ioc[.]one - OSINT Cyber Threat Intelligence Database

Malicious PyPI packages targeting highly specific MacOS machines | Datadog Security Labs

Tags

attack-pattern:

Datasets Direct Malware - T1587.001 Malware - T1588.001 Python - T1059.006 Software - T1592.002 Tool - T1588.002

Show in Graph

Common Information

Type	Value
UUID	14748b48-9aae-4bbe-88bf-4cfe6041df9b
Fingerprint	868139098074ab03
Analysis status	DONE
Considered CTI value	0
Text language
Published	May 23, 2024, midnight
Added to db	Aug. 31, 2024, 8:18 a.m.
Last updated	Nov. 3, 2024, 3:43 a.m.
Headline	Malicious PyPI packages targeting highly specific MacOS machines
Title	Malicious PyPI packages targeting highly specific MacOS machines \| Datadog Security Labs
Detected Hints/Tags/Attributes	38/1/16

Source URLs

	Redirection	Url
Details	Source	https://securitylabs.datadoghq.com/articles/malicious-pypi-package-targeting-highly-specific-macos-machines/

URL Provider

Details	Provider	Source level domain
Details	datadoghq.com	securitylabs.datadoghq.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	230	✔	Datadog Security Labs	https://securitylabs.datadoghq.com/rss/feed.xml	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	138		setup.py
Details	Domain	4		install.run
Details	File	127		setup.py
Details	File	6		os.chm
Details	File	45		1.zip
Details	File	18		3.zip
Details	File	17		2.zip
Details	Github username	10		datadog
Details	Url	1		https://github.com/datadog/malicious-software-packages-dataset/blob/main/samples/pypi/2024-05-09-reallydonothing-v0.1.zip
Details	Url	1		https://github.com/datadog/malicious-software-packages-dataset/blob/main/samples/pypi/2024-05-17-reallydonothing-v0.3.zip
Details	Url	1		https://github.com/datadog/malicious-software-packages-dataset/blob/main/samples/pypi/2024-05-20-jupyter-calendar-extension-v0.1.zip
Details	Url	1		https://github.com/datadog/malicious-software-packages-dataset/blob/main/samples/pypi/2024-05-20-calendar-extender-v0.1.zip
Details	Url	1		https://github.com/datadog/malicious-software-packages-dataset/blob/main/samples/pypi/2024-05-20-calendar-extender-v0.2.zip
Details	Url	1		https://github.com/datadog/malicious-software-packages-dataset/blob/main/samples/pypi/2024-05-21-reportgenpub-v0.1.zip
Details	Url	1		https://github.com/datadog/malicious-software-packages-dataset/blob/main/samples/pypi/2024-05-21-reportgenpub-v0.2.zip
Details	Url	1		https://github.com/datadog/malicious-software-packages-dataset/blob/main/samples/pypi/2024-05-23-auto-scrubber-v0.1.zip