ThreatFox IOC Database

You are viewing the ThreatFox database entry for sha256_hash 9d59fd0bcc14b671079824c704575f201b74276238dc07a9c12a93a84195648a.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1667152
IOC: 9d59fd0bcc14b671079824c704575f201b74276238dc07a9c12a93a84195648a
IOC Type :sha256_hash
Threat Type :payload
Malware: Shai-Hulud
Confidence Level : Confidence level is high (95%)
Is compromised? : False
First seen:2025-12-04 06:09:48 UTC
Last seen:never
UUID:1b89afc5-d099-11f0-a341-42010aa4000a
Reporter duggusa
Reward 5 credits from ThreatFox
Tags:credential-theft dugganusa npm shai-hulud-v2 Worm
Reference: https://analytics.dugganusa.com/api/v1/stix-feed

Avatar
duggusa
Shai-Hulud V2 variant. Credential cache: ~/.truffler-cache/. Targets npm maintainers. MITRE: T1555.001.