Open-source atomic malware analysis

Analyze another

github.com-nrdcg-oci-go-sdk-v0.0.0-20260610095658-f3f8ffee4ea2.zip

ZIP
Verdict: BENIGN
SHA256: cabebcc0eaa2f0a6b0afedfece5f7af4485a4c3006d7ea497aa51c548b281ae7
Mal-ecule
O(I)H(Cm)Md(Pa)
Size 7.4 KB download
First seen 7 days ago
Analyzed 7 days ago
Ecosystem go
Source googleusercontent.com

Objectives

suspicious severity, 85% confident.
impact/wipe/disk Mass file deletion pattern
component severity, 100% confident.
anti-static/obfuscation/code-metrics Benign context: high comment-to-code ratio (≥35%)
component severity, 100% confident.
command-and-control/dropper/execution Curl silent download pattern 1
component severity, 84% confident.
execution/lure Cue to run/execute/paste
component severity, 85% confident.
lateral-movement/brute-force Service account oracle
component severity, 98% confident.
supply-chain/trojanized Regex component marker

Micro-behaviors

notable severity, 80% confident.
communications/http/download curl silent flags
baseline severity, 85% confident.
fs/directory Directory traversal operation
baseline severity, 75% confident.
fs/file Shell mv command
baseline severity, 70% confident.
fs/path Unix /tmp/ path reference
baseline severity, 80% confident.
os/console Combined stdout+stderr redirect to /dev/null
baseline severity, 80% confident.
process/create shell script heredoc
baseline severity, 100% confident.
process/create/shell shell script command substitution
component severity, 90% confident.
data/text/keywords Destructive delete verb
component severity, 100% confident.
process/daemonize Redirects output to /dev/null

Metadata

notable severity, 92% confident.
package GitHub module archive lacks Go source
baseline severity, 100% confident.
file Shell script extension family A
baseline severity, 75% confident.
file/text Tiny multi-line text script
baseline severity, 100% confident.
lang Bash shell shebang line
component severity, 95% confident.
build Conda build prefix variables

20 of 24 traits shown

Identity

SHA-256 cabebcc0eaa2f0a6b0afedfece5f7af4485a4c3006d7ea497aa51c548b281ae7
Canonical SHA-256 0e0ddfb33919a68f65bfab3c5983bb575c4c75a456148adb34a1244d88afa902
Filename github.com-nrdcg-oci-go-sdk-v0.0.0-20260610095658-f3f8ffee4ea2.zip
Package github.com
Version v0.0.0-20260610095658-f3f8ffee4ea2

Origin

Source harvest
Feed pkg.go.dev
Ecosystem go
Domain googleusercontent.com

Timeline

First seen 10 Jun 2026 14:04 UTC
First analyzed 10 Jun 2026 17:56 UTC
Last analyzed 10 Jun 2026 17:56 UTC
Last updated 10 Jun 2026 17:56 UTC

Labeling

Label unknown
Label source harvest
Traits version 3ee62