← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Python Backdoor Threat Analysis Following an AI Deepfake Impersonation Campaign
WHITE APT37 Tr1sa111 2026-05-15 Modified: 2026-05-15
36
IOCs
MEDIUM VOLUME
compiled python bytecodeapt37environment variable obfuscationchinottodeepfake impersonationpython backdoorspear-phishingscheduled tasks persistencelnk file
MITRE ATT&CK & Malware Families
MALWARE FAMILIES
Chinotto
Indicators of Compromise (11 / 36 total)
All IPv4 CVE FileHash-MD5 domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 09dabe5ab566e50ab4526504345af297 2026-05-15
FileHash-MD5 16d7be5ebc3c2ff1cffbb83b965fd4fb 2026-05-15
FileHash-MD5 1aa7751332710f4e963a708243d3d550 2026-05-15
FileHash-MD5 255155bad9af5e2c6cf550ff2a95219d 2026-05-15
FileHash-MD5 33c97fc4eacd73addbae9e6cde54a77d 2026-05-15
FileHash-MD5 7922f91281e8b0fe00518d05bf295b4a 2026-05-15
FileHash-MD5 804d12b116bb40282fbf245db885c093 2026-05-15
FileHash-MD5 abbb362cdfe14b56b3a13a2a55937ee4 2026-05-15
FileHash-MD5 b5f9cd67cb32f44c138c382e17b06fd6 2026-05-15
FileHash-MD5 f7b2e0cebd7793c8cfee2c7c5b93df9c 2026-05-15
FileHash-MD5 fcb97f87905a33af565b0a4f4e884d61 2026-05-15
References (1)
↗ https://www.genians.co.kr/en/blog/threat_intelligence/python?hsCtaAttrib=343278473915