{"id":"MAL-2024-5681","summary":"Malicious code in pycrypterexe (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n","aliases":["SNYK-PYTHON-PYCRYPTEREXE-5292128"],"modified":"2024-10-24T01:01:59Z","published":"2024-06-25T13:39:47Z","database_specific":{"malicious-packages-origins":[{"versions":["1.0.0","1.2.1","1.1.8","1.0.3","1.1.1","1.1.7","1.0.5","1.1.0","1.0.2","1.1.4","1.2.4","1.2.3","1.1.3","1.1.6","1.1.5","1.0.7","1.2.2","1.0.4","1.0.1","1.0.6","1.0.9","0.0.0","1.1.2","1.2.0"],"import_time":"2024-06-28T02:50:03.290500859Z","source":"reversing-labs","sha256":"07318bc6dda30e3648ac5ce77a21d5b16568d6666eaf41dcab99a2dc8eec42dc","id":"RLMA-2024-04464","modified_time":"2024-06-25T13:39:47Z"},{"modified_time":"2024-10-16T14:47:39Z","import_time":"2024-10-24T00:59:49.386016767Z","source":"reversing-labs","sha256":"6e1acd8cb8d8fb5587772cbf5868d3fe5dce57c0ca825bd1307d5a62d84a0c48","id":"RLUA-2024-08901"}]},"references":[{"type":"ADVISORY","url":"https://security.snyk.io/vuln/SNYK-PYTHON-PYCRYPTEREXE-5292128"},{"type":"ARTICLE","url":"https://www.fortinet.com/blog/threat-research/supply-chain-attack-via-new-malicious-python-packages"},{"type":"WEB","url":"https://github.com/DataDog/malicious-software-packages-dataset"}],"affected":[{"package":{"name":"pycrypterexe","ecosystem":"PyPI","purl":"pkg:pypi/pycrypterexe"},"versions":["1.0.0","1.2.1","1.1.8","1.0.3","1.1.1","1.1.7","1.0.5","1.1.0","1.0.2","1.1.4","1.2.4","1.2.3","1.1.3","1.1.6","1.1.5","1.0.7","1.2.2","1.0.4","1.0.1","1.0.6","1.0.9","0.0.0","1.1.2","1.2.0"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/pycrypterexe/MAL-2024-5681.json"}}],"schema_version":"1.7.3","credits":[{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}