MAL-2024-10030

See a problem?

Import Source

https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/gentorqkkh/MAL-2024-10030.json

JSON Data

https://api.osv.dev/v1/vulns/MAL-2024-10030

Published

2024-07-21T11:39:54Z

Modified

2026-03-19T12:53:25.234881Z

Summary

Malicious code in gentorqkkh (PyPI)

Details

-= Per source details. Do not edit below this line.=-

## Source: kam193 (d6d9d057c596541a3467728f7e2fc38dd60f4ad166c64ef77db6edef26247277)

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2024-07-ronnyfredd-exfiltr-clipboard

Reasons (based on the campaign):

peristence-autorun
clipboard-stealing

-

Database specific

{
    "malicious-packages-origins": [
        {
            "id": "RLMA-2024-08312",
            "import_time": "2024-10-24T00:56:59.732339631Z",
            "sha256": "fbe35bc7d1f9528f87bfa4d945b86677b76a63abd39adbfc38b2321603ef84a6",
            "source": "reversing-labs",
            "modified_time": "2024-10-16T14:41:34Z",
            "versions": [
                "0.1"
            ]
        },
        {
            "id": "pypi/2024-07-ronnyfredd-exfiltr-clipboard/gentorqkkh",
            "ranges": [
                {
                    "type": "ECOSYSTEM",
                    "events": [
                        {
                            "introduced": "0"
                        }
                    ]
                }
            ],
            "import_time": "2025-12-02T22:30:55.21498981Z",
            "sha256": "b093b86c30b796f3f748d9dfb6205c6796c871dad58abea9da6b47da31f4ce5f",
            "source": "kam193",
            "modified_time": "2024-07-21T11:39:54Z"
        },
        {
            "id": "pypi/2024-07-ronnyfredd-exfiltr-clipboard/gentorqkkh",
            "ranges": [
                {
                    "type": "ECOSYSTEM",
                    "events": [
                        {
                            "introduced": "0"
                        }
                    ]
                }
            ],
            "import_time": "2025-12-02T23:07:18.239129989Z",
            "sha256": "d6d9d057c596541a3467728f7e2fc38dd60f4ad166c64ef77db6edef26247277",
            "source": "kam193",
            "modified_time": "2024-07-21T11:39:54Z"
        },
        {
            "id": "pypi/2024-07-ronnyfredd-exfiltr-clipboard/gentorqkkh",
            "import_time": "2025-12-10T21:38:57.504504714Z",
            "sha256": "619c1c18a2867ae512d4b324e47b62ad53ca182c539ec275233fce03889a896c",
            "source": "kam193",
            "modified_time": "2024-07-21T11:39:54Z",
            "versions": [
                "0.1"
            ]
        },
        {
            "id": "RLUA-2026-00349",
            "import_time": "2026-03-19T12:19:47.743169679Z",
            "sha256": "f8054227a393db3420d4b72c7be8029fab1b6fc0764c60707a8457e886fdc8cd",
            "source": "reversing-labs",
            "modified_time": "2026-03-18T12:14:12Z"
        }
    ]
}

References

https://bad-packages.kam193.eu/pypi/package/gentorqkkh

Credits

- Kamil Mańkowski (kam193)
- - https://github.com/kam193
  - https://bad-packages.kam193.eu/
- Kamil Mańkowski (kam193) - REPORTER
- - https://github.com/kam193
  - https://bad-packages.kam193.eu/
- ReversingLabs - FINDER
- - https://www.reversinglabs.com

Affected packages

PyPI / gentorqkkh

Package

Name: gentorqkkh; View open source insights on deps.dev
Purl: pkg:pypi/gentorqkkh

Affected ranges

Affected versions

0.*

0.1

Database specific

source

"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/gentorqkkh/MAL-2024-10030.json"