__init__.py
脚本也有类似的恶意代码,如下所示:%USER%\AppData\Local\Temp\onefile_%PID_%TIME%
处释放多个文件:%USER%\AppData\Local\WindowsControl
名为 Control.exe 以及释放 run.bat 的批处理文件。52e6efbbfb1fdeb976e2464c542bc17747d213d67f28dff4d7df0879df23fd7e
8124cec491e0249bc4a9f3f9d3755201b0e8c28068ce8c4b528217dbb94afd13
104.20.67.143
104.20.68.143
172.67.34.170
185.106.92.188
https://www.fortinet.com/blog/threat-research/new-supply-chain-attack-uses-python-package-index-aioconsol
精彩推荐