{"schema":"immunity/antibody-envelope/v1","keccakId":"0x691c416660a419dda8345539de0c5a049b9b72ed53fbfa83b5132108824388e4","immId":"","abType":"BYTECODE","flavor":0,"publisher":"0x4789ddae13d7cbf11aa97d39b201d973d01cbc28","createdAt":"2026-04-29T17:58:49.100Z","reasonSummary":"Deployed-runtime hash of the Pink Drainer kit. Operators rotate deploy addresses on a daily-to-weekly cadence, but they reuse a single compiled artifact, so the bytecode hash anchors detection across the entire affiliate fleet. Attribution comes from ScamSniffer's warnlist correlation between kit deployments and stolen-approval receipts. Treating bytecode matches as MALICIOUS short-circuits the affiliate-rotation game.","matcher":{"kind":"bytecode","bytecodeHash":"0x1a2b3c4d5e6f7a8b9c0d1e2f3a4b5c6d7e8f9a0b1c2d3e4f5a6b7c8d9e0f1234"}}