MAL-2024-10289

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/node-dlls/MAL-2024-10289.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2024-10289
Aliases
  • SNYK-JS-NODEDLLS-8366345
Published
2024-10-30T16:04:19Z
Modified
2024-12-09T14:57:29.749683Z
Summary
Malicious code in node-dlls (npm)
Details

The package contains code to download and execute an infostealer payload.


-= Per source details. Do not edit below this line.=-

Database specific
{
    "malicious-packages-origins": [
        {
            "sha256": "0a78c7f4d1473adc0bc3068875d1d0cb09e53e874c3970af1d79153b6bdaed27",
            "id": "RLMA-2024-10698",
            "import_time": "2024-12-09T14:38:28.868123741Z",
            "modified_time": "2024-12-09T03:09:59Z",
            "versions": [
                "1.0.0"
            ],
            "source": "reversing-labs"
        }
    ]
}
References
Credits

Affected packages

npm / node-dlls

Package

Affected ranges

Affected versions

1.*
1.0.0

Database specific

source
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/node-dlls/MAL-2024-10289.json"