{"id":"MAL-2024-10031","summary":"Malicious code in gentorqkkh1 (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: kam193 (23c1a7041a4424ef67ce4e182aee3ead70dc15aacd94d20d63b5f7028224d75c)\n---\n\nCategory: MALICIOUS - The campaign has clearly malicious intent, like infostealers.\n\n\nCampaign: 2024-07-ronnyfredd-exfiltr-clipboard\n\n\nReasons (based on the campaign):\n\n\n - peristence-autorun\n\n\n - clipboard-stealing\n\n\n -\n","modified":"2026-03-19T13:02:50.661061Z","published":"2024-07-21T11:39:54Z","database_specific":{"malicious-packages-origins":[{"versions":["0.1","0.2"],"sha256":"e0f1624d6c01ba26c7fcb7ffb8a659b2aee3dcb6992625961e93d19fd63c74ae","id":"RLMA-2024-08313","source":"reversing-labs","modified_time":"2024-10-16T14:41:35Z","import_time":"2024-10-24T00:56:59.796024427Z"},{"source":"kam193","sha256":"22b8e8b7612572e0413e4cbe22a22183a6a7c767e0f7c00fa4c8c8c45342639f","id":"pypi/2024-07-ronnyfredd-exfiltr-clipboard/gentorqkkh1","ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"modified_time":"2024-07-21T11:39:54Z","import_time":"2025-12-02T22:30:55.21817366Z"},{"source":"kam193","sha256":"23c1a7041a4424ef67ce4e182aee3ead70dc15aacd94d20d63b5f7028224d75c","id":"pypi/2024-07-ronnyfredd-exfiltr-clipboard/gentorqkkh1","ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"modified_time":"2024-07-21T11:39:54Z","import_time":"2025-12-02T23:07:18.239956341Z"},{"versions":["0.2","0.1"],"sha256":"a3d98ba1080ae4e791f828e63715db88a37328e2200a1517b6cdf68232847943","id":"pypi/2024-07-ronnyfredd-exfiltr-clipboard/gentorqkkh1","source":"kam193","modified_time":"2024-07-21T11:39:54Z","import_time":"2025-12-10T21:38:57.505583585Z"},{"versions":["0.1","0.2"],"sha256":"ef6834f0460f440202429853bfd069b72bee75c4e5ae5511ef5542b62efdd543","id":"pypi/2024-07-ronnyfredd-exfiltr-clipboard/gentorqkkh1","source":"kam193","modified_time":"2024-07-21T11:39:54Z","import_time":"2025-12-30T22:39:04.087591959Z"},{"sha256":"392b06862ad94c5a7a97b8881155814d2a9ffd05155914905a57f258c06ef8ed","id":"RLUA-2026-00350","source":"reversing-labs","modified_time":"2026-03-18T12:14:12Z","import_time":"2026-03-19T12:19:47.83069541Z"}]},"references":[{"type":"WEB","url":"https://bad-packages.kam193.eu/pypi/package/gentorqkkh1"}],"affected":[{"package":{"name":"gentorqkkh1","ecosystem":"PyPI","purl":"pkg:pypi/gentorqkkh1"},"versions":["0.1","0.2"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/gentorqkkh1/MAL-2024-10031.json"}}],"schema_version":"1.7.5","credits":[{"name":"Kamil Mańkowski (kam193)","contact":["https://github.com/kam193","https://bad-packages.kam193.eu/"]},{"name":"Kamil Mańkowski (kam193)","contact":["https://github.com/kam193","https://bad-packages.kam193.eu/"],"type":"REPORTER"},{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}