← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
SL-ADV-2026-WP-001 - JS Malware v2 characteristics
WHITE dispensight 2026-05-21 Modified: 2026-05-21
20
IOCs
MEDIUM VOLUME
RC4+Base64 cipher fully broken — all 758 string array entries resolved to plaintext. See comments for the detailed description.
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
NodeJS obfuscator.io SL-WP-001v2
Indicators of Compromise (14 / 20 total)
All FileHash-MD5 FileHash-SHA256 URL domain
TYPEINDICATORDESCRIPTIONCREATED
URL http://dnsnewtds.shop/teamrepo 2026-05-21
URL http://ntdnewtds.shop/teamrepo 2026-05-21
URL https://bryanexhaust.com/wp-json/ 2026-05-21
URL https://dnsnewtds.shop/teamrepo?rnd= 2026-05-21
URL https://ntdnewtds.shop/teamrepo?rnd= 2026-05-21
URL https://sdntds.shop/teamrepo?rnd= 2026-05-21
URL http://sdntds.shop/teamrepo 2026-05-21
URL https://sdntds.shop/teamrepo 2026-05-21
URL https://www.sdntds.shop/ 2026-05-21
URL http://dnsnewtds.shop/jsrepo 2026-05-21
URL https://ntdnewtds.shop/teamrepo 2026-05-21
URL https://ntdnewtds.shop/jsrepo/ 2026-05-21
URL https://dnsnewtds.shop/teamrepo 2026-05-21
URL https://ntdnewtds.shop/jsrepo 2026-05-21
References (1)
↗ https://secureleaf.dispensight.com/sink.html