{"abType":"BYTECODE","createdAt":"2026-06-14T08:09:06.585Z","flavor":0,"immId":"","keccakId":"0xd30c7ba8714857138111a9d9996ffeb344f809f4537f8ee2ed0c2b37d3e3e019","matcher":{"bytecodeHash":"0x1a2b3c4d5e6f7a8b9c0d1e2f3a4b5c6d7e8f9a0b1c2d3e4f5a6b7c8d9e0f1234","kind":"bytecode"},"publisher":"0x8c2064f0328456c99c3e5cef61083ff80a08db09","reasonSummary":"Deployed-runtime hash of the Pink Drainer kit. Operators rotate deploy addresses on a daily-to-weekly cadence, but they reuse a single compiled artifact, so the bytecode hash anchors detection across the entire affiliate fleet. Attribution comes from ScamSniffer's warnlist correlation between kit deployments and stolen-approval receipts. Treating bytecode matches as MALICIOUS short-circuits the affiliate-rotation game.","schema":"immunity/antibody-envelope/v1"}