PyPI Phishing Campaign | JuiceLedger Threat Actor Pivots From Fake Apps to Supply Chain Attacks
Common Information
Type Value
UUID a77130af-fba6-4d77-9306-23a71ab39d30
Fingerprint f4a088992017e74a
Analysis status DONE
Considered CTI value 2
Text language
Published Sept. 1, 2022, midnight
Added to db Sept. 26, 2022, 9:33 a.m.
Last updated Dec. 23, 2024, 9:13 a.m.
Headline PyPI Phishing Campaign | JuiceLedger Threat Actor Pivots From Fake Apps to Supply Chain Attacks
Title PyPI Phishing Campaign | JuiceLedger Threat Actor Pivots From Fake Apps to Supply Chain Attacks
Detected Hints/Tags/Attributes 48/2/72
Attributes
Details Type #Events CTI Value
Details Domain 5
linkedopports.com
Details Domain 1
python-v23.zip
Details Domain 1
rblxdem.com
Details Domain 1
thefutzibag.com
Details Domain 47
pypi.org
Details Domain 1
ledgrestartings.com
Details Domain 4
python-release.com
Details Domain 1
ledge-pc.com
Details Domain 1
trezsetup.com
Details Domain 1
axiesinfintity.com
Details Domain 1
campus-art.com
Details Domain 1
teslatradingbot.com
Details Domain 1
barkbackbakery.com
Details Domain 1
capritagworld.com
Details Domain 1
ideasdays.com
Details Domain 1
hitwars.com
Details File 1
python-v23.zip
Details File 3
instructions.exe
Details File 7
config.exe
Details File 1
nowblox.exe
Details File 1
nowbloxcodes.iso
Details sha1 1
13cfdf20dfa846c94358dbac6a3802dc0671eab2
Details sha1 1
d249f19db3fe6ea4439f095bfe7aafd5a0a5d4d2
Details sha1 1
1a7464489568003173cd048a3bad41ca32dbf94f
Details sha1 1
5eb92c45e0700d80dc24d3ad07a7e2d5b030c933
Details sha1 1
e5286353dec9a7fc0c6db378b407e0293b711e9b
Details sha1 1
90b7da4c4a51c631bd0cbe8709635b73de7f7290
Details sha1 1
dd569ccfe61921ab60323a550cc7c8edf8fb51d8
Details sha1 1
97c541c6915ccbbc8c2b0bc243127db9b43d4b34
Details sha1 1
f29a339e904c6a83dbacd8393f57126b67bdd3dd
Details sha1 1
71c849fc30c1abdb49c35786c86499acbb875eb5
Details sha1 1
2fb194bdae05c259102274300060479adf3b222e
Details sha1 1
cbc47435ccc62006310a130abd420c5fb4b278d2
Details sha1 1
8bbf55a78b6333ddb4c619d615099cc35dfeb4fb
Details sha1 1
bac2d08c542f82d8c8720a67c4717d2e70ad4cd9
Details sha1 2
567e1d5aa3a409a910631e109263d718ebd60506
Details sha1 2
1e697bc7d6a9762bfec958ee278510583039579c
Details sha1 1
ea14f11e0bd36c2d036244e0242704f3cf721456
Details sha1 1
5703ed6565888f0b06fffcc40030ba679936d29f
Details sha1 1
cd0b8746487d7ede0ec07645fd4ec655789c675b
Details sha1 2
d3ed1c7c0496311bb7d1695331dc8d3934fbc8ec
Details sha1 2
0a6731eba992c490d85d7a464fded2379996d77c
Details sha1 2
a30df748d43fbb0b656b6898dd6957c686e50a66
Details sha1 1
52b7e42e44297fdcef7a4956079e89810f64e113
Details sha1 1
aa8c4dffeeacc1f7317b2b3537d2962e8165faa2
Details sha1 1
a6348aea65ad01ee4c7dd70b0492f308915774a3
Details sha1 1
b305c16cb2bc6d88b5f6fe0ee889aaf8674d686e
Details sha1 1
666e5554ccdafcb37a41f0623bb9acc53851d84f
Details sha1 1
463897fa2dd2727a930b8f3397d10a796b6aa0d6
Details sha1 1
e2e239f40fdb2e5bf9d37b9607b152f173db285c
Details sha1 1
c0e3c2436e225f7d99991a880bf37d32ff09c5bd
Details sha1 1
6f3c5a06d1a53fac45182e76897e7eab90d4a186
Details sha1 1
bd7eb97b3dc47e72392738d64007df5fc29de565
Details sha1 1
de4596669f540b8bd34aa7cbf50e977f04f3bba3
Details sha1 1
55ba11f522532d105f68220db44392887952e57b
Details sha1 1
9e9c6af67962b041d2a87f2abec7a068327fa53a
Details sha1 1
ed9a4ce2d68d8cc9182bb36a46d35a9a8d0510cb
Details sha1 1
f10006f7b13e4746c2293a609badd2d4e5794922
Details sha1 1
f07954ba3932afd8ad7520c99a7f9263aa513197
Details sha1 1
56e3421689d65e78ff75703dd6675956b86e09e8
Details sha1 1
004c66532c49cb9345fc31520e1132ffc7003258
Details sha1 1
6fe5f25205679e148b7b93f1ae80a659d99c7715
Details sha1 1
964e29e877c65ff97070b7c06980112462cd7461
Details sha1 1
225638350f089ee56eae7126d048b297fce27b7d
Details sha1 1
9fb18a3426efa0034f87dadffe06d490b105bda3
Details sha1 1
a78dd3cd9569bd418d5db6f6ebf5c0c5e362919b
Details IPv4 1
45.153.35.53
Details Pdb 1
meta.pdb
Details Pdb 1
install-python.pdb
Details Pdb 1
c:\\users\\reece\\source\\repos\\nowblox\\nowblox\\obj\\debug\\nowblox.pdb
Details Url 1
https://rblxdem.com/brace.hta
Details Url 1
http://pypi.org