● 0 online
ANALYZING THREAT INTELLIGENCE
CTI
PORTAL
Threat Intelligence
INTELLIGENCE
Dashboard
IOC Search
Bulk Search
Pulses
Actors
Tags
Watchlist
ANALYSIS
Phishing
Knowledge Base
SYSTEM
Cache
← Back to Pulse Feed
PULSE
DETAIL
PULSE NAME
Python Backdoor Threat Analysis Following an AI Deepfake Impersonation Campaign
WHITE
CyberHunter_NL
2026-05-13
Modified: 2026-05-13
40
IOCs
MEDIUM VOLUME
↓ CSV
↓ JSON
★ Watch
c2 server
lnk file
figure
north korea
python bytecode
compiled python
python
apt37 group
python runtime
offset
powershell
april
initial access
attack
execution
first
code
cookie
path
trojan
malicious
friday
Indicators of Compromise (1 / 40 total)
All
IPv4
CVE
FileHash-MD5
URL
domain
email
hostname
⎘ Copy All
TYPE
INDICATOR
DESCRIPTION
CREATED
URL
https://www.genians.com/
—
2026-05-13
⎘
References (1)
↗ https://www.genians.co.kr/en/blog/threat_intelligence/python?hsCtaAttrib=343278473915