDINGPADDINGXX” strings.
Search in extracted strings section of following sites
- https://www.hybrid-analysis./sample/90fa224a030dc8c20e31bc5a6bd02885605e36d01646f40151ba23741830efb7?environmentId=1
- https://totalhash.cymru./analysis/?d88d47519bcc49b5c3b345e98e87d20b8928a2c3
- https://www.reverse.it/sample/8cb0a45f5a071c0f521a8afb62335e23fdcc3a3e06bac9a392bff1a89b40cf8c?environmentId=100
- https://www.reverse.it/sample/3f62bec0770de977b84b61c4f72813120f8d6fb6eb4caf96dc7e8e7b4676e444?environmentId=100
- https://www.zscaler./blogs/research/current-trojan-ambler-activity
- https://malwr./analysis/MzIyYmFkMWM1M2FmNDVlM2JlZjBmYmYwZmM4NDIwMTI/
This is a speculative answer. But I intend this to be a resource collection of links pointing towards understanding this issue. Feel free to improve this!
- Malware analysis of rtfn.exe
- Visual Studio error :: Error occurring due to one click amazon toolbar
- Bloated application size
- Releasing a game for different platforms :: It states the following:
ac2game.dat is just your windows .exe renamed. You can snip out the unnecessary executable parts by opening it in a hex editor and searching for the string "PADDING". There is a block of text that repeats "PADDINGXX" for a bit, then "CLIB". Chop out everything before CLIB (but leave CLIB). This saves a little space.
- Extracting resources with dlls
- 4 lines PADDINGXX at the end of executable
- interesting IRC log
It's always good to sumble upon a good 1.8k block of "PADDINGXXPADDINGXXPADDINGXX"
All of this leads me to believe that this occurs when memory is allocated, but not utilised. So in your case IE spaghetti code must have picked up some of this.