Unboxing the Threat: How Malicious Python Scripts Use the BoxedApp SDK to Evade Detection | Hunt.io
Tags
country: China
attack-pattern: Malware - T1587.001 Malware - T1588.001 Python - T1059.006 Software - T1592.002 Tool - T1588.002
Show in Graph
Common Information
Type Value
UUID 5ae146a4-356e-49f3-9cf1-6ab5cb4a9823
Fingerprint a5f91929a9a78302
Analysis status DONE
Considered CTI value 2
Text language
Published Oct. 3, 2024, midnight
Added to db Oct. 9, 2024, 8:26 p.m.
Last updated Nov. 14, 2024, 4:12 p.m.
Headline Unboxing the Threat: How Malicious Python Scripts Use the BoxedApp SDK to Evade Detection
Title Unboxing the Threat: How Malicious Python Scripts Use the BoxedApp SDK to Evade Detection | Hunt.io
Detected Hints/Tags/Attributes 43/2/20
Source URLs
Redirection Url
Details Source https://hunt.io/blog/unboxing-the-threat-how-malicious-python-scripts-use-the-boxedapp-sdk-to-evade-detection
URL Provider
Details Provider Source level domain
Details hunt.io hunt.io
Attributes
Details Type #Events CTI Value
Details Domain 57 
hunt.io
Details Domain 1 
adobe.zip
Details Domain 1 
officehelper.py
Details Domain 1 
scriptforge.py
Details Domain 2 
hello.zip
Details File 18 
3.zip
Details File 1 
adobe.zip
Details File 1 
officehelper.py
Details File 1 
scriptforge.py
Details File 2 
hello.zip
Details File 2 
bxsdk64.dll
Details File 1 
hello.dll
Details File 1 
python_test.exe
Details File 1 
pythoncopy.exe
Details sha256 1 
fa8109df69bfc045c272391b0a287e92e23767a40de9b9a9f1c3aec692a6e4aa
Details sha256 1 
84a42aa1eafaa2ec7d10b85743adbe7fcf2f4a55beb3b36274edcab0b872b7e9
Details sha256 1 
4f4dc75447d40c43a6ae3743d442a70aa57f8299728031e2d01056ca04ba60f1
Details sha256 1 
538b28f4eb0c43fd892b44a53b8f968ccd93cef76f02c005b1ae1ae0733e50fb
Details sha256 1 
bf66eedcfcfa18dfa72ab81e9487a1cd009e210ab34f38dc9260568e169ffc8e
Details sha256 1 
e2361d2d3f547294c84c54901e5ec700100cbbfcc2aa41108e17df59e6e5a82b