-= Per source details. Do not edit below this line.=-
This package typosquats llama-tokenizer-js. On require, index.js reconstructs a host and URL path from String.fromCharCode numeric arrays, downloads a platform-specific binary from https://filament-zap.vercel.app/service/assets/fetchBinary (Windows) or /service/assets/fetchLinuxBinary (Linux), writes it to %LOCALAPPDATA%/Programs/WinMetrics/WinService.exe on Windows or ~/.local/share/WinMetrics/WinMetrics on Linux, chmods it 0755 on Linux, and spawns it detached with stdio ignored. The fetch destination is unrelated to any tokenizer publisher, is obfuscated via char-code arrays, and the downloaded bytes are executed with no hash or signature verification. index.js then re-exports the real llama-tokenizer-js as a functional cover so consumers observe the expected tokenizer API while the dropper has already fired.
{
"malicious-packages-origins": [
{
"sha256": "b22305b1026f27be6d5b78dc19f7db7a05cc9d1818b7ebc7cda0fce92431aa02",
"id": "IN-MAL-2026-009690",
"import_time": "2026-07-10T18:05:59.686576007Z",
"modified_time": "2026-07-10T17:50:28Z",
"versions": [
"1.2.2"
],
"source": "amazon-inspector"
}
]
}{
"evidence_files": [
{
"sha256": "914f69aba38d297e899de806f15abc5f6110cadd0bae2d0f4414b70135faca71",
"tlsh": "7451219331e1606c0b3bd4ee1a0b9526955a8a02335de4d0fb9c8e586fc26a4b5b16cc",
"path": "index.js"
},
{
"sha256": "e9fd9a359ca9ff8ab43fddbbb874b7b61b9d2e100d80bf337793f4ec7f8415ad",
"tlsh": "16d0a9988466252300c4bf98a8720e429a820f3b90487c08038be028dcd83ef0dff30e",
"path": "package.json"
}
],
"package_integrity": [
{
"filename": "llama-tokenizer-1.2.2.tgz",
"hashes": {
"sha512_sri": "sha512-JAAU1Pk18MDt5atGmLq8wKGSkiPx3vT6X8tfu/L7iK1b9fHsklrEW2I+IZOst/TCMY7RiybHTIpCsmTeoq7ClQ==",
"sha1": "e06cd5992431a41543c12c138a0447f365d59ecc"
}
}
]
}
[
{
"name": "Embedded Malicious Code",
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature."
}
]
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/llama-tokenizer/MAL-2026-10163.json"