ioc[.]one - OSINT Cyber Threat Intelligence Database

VMConnect: Malicious PyPI packages imitate popular open source modules

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Models Code Repositories - T1213.003 Code Repositories - T1593.003 Domains - T1583.001 Domains - T1584.001 Impersonation - T1656 Malicious File - T1204.002 Phishing - T1660 Phishing - T1566 Python - T1059.006 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002

Show in Graph

Common Information

Type	Value
UUID	561155ff-2cf6-45df-aff4-03ecf5e0e668
Fingerprint	874118198855ff32
Analysis status	DONE
Considered CTI value	2
Text language
Published	Aug. 3, 2023, midnight
Added to db	Nov. 8, 2023, 10:38 p.m.
Last updated	Nov. 17, 2024, 6:54 p.m.
Headline	VMConnect: Malicious PyPI packages imitate popular open source modules
Title	VMConnect: Malicious PyPI packages imitate popular open source modules
Detected Hints/Tags/Attributes	61/2/34

Source URLs

	Redirection	Url
Details	Source	https://www.reversinglabs.com/blog/vmconnect-malicious-pypi-packages-imitate-popular-open-source-modules

URL Provider

Details	Provider	Source level domain
Details	reversinglabs.com	www.reversinglabs.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	51	✔	ReversingLabs Blog	https://blog.reversinglabs.com/blog/rss.xml	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	2	based.py
Details	Domain	2	ethertestnet.pro
Details	Domain	2	deliworkshopexpress.xyz
Details	File	6	_init_.py
Details	File	61	__init__.py
Details	File	816	index.html
Details	File	13	demo.txt
Details	File	1	of__init__.py
Details	File	2	based.py
Details	sha1	2	b0095f149951241c6e11e0d1be1f74e8cdfbdbb2
Details	sha1	2	2ff1b3aa2dbff6d87447b250a8d19241e7853ab0
Details	sha1	2	67226da423ab4a2c97b2d008dec45280aaa5fdf5
Details	sha1	2	146942c5dbaba55be174b1bfb127410e332caa03
Details	sha1	2	0eb79e80c51c0e14be3620dfb237f7b53160a292
Details	sha1	2	bc2d48d6d9eeaf0b29625683942e90dfd2b75723
Details	sha1	2	9a276ca3678898f5596166416f7e709a2064e95c
Details	sha1	2	658605988c7afd9adf437fb64ff682cb4190f144
Details	sha1	2	5f03b73d56528ecbc3f24b8e7daec6b3d3370834
Details	sha1	2	19684554e4905bb3cf354a5d5a0f00d696f38926
Details	sha1	2	e531121b137182453f0d120be860ad882d2dc0a7
Details	sha1	2	b1f2d50be0aca0672475488d77c6f71a1b0633f8
Details	sha1	2	de4e9efeace6ff76dc00a166dca152dc3021d799
Details	sha1	2	664f0913a5952eeb77373f83e090fab7e94aa45e
Details	sha1	2	bd7ba47f730c2bc33afa67a39d9cbe3768f62426
Details	sha1	2	0dc723e77a5b97183a90eaecb62c9b7341e483ed
Details	sha1	2	6bf76b01bd17f370cd3f9947135bf250597d1ac1
Details	sha1	2	497df2fd2dba324be04cc57f50a3170b532aa70c
Details	sha1	2	d404a55f1f7fbcd8b3156a84ebcf97c57ba24b95
Details	sha1	2	9588affaf9d85e2141b9d76b914d9f89a8292574
Details	sha1	2	dbc14c3ac0528a8aeb6edba8a0b2792dab131102
Details	sha1	2	0b7b4444f820e9990dfeb5e2080321b5f25a9785
Details	sha1	2	e6494b9a91862191556d77022e5577ddbe749ef4
Details	sha1	2	a1b039f88c385f5c5eec2ef1701251c7341b1fcd
Details	IPv4	2	45.61.139.219