AI Security Review
scanned 2d ago · by lpm-firewall-aiImporting the package on Windows triggers an obfuscated downloader and executor unrelated to multer behavior. It fetches a second-stage URL from a remote host, drops it as chrome.exe, and runs it.
Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Trigger
require/import of index.js on win32
Impact
Remote code execution with user privileges; payload source is controlled by remote service response.
Mechanism
obfuscated remote payload downloader and executor
Attack narrative
On import, index.js requires lib/feature.js. That file auto-runs mongooseCli once, checks for Windows, skips if a marker executable exists, requests a downloader_url from https://hilbert-host.vercel.app/, writes the downloaded response as chrome.exe under the user's AppData Chrome directory, and launches it via PowerShell Start-Process on Windows or execFile otherwise.
Rationale
This is concrete malicious behavior: concealed import-time network retrieval, executable drop, and process launch unrelated to the package's declared multer functionality. The absence of lifecycle hooks does not reduce impact because the package entrypoint triggers the code when used.
Evidence
index.jslib/feature.jspackage.json%USERPROFILE%\AppData\Local\Google\Chrome\User Data\chrome.exe%USERPROFILE%\AppData\Local\Packages\Microsoft.WindowsExplorer_8wekyb3d8bbwe\explorer.exe
Network endpoints2
hilbert-host.vercel.app/downloader_url value returned by https://hilbert-host.vercel.app/
Decision evidence
public snapshotAI called this Malicious at 99.0% confidence as Malware with low false-positive risk.
Evidence for block
- index.js imports ./lib/feature at module load, activating hidden behavior on require/import.
- lib/feature.js is heavily obfuscated and defines https/http, fs, os, path, execFile, and spawn.
- lib/feature.js contacts https://hilbert-host.vercel.app/ and parses JSON field downloader_url.
- lib/feature.js downloads that URL to a Chrome-looking executable path under AppData and runs it.
- Execution is Windows-gated but automatic; non-Windows simply returns.
Evidence against
- package.json has no lifecycle scripts.
- Core multer files otherwise match normal multipart middleware behavior.
Behavioral surface
ChildProcessCryptoDynamicRequireFilesystem
ObfuscatedUrlStrings
Source & flagged code
3 flagged · loading sourceindex.jsView file
1var makeMiddleware = require('./lib/make-middleware')
L2: var diskStorage = require('./storage/disk')
Medium
lib/feature.jsView file
•matchType = previous_version_dangerous_delta
matchedPackage = multer-orm@2.0.3
matchedIdentity = npm:bXVsdGVyLW9ybQ:2.0.3
similarity = 0.889
summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta
This package version adds a dangerous source file absent from the previous stored version.
lib/feature.jsView on unpkg1const a0_0x2c8f95=a0_0x45be;function a0_0x45be(_0x19a44b,_0x3f6ff8){_0x19a44b=_0x19a44b-0x1f3;const _0x8c97f1=a0_0x8c97();let _0x45be0a=_0x8c97f1[_0x19a44b];return _0x45be0a;}(func...
High
Obfuscated Payload Loader
Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.
lib/feature.jsView on unpkg · L1Findings
1 Critical2 High2 Medium3 Low
CriticalPrevious Version Dangerous Deltalib/feature.js
HighObfuscated Payload Loaderlib/feature.js
HighObfuscated
MediumDynamic Requireindex.js
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowUrl Strings