qairt_visualizer-0.11.0-py3-none-macosx_11_0_arm64.whl

WHL

BENIGN

Mal-ecule

Size 58.6 MB download

First seen 7 days ago

Analyzed 7 days ago

Ecosystem python

Source pythonhosted.org

Objectives

command-and-control/dropper Complete dropper lifecycle (Fetch + Write + Execute)

evasion/process/injection Node-API addon with shellcode injection capability

exfiltration Sensitive file read and exfiltration (JS)

supply-chain/hidden-payload PyPI package fetches writes executes payload

anti-analysis/geofencing CIS region timezone offset checks

anti-static/obfuscation Instantiating an object via 'this' with bracket

anti-static/obfuscation/eval Generic Function constructor usage

anti-static/obfuscation/string Massive string concatenation operations

anti-static/pack Node imports payload decoder

command-and-control/backdoor/tasking Node C2 command response dispatch

command-and-control/remote-command WebSocket sends host environment context

credential-access/env/secrets process.env secret-name filter regex

evasion/quarantine-removal Rust xattr quarantine delete

evasion/security-bypass checkServerIdentity returns undefined/null

execution/interpreter/eval Global object assignment (root/self/global)

exfiltration/http Python raw socket stream

exfiltration/stealer/host-profile TS host profile fields

supply-chain/impersonation Suspicious npm package clone detected

supply-chain/recon-exfil/oast Node encodes host profile JSON as base64

process/create/shell WScript Run hides launched process

20 of 191 traits shown

SHA-256	3cf5b4b45eca69e643cfd90bc9590952d18677b0fdf2a65829135f072c51c7fe
Canonical SHA-256	000877d1b0f3d96fa96340eacd5e83109ed2166e0698a934c1ed2bd2a5d78e51
Filename	qairt_visualizer-0.11.0-py3-none-macosx_11_0_arm64.whl
Package	qairt-visualizer
Version	0.11.0-py3-none-macosx_11_0_arm64

Not seeing what you expected? Let us know