What was detected
Credentials Files Access (api.box.com)
Category: Credential access
Timestamp: 2025-11-28T06:15:41.724369Z
Process flow
Source process: trufflehog
Destination: api.box.com:443
Protocol: tcp
Process lineage
- /sbin/init
- /opt/hca/hosted-compute-agent
- /home/runner/actions-runner/cached/bin/Runner.Listener run
- /home/runner/actions-runner/cached/bin/Runner.Worker spawnclient 142 145
- /usr/bin/bash -e /home/runner/work/_temp/a236a563-04fe-4183-a007-1064f193ff55.sh
- node setup_bun.js
- sh -c node setup_bun.js
- node setup_bun.js
- bun /home/runner/work/sha1-hulud-2-iocs/sha1-hulud-2-iocs/node_modules/@seung-ju/react-native-action-sheet/bun_environment.js
- /home/runner/.truffler-cache/trufflehog filesystem /home/runner --json
- /home/runner/.truffler-cache/trufflehog filesystem /home/runner --json
Context
Agent: sha1-hulud-2-iocs
