← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
SL-ADV-2026-WP-001 - JS Malware v2 characteristics
WHITE dispensight 2026-05-21 Modified: 2026-05-21
20
IOCs
MEDIUM VOLUME
RC4+Base64 cipher fully broken — all 758 string array entries resolved to plaintext. See comments for the detailed description.
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
NodeJS obfuscator.io SL-WP-001v2
Indicators of Compromise (20)
All FileHash-MD5 FileHash-SHA256 URL domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 830cd780e8fd7e83482ca5710da08c54 2026-05-21
FileHash-SHA256 6fab1c1e6c628451b7bf459e8cefccfa09304d4a301a6f9b118b84ae063c5adf 2026-05-21
FileHash-SHA256 8d5c2c759f9b5a1f9bc93122accf8fa46ddcafda7cec9b9c1d864078454ecac8 2026-05-21
URL http://dnsnewtds.shop/teamrepo 2026-05-21
URL http://ntdnewtds.shop/teamrepo 2026-05-21
URL https://bryanexhaust.com/wp-json/ 2026-05-21
URL https://dnsnewtds.shop/teamrepo?rnd= 2026-05-21
URL https://ntdnewtds.shop/teamrepo?rnd= 2026-05-21
URL https://sdntds.shop/teamrepo?rnd= 2026-05-21
domain dnsnewtds.shop 2026-05-21
domain ntdnewtds.shop 2026-05-21
domain sdntds.shop 2026-05-21
URL http://sdntds.shop/teamrepo 2026-05-21
URL https://sdntds.shop/teamrepo 2026-05-21
URL https://www.sdntds.shop/ 2026-05-21
URL http://dnsnewtds.shop/jsrepo 2026-05-21
URL https://ntdnewtds.shop/teamrepo 2026-05-21
URL https://ntdnewtds.shop/jsrepo/ 2026-05-21
URL https://dnsnewtds.shop/teamrepo 2026-05-21
URL https://ntdnewtds.shop/jsrepo 2026-05-21
References (1)
↗ https://secureleaf.dispensight.com/sink.html