Mal-ecule
O₂(PS)H(Cm)
Objectives
notable severity, 82% confident.
persistence/system
OpenWrt init.d enable marker
notable severity, 70% confident.
supply-chain/metadata-anomaly
PKG-INFO with single generic keyword
component severity, 92% confident.
anti-analysis/geofencing
hostname equality literal
component severity, 85% confident.
collection/database
Regex for database users
component severity, 78% confident.
command-and-control/backdoor/dispatch
Regex component marker
component severity, 80% confident.
command-and-control/remote-command
Function with an args parameter
component severity, 75% confident.
credential-access/financial
Regex component marker
component severity, 70% confident.
evasion/anti-av/platform
"permissive" keyword
component severity, 80% confident.
supply-chain/impersonation
credential filename substring marker
component severity, 93% confident.
supply-chain/metadata-anomaly/registry
Regex component marker
Micro-behaviors
notable severity, 90% confident.
communications/http
HTTP request targets loopback address (local IPC)
baseline severity, 75% confident.
communications/ip
Hardcoded localhost network host
baseline severity, 70% confident.
data/decode
Hex decoding via int(x, 16)
baseline severity, 70% confident.
data/text/keywords
CRED keyword in env variable
component severity, 90% confident.
communications/url
Python commented URL line context
component severity, 80% confident.
data/text
Python import-from statement
component severity, 100% confident.
process/create/shell
Regex component marker
Metadata
baseline severity, 100% confident.
file
Python file extension
baseline severity, 80% confident.
file/text
Sequential source identifier names
baseline severity, 95% confident.
package
PyPI package has basic metadata
20 of 21 traits shown
Identity
| SHA-256 | 68fcf75693e961f3af26683b23c4b9a8fb6b64de17d20d0c37b95e8de7ab2ed8 |
|---|---|
| Canonical SHA-256 | 20108bea57557da2b56c3e5f0dfcc0997c97d2429a0950ad1fb00f74689af43d |
| Filename | flask_cors-6.0.5-py3-none-any.whl |
| Package | flask-cors |
| Version | 6.0.5-py3-none-any |
Origin
| Source | harvest |
|---|---|
| Feed | pypi.org |
| Ecosystem | python |
| Domain | pythonhosted.org |
Timeline
| First seen | 11 Jun 2026 21:21 UTC |
|---|---|
| First analyzed | 11 Jun 2026 21:49 UTC |
| Last analyzed | 11 Jun 2026 21:49 UTC |
| Last updated | 11 Jun 2026 21:49 UTC |
Labeling
| Label | good |
|---|---|
| Label source | harvest |
| Traits version | e31a3 |
Not seeing what you expected? Let us know