← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Attackers leverage PyPI to sideload malicious DLLs
WHITE ChaiPatti 2024-02-26 Modified: 2024-02-26
23
IOCs
MEDIUM VOLUME
pypisoftware supplyreversinglabschain securitystrongfebruarynp6helperhttperdll sideloadingiocsstatecobalt strikedownloadmaliciousclosepythonjuneransomware
Indicators of Compromise (4 / 23 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 5fca3bf478369aad61d40dd096a9e291 MD5 of 84c75536b279a85a5320f058514b884a016bc8c8 2024-02-26
FileHash-MD5 8d0778fb445094eace16d18bf078023f MD5 of 1f9fcf86a56394a7267d85ba76c1256d12e3e76b 2024-02-26
FileHash-MD5 a1be3261c569f85d2239d83e18042a39 MD5 of 2dc80f45540d0a3ea33830848fcf529f98ea2f5e 2024-02-26
FileHash-MD5 e3214c81339540a3804fca656f5aea7d 2024-02-26
References (1)
↗ https://www.reversinglabs.com/blog/attackers-leverage-pypi-to-sideload-malicious-dlls