MAL-2026-5776

See a problem?

Import Source

https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/fastgptmini/MAL-2026-5776.json

JSON Data

https://api.osv.dev/v1/vulns/MAL-2026-5776

Published

2026-06-15T11:43:18Z

Modified

2026-06-15T20:31:52.949884316Z

Summary

Malicious code in fastgptmini (PyPI)

Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (4da10d62527ca4b69f4458b6a01c77f01af42c5a1631d5cc6f207070d1ade20d)

setup.py fetches an opaque file from https://tmpfiles.org/dl/wJwhUXDhUK6M/zvgfsj.txt (an anonymous, throwaway file-sharing host) during pip install, writes the bytes to python.bat in the current working directory, and executes them via os.system("cmd /c python.bat"). The URL is unpinned, no hash or signature verification is performed, the destination is not associated with the package publisher, and the fetched content is handed directly to a shell — a canonical install-time dropper. The package ships no real functionality (src/ contains only the egg-info directory) and uses placeholder metadata (Name/Author/Summary all set to 'FastGPTMini' with no homepage, URL, or email), consistent with a name-confusion lure targeting developers searching for FastGPT/GPT tooling. Any machine running pip install FastGPTMini will fetch and execute attacker-controlled code with the user's privileges.

Source: kam193 (3cca907106c3dceb5276e9bdbf8799367b44df9e12fe12098dd3ed215bb4f3b0)

During installation, the code downloads an obfuscated script, which attempts to tamper with Defender exclusions paths and then downloads a malicious executable

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2026-06-fastgptmini

Reasons (based on the campaign):

Downloads and executes a remote executable.
malware
The package overrides the install command in setup.py to execute malicious code during installation.
obfuscation

Database specific

{
    "malicious-packages-origins": [
        {
            "id": "pypi/2026-06-fastgptmini/fastgptmini",
            "import_time": "2026-06-15T13:06:39.495068017Z",
            "versions": [
                "2.21",
                "2.22",
                "2.23",
                "2.24",
                "2.25",
                "2.26"
            ],
            "source": "kam193",
            "modified_time": "2026-06-15T12:23:54.586979Z",
            "sha256": "3cca907106c3dceb5276e9bdbf8799367b44df9e12fe12098dd3ed215bb4f3b0"
        },
        {
            "id": "IN-MAL-2026-006679",
            "import_time": "2026-06-15T20:14:26.914309651Z",
            "versions": [
                "2.22"
            ],
            "source": "amazon-inspector",
            "sha256": "28e21a2c3a141d093fb5d40a6cbf4af6a856d1e62e20d21040196f0f04046d7f",
            "modified_time": "2026-06-15T19:39:35Z"
        },
        {
            "id": "IN-MAL-2026-006693",
            "import_time": "2026-06-15T20:14:28.473782815Z",
            "versions": [
                "2.26"
            ],
            "source": "amazon-inspector",
            "modified_time": "2026-06-15T19:55:46Z",
            "sha256": "4da10d62527ca4b69f4458b6a01c77f01af42c5a1631d5cc6f207070d1ade20d"
        },
        {
            "id": "IN-MAL-2026-006680",
            "import_time": "2026-06-15T20:14:27.050979451Z",
            "versions": [
                "2.23"
            ],
            "source": "amazon-inspector",
            "sha256": "9d3e5a3d5306955d64796726515b3fbdc69c4a62764e8eee47f1e31a46b4e612",
            "modified_time": "2026-06-15T19:39:39Z"
        },
        {
            "id": "IN-MAL-2026-006678",
            "import_time": "2026-06-15T20:14:26.788022703Z",
            "versions": [
                "2.21"
            ],
            "source": "amazon-inspector",
            "modified_time": "2026-06-15T19:39:35Z",
            "sha256": "df96c79ac17a09accf2decd6e2be75665cd05dee4eb6f3fe1ee78eb1d6aae9c7"
        }
    ],
    "iocs": {
        "urls": [
            "https://tmpfiles.org/dl/wNwdULF0K8NS/vwchmx.txt",
            "https://tmpfiles.org/dl/wowPUtiVvUPO/pythoninstallmanager.exe"
        ]
    }
}

References

Credits

- Amazon Inspector - FINDER
- - inspector-research@amazon.com
- Kamil Mańkowski (kam193) - REPORTER
- - https://github.com/kam193
  - https://bad-packages.kam193.eu/

Affected packages

PyPI / fastgptmini

Package

Name: fastgptmini; View open source insights on deps.dev
Purl: pkg:pypi/fastgptmini

Affected ranges

Affected versions

2.*

2.21

2.22

2.23

2.24

2.25

2.26

Database specific

cwes

[
    {
        "name": "Embedded Malicious Code",
        "description": "The product contains code that appears to be malicious in nature.",
        "cweId": "CWE-506"
    },
    {
        "name": "Embedded Malicious Code",
        "description": "The product contains code that appears to be malicious in nature.",
        "cweId": "CWE-506"
    },
    {
        "name": "Embedded Malicious Code",
        "description": "The product contains code that appears to be malicious in nature.",
        "cweId": "CWE-506"
    },
    {
        "name": "Embedded Malicious Code",
        "description": "The product contains code that appears to be malicious in nature.",
        "cweId": "CWE-506"
    }
]

source

"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/fastgptmini/MAL-2026-5776.json"

indicators

{
    "package_integrity": [
        {
            "filename": "fastgptmini-2.26.tar.gz",
            "hashes": {
                "blake2b_256": "d3d14c8dde385b27d5e2bf125e86aa05aa72baad390dfbaf13548530e844e09f",
                "sha256": "0951171af0b78d98646657f3f98f80ddf51b13af91f60ebcb7341b635b55cf6b",
                "md5": "36ffafaeb08cd85eafdb3fff1b7aa053"
            }
        }
    ],
    "evidence_files": [
        {
            "path": "setup.py",
            "sha256": "7bc82bfa873cf8b125fb9a41fcc3238f3a8ac037a66f48e766dc308bbfd7f71a",
            "tlsh": "d1116347ddd2a69812e0644c98119850ffa0836b2a40888bf1bd827cbfb42e086374a8"
        }
    ]
}