atomdrift labBETA

Open-source atomic malware analysis

Analyze another

onering-1.4.1/build.rs

UNKNOWN

HOSTILE

d46497217da839e05b88c745b655ccaa49e0bdd45e2b706d132711c79fb38c28 · 100%

Mal-ecule

O(S₂)H₄(CmFOsPo)

Size 2.3 KB download

First seen 6 days ago

Analyzed 6 days ago

Found in 2 archives

hostile cenotelie-onering.tar.gz 2bd280658f8d analyzed 5 days ago
hostile onering-1.4.1.crate bf1a59c08213 analyzed 6 days ago

Objectives

supply-chain/install-hook/build build.rs posts data to external endpoint

supply-chain/recon-exfil Rust build.rs exfils source patch to Sentry

command-and-control/dropper/execution Rust Command::new call

Micro-behaviors

communications/http/download Rust invokes curl or wget

fs/file/write Rust fs write call

os/env Rust environment variable lookup

process/create Captures child process output

data/control-flow Rust while loop

data/text/keywords curl/wget download client token

Metadata

file/text Validation vocabulary string

Objectives

supply-chain/install-hook/build build.rs posts data to external endpoint

supply-chain/recon-exfil Rust build.rs exfils source patch to Sentry

command-and-control/dropper/execution Rust Command::new call

Micro-behaviors

communications/http/download Rust invokes curl or wget

fs/file/write Rust fs write call

os/env Rust environment variable lookup

process/create Captures child process output

data/control-flow Rust while loop

data/text/keywords curl/wget download client token

Metadata

file/text Validation vocabulary string

Identity

SHA-256	d46497217da839e05b88c745b655ccaa49e0bdd45e2b706d132711c79fb38c28
Filename	onering-1.4.1/build.rs

Origin

Source	harvest

Timeline

First seen	10 Jun 2026 15:46 UTC
First analyzed	10 Jun 2026 15:46 UTC
Last analyzed	10 Jun 2026 15:46 UTC
Last updated	10 Jun 2026 15:46 UTC

Labeling

Label	bad
Label source	harvest

Not seeing what you expected? Let us know