Sophisticated RAT Targeting Gulp Projects on npm
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Data Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004
Show in Graph
Common Information
Type Value
UUID cee86e53-68a6-4921-8b7a-a0116d6f9897
Fingerprint 842095032905178b
Analysis status DONE
Considered CTI value 0
Text language
Published May 31, 2024, midnight
Added to db Aug. 31, 2024, 1:12 a.m.
Last updated Nov. 18, 2024, 2:36 a.m.
Headline Sophisticated RAT Targeting Gulp Projects on npm
Title Sophisticated RAT Targeting Gulp Projects on npm
Detected Hints/Tags/Attributes 42/2/14
Source URLs
Redirection Url
Details Source https://blog.phylum.io/sophisticated-rat-shell-targeting-gulp-projects-on-npm/
URL Provider
Details Provider Source level domain
Details phylum.io blog.phylum.io
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 46 Phylum https://blog.phylum.io/rss/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details File 156 
package.json
Details File 174 
index.js
Details File 1 
play.js
Details File 1 
play-share.js
Details File 1 
locallogger.bin
Details File 1 
exports.bin
Details File 3 
compress.exe
Details File 1 
childprocess.exe
Details File 2127 
cmd.exe
Details File 1 
lock.log
Details File 7 
os.tmp
Details File 365 
console.log
Details File 42 
request.url
Details File 1 
play-safe.js