Six Malicious Python Packages in the PyPI Targeting Windows Users
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Data Botnet - T1583.005 Botnet - T1584.005 Credentials - T1589.001 Exploits - T1587.004 Exploits - T1588.005 Malicious Link - T1204.001 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Python - T1059.006 Server - T1583.004 Server - T1584.004 Serverless - T1583.007 Serverless - T1584.007 Software - T1592.002 Vulnerabilities - T1588.006
Show in Graph
Common Information
Type Value
UUID d55bb15b-ea0c-4c1b-93a7-b31ad2832da2
Fingerprint 8431098aa877a709
Analysis status DONE
Considered CTI value 0
Text language
Published July 11, 2023, 1 p.m.
Added to db Aug. 12, 2023, 1:49 a.m.
Last updated Oct. 22, 2024, 11:52 a.m.
Headline Six Malicious Python Packages in the PyPI Targeting Windows Users
Title Six Malicious Python Packages in the PyPI Targeting Windows Users
Detected Hints/Tags/Attributes 74/2/10
Source URLs
Redirection Url
Details Source https://unit42.paloaltonetworks.com/malicious-packages-in-pypi/
URL Provider
Details Provider Source level domain
Details paloaltonetworks.com unit42.paloaltonetworks.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 120 Unit 42 https://feeds.feedburner.com/Unit42 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 3 
paste.bingner.com
Details Domain 138 
setup.py
Details File 3 
paste.bin
Details File 127 
setup.py
Details File 27 
pythonw.exe
Details Url 1 
https://paste.bingner.com/paste/o27gb/raw
Details Url 1 
https://paste.bingner.com/paste/q77t3/raw
Details Url 1 
https://paste.bingner.com/paste/jr7ow/raw
Details Url 1 
https://paste.bingner.com/paste/9mzzs/raw
Details Url 1 
https://paste.bingner.com/paste/97vnn/raw