MAL-2026-10091

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/qlinforge/MAL-2026-10091.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2026-10091
Published
2026-07-09T17:05:37Z
Modified
2026-07-09T21:16:56.983984421Z
Summary
Malicious code in qlinforge (PyPI)
Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (713a696ce725031aab16903d7a29c80611a4c4368c7e35bacf29069a3581c602)

setup.py registers a custom install command that, on Linux, downloads an opaque binary from http://115.190.124.243:9090/payloadlinuxamd64 to /tmp/.cache, chmods it executable, and runs it with a C2 argument https://115.190.124.243:8443; on Windows it uses certutil to fetch http://115.190.124.243:9090/payloadwindowsamd64.exe to C:/Windows/Temp/svchost2.exe (masquerading as svchost) and executes it. setup.py also writes a qlinforge.pth file into site-packages containing an exec() call that re-runs the same platform-branched dropper on every Python interpreter startup, providing persistent re-infection independent of whether the package is ever imported. The package is advertised as a benign 'Data Validation & Formatting Toolkit' with decoy validator/formatter/parser modules to hide the install-time payload.

Source: kam193 (8952681c2680f17702d34d053b0af1af1ff8e27a18338b3e84cad5de7e661919)

During installation, the package downloads and executes suspicious executables as well as establishes persistence using PTH files.


Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2026-07-qlinforge

Reasons (based on the campaign):

  • The package overrides the install command in setup.py to execute malicious code during installation.

  • Downloads and executes a remote executable.

  • abuses-pth

  • persistence

Database specific
{
    "malicious-packages-origins": [
        {
            "versions": [
                "0.3.2"
            ],
            "id": "pypi/2026-07-qlinforge/qlinforge",
            "modified_time": "2026-07-09T17:05:37.574287Z",
            "import_time": "2026-07-09T18:10:30.990433946Z",
            "sha256": "8952681c2680f17702d34d053b0af1af1ff8e27a18338b3e84cad5de7e661919",
            "source": "kam193"
        },
        {
            "sha256": "713a696ce725031aab16903d7a29c80611a4c4368c7e35bacf29069a3581c602",
            "id": "IN-MAL-2026-009400",
            "import_time": "2026-07-09T21:03:51.035328975Z",
            "modified_time": "2026-07-09T20:43:29Z",
            "versions": [
                "0.3.2"
            ],
            "source": "amazon-inspector"
        }
    ],
    "iocs": {
        "urls": [
            "http://115.190.124.243:9090/payload_windows_amd64.exe",
            "http://115.190.124.243:9090/payload_linux_amd64",
            "https://115.190.124.243:8443"
        ]
    }
}
References
Credits

Affected packages

PyPI / qlinforge

Package

Affected ranges

Affected versions

0.*
0.3.2

Database specific

indicators
{
    "evidence_files": [
        {
            "sha256": "0bd34af56f626c752a778d2be06c4dd6879e625a6b58a41933d8576876ce2b6d",
            "tlsh": "863124c241698e329644c3665bcb80a1e26324237e62356cf7ef14707f8b022f31deb6",
            "path": "setup.py"
        }
    ],
    "package_integrity": [
        {
            "filename": "qlinforge-0.3.2.tar.gz",
            "hashes": {
                "md5": "ff15726ea899e0dac17f4addca60da39",
                "sha256": "38ec9a55e1f6308ae9b0620af08096e3fcb7902c781dedbc2b29fb27fda4277d",
                "blake2b_256": "078aa2991a4dce03b1d33a2986c7c163410fb7a6896881c4f0d0bff59c23bc33"
            }
        }
    ]
}
cwes
[
    {
        "cweId": "CWE-506",
        "name": "Embedded Malicious Code",
        "description": "The product contains code that appears to be malicious in nature."
    }
]
source
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/qlinforge/MAL-2026-10091.json"