Mal-ecule
O₂(As₂I₃)H₃(Db₂Cm₄U)
Found in 1 archive
Objectives
suspicious severity, 95% confident.
anti-static/obfuscation/encoding
Encoded eval() call
suspicious severity, 85% confident.
impact/cryptojacking
Mining pool domain pattern (pool/mining/mine)
suspicious severity, 90% confident.
impact/cryptojacking/miner
Monero wallet mining context
component severity, 97% confident.
supply-chain/trojanized/library
Empty catch hides loader errors
Micro-behaviors
suspicious severity, 85% confident.
data/encode
JavaScript cyclic XOR pattern (e.g. key[i %
notable severity, 90% confident.
communications/http/client
Dynamically loads script element
notable severity, 75% confident.
communications/http/request
XMLHttpRequest network client creation
notable severity, 90% confident.
communications/http/services
Browser sendBeacon telemetry
notable severity, 100% confident.
data/control-flow
Loop variable incremented by a variable step
notable severity, 84% confident.
ui/window/manage
Creates script DOM element
baseline severity, 90% confident.
communications/http
HTTPS protocol prefix
baseline severity, 100% confident.
data/source/syntax
XOR bitwise operator in expression
baseline severity, 100% confident.
os/random/prng
Math.random used for indexing (probabilistic character selection)
component severity, 100% confident.
fs/write
ADODB.Stream Open method call
component severity, 100% confident.
os/console
JavaScript console object
Metadata
baseline severity, 90% confident.
encoded-payload
Decoded unicode-escape content
baseline severity, 80% confident.
file/text
Sequential source identifier names
baseline severity, 95% confident.
lang
JavaScript or TypeScript basename
component severity, 100% confident.
file
Web asset file extension (css/html/js/json)
component severity, 100% confident.
lang/encoded
JavaScript file basename
20 of 38 traits shown
Objectives
suspicious severity, 95% confident.
anti-static/obfuscation/encoding
Encoded eval() call
suspicious severity, 85% confident.
impact/cryptojacking
Mining pool domain pattern (pool/mining/mine)
suspicious severity, 90% confident.
impact/cryptojacking/miner
Monero wallet mining context
component severity, 97% confident.
supply-chain/trojanized/library
Empty catch hides loader errors
Micro-behaviors
suspicious severity, 85% confident.
data/encode
JavaScript cyclic XOR pattern (e.g. key[i %
notable severity, 90% confident.
communications/http/client
Dynamically loads script element
notable severity, 75% confident.
communications/http/request
XMLHttpRequest network client creation
notable severity, 90% confident.
communications/http/services
Browser sendBeacon telemetry
notable severity, 100% confident.
data/control-flow
Loop variable incremented by a variable step
notable severity, 84% confident.
ui/window/manage
Creates script DOM element
baseline severity, 90% confident.
communications/http
HTTPS protocol prefix
baseline severity, 100% confident.
data/source/syntax
XOR bitwise operator in expression
baseline severity, 100% confident.
os/random/prng
Math.random used for indexing (probabilistic character selection)
component severity, 100% confident.
fs/write
ADODB.Stream Open method call
component severity, 100% confident.
os/console
JavaScript console object
Metadata
baseline severity, 90% confident.
encoded-payload
Decoded unicode-escape content
baseline severity, 80% confident.
file/text
Sequential source identifier names
baseline severity, 95% confident.
lang
JavaScript or TypeScript basename
component severity, 100% confident.
file
Web asset file extension (css/html/js/json)
component severity, 100% confident.
lang/encoded
JavaScript file basename
20 of 38 traits shown
Identity
| SHA-256 | d4e79df98be10a6f358cfd304fe9f0bb4b55226bc79bd132a2032e6138f663c3 |
|---|---|
| Filename | package/xmr-min.js |
Origin
| Source | forager |
|---|---|
| Feed | aikido.dev |
| Ecosystem | javascript |
Timeline
| First seen | 9 Jun 2026 16:34 UTC |
|---|---|
| First analyzed | 9 Jun 2026 16:34 UTC |
| Last analyzed | 9 Jun 2026 16:34 UTC |
| Last updated | 9 Jun 2026 16:34 UTC |
Labeling
| Label | bad |
|---|---|
| Label source | forager |
Not seeing what you expected? Let us know