Open-source atomic malware analysis

Analyze another

job-ripper-1.1.0.tgz

NPM
Verdict: BENIGN
SHA256: dee3be49a549cb979867790ef9dec384edf0e2213130a4a6182e3ce236d31dd3
Mal-ecule
O(S)H(Po)Md(Pa₇)
Size 43.6 KB download
First seen 7 days ago
Analyzed 7 days ago
Ecosystem javascript
Source npmjs.org

Objectives

notable severity, 70% confident.
supply-chain/metadata-anomaly/dependency npm package has prepublishOnly hook
component severity, 100% confident.
anti-static/obfuscation/code-metrics Benign context: high comment-to-code ratio (≥35%)
component severity, 100% confident.
anti-static/obfuscation/payload Source map file extension
component severity, 100% confident.
anti-static/obfuscation/string JavaScript minified or map basename

Micro-behaviors

notable severity, 85% confident.
process/create Imports worker_threads module
baseline severity, 100% confident.
data/control-flow Infinite loop structure (e.g. for(;;) or while(1))
baseline severity, 100% confident.
data/encode parseInt call
baseline severity, 100% confident.
data/source/syntax parseInt keyword
baseline severity, 82% confident.
data/string JavaScript substring search call
baseline severity, 85% confident.
fs/directory Directory traversal operation
baseline severity, 100% confident.
process/create/shell shell backtick command substitution
baseline severity, 80% confident.
process/info Accesses process.argv (Command line arguments)

Metadata

notable severity, 90% confident.
package Package has TypeScript support
notable severity, 90% confident.
package/fields Package has TypeScript types entry
baseline severity, 90% confident.
encoded-payload Decoded unicode-escape content
baseline severity, 90% confident.
file/text Language-code-named locale module with i18n content
baseline severity, 100% confident.
lang Code uses Symbol iterators
baseline severity, 98% confident.
lang/encoded ANSI color escape sequence encoded
baseline severity, 90% confident.
library Generated dist JavaScript asset

supply-chain

notable severity, 80% confident.
install-hook Package has 'prepare' hook that runs during install

20 of 49 traits shown

Identity

SHA-256 dee3be49a549cb979867790ef9dec384edf0e2213130a4a6182e3ce236d31dd3
Canonical SHA-256 2b82d934a3d066107efa877045037507c66d9651b50b4515aa7cf0647201c1aa
Filename job-ripper-1.1.0.tgz
Package job-ripper
Version 1.1.0

Origin

Source harvest
Feed npmjs.org
Ecosystem javascript
Domain npmjs.org

Timeline

First seen 10 Jun 2026 12:20 UTC
First analyzed 10 Jun 2026 22:01 UTC
Last analyzed 10 Jun 2026 22:01 UTC
Last updated 10 Jun 2026 22:01 UTC

Labeling

Label unknown
Label source harvest
Traits version 3ee62