Mal-ecule
O₅(LaAlAsCEr)H₄(DsF₂Os₂Po₄)
Found in 2 archives
Objectives
suspicious severity, 85% confident.
lateral-movement/exploit
Memory protection+injection exploitation pattern
notable severity, 85% confident.
anti-analysis/environment-detect
Adaptive behavior based on environment
notable severity, 90% confident.
anti-static/obfuscation/eval
Packed binary process execution
notable severity, 95% confident.
command-and-control/dropper/execution
LuaJIT runtime strings cluster
notable severity, 90% confident.
evasion/process/injection
W^X memory protection constants with VirtualProtect and CreateThread
Micro-behaviors
notable severity, 95% confident.
dylib/load
Extended dynamic library loading (ANSI)
notable severity, 66% confident.
fs/file
Delete files (Windows API)
notable severity, 80% confident.
fs/temp
Temp directory staging primitives
notable severity, 92% confident.
os/api-resolution
Custom API resolver logic (manual module/export resolution)
notable severity, 70% confident.
os/syscall
NtAllocateVirtualMemory syscall setup
notable severity, 95% confident.
process/create
Create process (Unicode)
notable severity, 96% confident.
process/interpreter
Embedded Lua virtual machine
notable severity, 95% confident.
process/terminate
Process termination via TerminateProcess
baseline severity, 95% confident.
hardware/display
Unicode console output
baseline severity, 95% confident.
mem/protect
Modify memory page protection
Metadata
baseline severity, 95% confident.
binary
mscoree name reference
baseline severity, 100% confident.
binary/metrics
Binary has 1000 or more strings
baseline severity, 100% confident.
file
Windows executable extension
baseline severity, 100% confident.
hardening
DEP / NX enabled (NX_COMPAT)
baseline severity, 95% confident.
package
Zip archive path
20 of 83 traits shown
Objectives
suspicious severity, 85% confident.
lateral-movement/exploit
Memory protection+injection exploitation pattern
notable severity, 85% confident.
anti-analysis/environment-detect
Adaptive behavior based on environment
notable severity, 90% confident.
anti-static/obfuscation/eval
Packed binary process execution
notable severity, 95% confident.
command-and-control/dropper/execution
LuaJIT runtime strings cluster
notable severity, 90% confident.
evasion/process/injection
W^X memory protection constants with VirtualProtect and CreateThread
Micro-behaviors
notable severity, 95% confident.
dylib/load
Extended dynamic library loading (ANSI)
notable severity, 66% confident.
fs/file
Delete files (Windows API)
notable severity, 80% confident.
fs/temp
Temp directory staging primitives
notable severity, 92% confident.
os/api-resolution
Custom API resolver logic (manual module/export resolution)
notable severity, 70% confident.
os/syscall
NtAllocateVirtualMemory syscall setup
notable severity, 95% confident.
process/create
Create process (Unicode)
notable severity, 96% confident.
process/interpreter
Embedded Lua virtual machine
notable severity, 95% confident.
process/terminate
Process termination via TerminateProcess
baseline severity, 95% confident.
hardware/display
Unicode console output
baseline severity, 95% confident.
mem/protect
Modify memory page protection
Metadata
baseline severity, 95% confident.
binary
mscoree name reference
baseline severity, 100% confident.
binary/metrics
Binary has 1000 or more strings
baseline severity, 100% confident.
file
Windows executable extension
baseline severity, 100% confident.
hardening
DEP / NX enabled (NX_COMPAT)
baseline severity, 95% confident.
package
Zip archive path
20 of 83 traits shown
Identity
| SHA-256 | 5eefdc7551235432c91e85b80d1a9ef3976055d09ffbbe54c12338da3c559852 |
|---|---|
| Filename | github.com/mehdimin11/[email protected]/examples/Software-v1.1-alpha.1.zip |
| Package | Software |
| Version | v1.1-alpha.1 |
Origin
| Source | forager |
|---|---|
| Feed | pkg.go.dev |
| Ecosystem | go |
Timeline
| First seen | 13 Jun 2026 07:46 UTC |
|---|---|
| First analyzed | 13 Jun 2026 07:46 UTC |
| Last analyzed | 13 Jun 2026 07:46 UTC |
| Last updated | 13 Jun 2026 07:46 UTC |
Labeling
| Label | bad |
|---|---|
| Label source | harvest |
Not seeing what you expected? Let us know