enaium.jimmer-buddy-lsp-0.4.0.vsix

VSIX

SUSPICIOUS

Mal-ecule

Size 55.3 MB download

First seen 5 days ago

Analyzed 5 days ago

Ecosystem vscode

Source open-vsx.org

Objectives

anti-static/obfuscation/reflection JVM reflection command exec

command-and-control/channel/deaddrop URL dead drop / indirection pattern

exfiltration/http Java HTTP data exfiltration

anti-analysis/geofencing CIS region timezone offset checks

anti-analysis/timing Kotlin Thread.sleep check

anti-static/obfuscation/payload Java bytecode Base64 decode to Runtime.exec

command-and-control/backdoor/tasking JS execSync command call

command-and-control/channel Hardcoded Discord bot token

command-and-control/dropper Spawned Python executes stdin payload

command-and-control/dropper/execution JVM ProcessBuilder bytecode

credential-access/env/secrets DISCORD_TOKEN environment variable access

evasion/hijack-execution-flow Node hidden module inject

evasion/self-delete/file Java bytecode delayed file deletion

execution/compile Java bytecode URLClassLoader

exfiltration/stealer/credential Node AWS credential path

exfiltration/stealer/host-profile TS collects process and env

impact/ransom/encrypt Java locked file extension

impact/wipe QNX Node process kill loop

persistence/login/shell JVM profile bytecode

fs/path/sensitive GitHub CLI authentication hosts file

20 of 291 traits shown

SHA-256	43fc0dff4445c6ea8fe8b88cd5bc3b84027d07a7a5e4ebd79d2026d8d9784bd2
Canonical SHA-256	0000c51a9d341c509ee62736a86b4e010ca42669f5675cfa67851484e44e93f3
Filename	enaium.jimmer-buddy-lsp-0.4.0.vsix
Package	enaium
Version	0.4.0

Not seeing what you expected? Let us know