← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Attackers leverage PyPI to sideload malicious DLLs
WHITE ChaiPatti 2024-02-26 Modified: 2024-02-26
23
IOCs
MEDIUM VOLUME
pypisoftware supplyreversinglabschain securitystrongfebruarynp6helperhttperdll sideloadingiocsstatecobalt strikedownloadmaliciousclosepythonjuneransomware
Indicators of Compromise (3 / 23 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA256 8c7423e2c833effc1193c6511c88a14ba48e5e3af9fd5c05f80f44c8d8ef71a4 SHA256 of 2dc80f45540d0a3ea33830848fcf529f98ea2f5e 2024-02-26
FileHash-SHA256 eee6b8f69bd3e65fa29142e7965b7a0d8bdec03d36e7c67266746ae54ebb493a SHA256 of 84c75536b279a85a5320f058514b884a016bc8c8 2024-02-26
FileHash-SHA256 f81e8b6ca1e0c4ee7ca8668df4b3792ccb1608eed8bbf94a2247d869264540f2 SHA256 of 1f9fcf86a56394a7267d85ba76c1256d12e3e76b 2024-02-26
References (1)
↗ https://www.reversinglabs.com/blog/attackers-leverage-pypi-to-sideload-malicious-dlls