MAL-2024-6213

See a problem?

Import Source

https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/win23crypt/MAL-2024-6213.json

JSON Data

https://api.osv.dev/v1/vulns/MAL-2024-6213

Published

2024-06-25T13:44:10Z

Modified

2024-10-24T01:02:00Z

Summary

Malicious code in win23crypt (PyPI)

Details

-= Per source details. Do not edit below this line.=-

Database specific

{
    "malicious-packages-origins": [
        {
            "source": "reversing-labs",
            "id": "RLMA-2024-05017",
            "modified_time": "2024-06-25T13:44:10Z",
            "sha256": "bba2b94c6e5b4679d1821fda507d149d2477c3bc9ae08d6abab053f855e77b9e",
            "versions": [
                "0.1.2",
                "0.1.3",
                "0.1.4"
            ],
            "import_time": "2024-06-28T02:51:10.16008378Z"
        },
        {
            "source": "reversing-labs",
            "id": "RLUA-2024-09532",
            "modified_time": "2024-10-16T14:54:05Z",
            "sha256": "275fb1812b1c64471bea47be649e42366f957cb3999124f809681d6e425bc4e1",
            "import_time": "2024-10-24T01:00:25.241244692Z"
        }
    ]
}

References

https://blog.virustotal.com/2023/06/inside-of-wasps-nest-deep-dive-into.html

Credits

- ReversingLabs - FINDER
- - https://www.reversinglabs.com

Affected packages

PyPI / win23crypt

Package

Name: win23crypt; View open source insights on deps.dev
Purl: pkg:pypi/win23crypt

Affected ranges

Affected versions

0.*

0.1.2

0.1.3

0.1.4

Database specific

source

"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/win23crypt/MAL-2024-6213.json"