Exposing Attack Operations Utilizing PyPI Against Windows, Linux and macOS Platforms
July 8, 2024, 10:56 a.m.
Description
Date
Published | Created | Modified |
---|---|---|
July 8, 2024, 10:50 a.m. | July 8, 2024, 10:50 a.m. | July 8, 2024, 10:56 a.m. |
Indicators
e9d478dca6ce1b642abfdb94af21f0d567594479a14d3780e148400649591fcf
b4c8c149005a43ae043038d4d62631dc1a0f57514c7cbf4f7726add7ec67981a
973f7939ea03fd2c9663dafc21bb968f56ed1b9a56b0284acf73c3ee141c053c
2c8f00824ca2b4ddb4e2e910ee042ba46a570984d1bc094f0014655d883b8519
1a9cea5e43cfe6377b20f09becf8547deba702718d1ee220ef677f53f30e820d
17d3593519f6a016879093bfb7cc63070646951191e28c1dfad52942099f59cc
70c5b64589277ace59db86d19d846a9236214b48aacabbaf880f2b6355ab5260
c56c94e21913b2df4be293001da84c3bb20badf823ccf5b6a396f5f49df5efff
b4a04b450bb7cae5ea578e79ae9d0f203711c18c3f3a6de9900d2bdfaa4e7f67
956d2ed558e3c6e447e3d4424d6b14e81f74b63762238e84069f9a7610aa2531
8fb6d8a5013bd3a36c605031e86fd1f6bb7c3fdba722e58ee2f4769a820b86b0
6bba8f488c23a0e0f753ac21cd83ddeac5c4d14b70d4426d7cdeebdf813a1094
3ab6e6fc888e4df602eff1c5bc24f3e976215d1e4a58f963834e5b225a3821f5
60c080a29f58cf861f5e7c7fc5e5bddc7e63dd1db0badc06729d91f65957e9ce
26437bc68133c2ca09bb56bc011dd1b713f8ee40a2acc2488b102dd037641c6e
173e6bc33efc7a03da06bf5f8686a89bbed54b6fc8a4263035b7950ed3886179
01c5836655c6a4212676c78ec96c0ac6b778a411e61a2da1f545eba8f784e980
91.206.178.125
http://91.206.178.125:80
http://91.206.178.125/upload/upload.asp
Attack Patterns
Comebacker
APT-C-26 (Lazarus)
T1099
T1064
T1497
T1021
T1070
T1057
T1105
T1195
T1090
T1059