There’s a RAT in my code: new npm malware with Bladabindi trojan spotted
Common Information
Type Value
UUID d6c0de02-2515-48ba-a9c3-c360789947d9
Fingerprint ac141f0ba933375b
Analysis status DONE
Considered CTI value 0
Text language
Published Dec. 1, 2020, 7 p.m.
Added to db Sept. 11, 2022, 12:30 p.m.
Last updated Dec. 23, 2024, 10:10 a.m.
Headline Sonatype Blog
Title There’s a RAT in my code: new npm malware with Bladabindi trojan spotted
Detected Hints/Tags/Attributes 58/2/16
Attributes
Details Type #Events CTI Value
Details Domain 25
dl.dropbox.com
Details File 2
jdb.js
Details File 2
db-json.js
Details File 3
discord.dll
Details File 169
package.json
Details File 4
module.js
Details File 15
patch.exe
Details File 1
dchps.exe
Details File 1
c:\users\admin\appdata\local\temp\dchps.exe
Details File 2
pass.exe
Details File 1
dbmanager.js
Details File 1
'jdb.js
Details sha256 2
d6c04cc24598c63e1d561768663808ff43a73d3876aee17d90e2ea01ee9540ff
Details sha256 2
86c11e56a1a3fed321e9ddc191601a318148b4d3e40c96f1764bfa05c5dbf212
Details IPv4 3
46.185.116.2
Details Url 1
https://dl.dropbox.com/s/p84aaz28t0hepul/pass.exe