Open-source atomic malware analysis

Analyze another

consultimator-1.3.2.zip

ZIP
Verdict: BENIGN
SHA256: 300118a67787ba6ed7363be3a2209c2cba35db6f638ceab5768c570ac471e6ae
Mal-ecule
O₃(AlAs₂S)H₃(CrFU₂)
Size 64.4 KB download
First seen 28 days ago
Analyzed 26 days ago
Ecosystem wordpress
Source wordpress.org

Well-known

baseline severity, 97% confident.
lib protobuf-ts MessageType class

Objectives

notable severity, 80% confident.
anti-analysis/environment-detect Checks for absence of window (WSH context)
notable severity, 85% confident.
anti-static/obfuscation/code-metrics Generated or transformed code
notable severity, 90% confident.
anti-static/obfuscation/string Dense concatenated string fragments
notable severity, 88% confident.
supply-chain/hidden-payload/extensions Sends postMessage to iframe
baseline severity, 80% confident.
anti-static/obfuscation Many comma sequence expressions (obfuscation)
baseline severity, 80% confident.
credential-access/financial Field filter returns true
baseline severity, 90% confident.
supply-chain/metadata-anomaly/manifest Observes DOM mutations

Micro-behaviors

notable severity, 70% confident.
crypto/hash MD5 hash computation
notable severity, 80% confident.
fs/read Self-reference via __FILE__
notable severity, 78% confident.
ui/graphics Uses animation frame callback
notable severity, 78% confident.
ui/window/manage References iframe DOM element
baseline severity, 90% confident.
communications/http HTTPS protocol prefix
baseline severity, 90% confident.
data/source Prototype guard checks constructor
baseline severity, 82% confident.
data/string JavaScript substring search call

Metadata

baseline severity, 85% confident.
file/text High function density
baseline severity, 95% confident.
lang JavaScript or TypeScript basename
baseline severity, 100% confident.
lang/encoded JavaScript file basename
baseline severity, 90% confident.
library Minified UMD AMD branch (reversed comparison)
baseline severity, 90% confident.
package Code has source map reference

20 of 43 traits shown

Identity

SHA-256 300118a67787ba6ed7363be3a2209c2cba35db6f638ceab5768c570ac471e6ae
Filename consultimator-1.3.2.zip
Package consultimator
Version 1.3.2

Origin

Source harvest
Feed wordpress.org
Ecosystem wordpress
Domain wordpress.org

Timeline

First seen 23 May 2026 10:00 UTC
First analyzed 25 May 2026 06:55 UTC
Last analyzed 25 May 2026 06:55 UTC
Last updated 25 May 2026 06:55 UTC

Labeling

Label unknown
Label source harvest
Traits version 9ea7c