ioc[.]one - OSINT Cyber Threat Intelligence Database

Malicious Packages Hidden in PyPI | FortiGuard Labs

Tags

attack-pattern:

Data Credentials - T1589.001 Malware - T1587.001 Malware - T1588.001 Python - T1059.006 Server - T1583.004 Server - T1584.004 Software - T1592.002

Show in Graph

Common Information

Type	Value
UUID	613efa70-55b7-4e13-8394-72e410272445
Fingerprint	8402bcd22b76350f
Analysis status	DONE
Considered CTI value	2
Text language
Published	July 31, 2024, 1 p.m.
Added to db	Aug. 31, 2024, 6:54 a.m.
Last updated	Oct. 17, 2024, 7:47 p.m.
Headline	Malicious Packages Hidden in PyPI
Title	Malicious Packages Hidden in PyPI \| FortiGuard Labs
Detected Hints/Tags/Attributes	31/1/12

Source URLs

	Redirection	Url
Details	Redirection	https://feeds.fortinet.com/~/902101919/0/fortinet/blog/threat-research~Malicious-Packages-Hidden-in-PyPI
Details	Source	https://www.fortinet.com/blog/threat-research/malicious-packages-hidden-in-pypl

URL Provider

Details	Provider	Source level domain
Details	fortinet.com	www.fortinet.com
Details	fortinet.com	feeds.fortinet.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	122	✔	Fortinet Threat Research Blog	https://feeds.fortinet.com/fortinet/blog/threat-research	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	1		agent.bg
Details	File	2		discord_token_grabber.py
Details	File	2		get_cookies.py
Details	File	1		password_grabber.py
Details	File	31		cookies.txt
Details	File	2		chromedata.db
Details	File	1		mingcc-x64.exe
Details	File	1		dscord_token_grabber.py
Details	sha256	1		f49ba791814001b3d4101685bfebb635cdaf3103407a08171bb5d6bbe3e79c77
Details	sha256	1		f7e8a57b54489b5b3de66a1d21534ced3d2a2fb1ce8d03c69d4672e62aa00dca
Details	sha256	1		589d438226abfec8f71ab7724c68011303f82febb6786fd0c57571b0769764f3
Details	sha256	1		348ee268ef62af51add78b46df9fe8e2bdf41166d19084af75498333e81e6f3b