{"id":"MAL-2024-10039","summary":"Malicious code in kongstrong (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: kam193 (6bc1ea7b99d0e9a3368a66084641ad782b9070c75c5ad2b67026cdd569ae344d)\n---\n\nCategory: MALICIOUS - The campaign has clearly malicious intent, like infostealers.\n\n\nCampaign: 2024-07-strongkong\n\n\nReasons (based on the campaign):\n\n\n - Downloads and executes a remote executable.\n","modified":"2026-03-19T12:54:21.159129Z","published":"2024-07-29T21:40:08Z","database_specific":{"iocs":{"domains":["ok-omega-eight.vercel.app"],"urls":["https://ok-omega-eight.vercel.app/Qgshqlgel.exe"]},"malicious-packages-origins":[{"import_time":"2024-10-24T00:57:00.329526824Z","sha256":"76ee4c55614f3424ef150cb4923ec599704b000105c67118406ea8a59f628174","source":"reversing-labs","id":"RLMA-2024-08446","modified_time":"2024-10-16T14:42:59Z","versions":["0.0.1"]},{"import_time":"2025-12-02T22:30:55.301470589Z","sha256":"026c042543685546ac8af01459bffe8a71f710a886d8edfae5165121f8d480fc","source":"kam193","id":"pypi/2024-07-strongkong/kongstrong","modified_time":"2024-07-29T21:40:08Z","ranges":[{"events":[{"introduced":"0"}],"type":"ECOSYSTEM"}]},{"import_time":"2025-12-02T23:07:18.326582417Z","sha256":"6bc1ea7b99d0e9a3368a66084641ad782b9070c75c5ad2b67026cdd569ae344d","source":"kam193","id":"pypi/2024-07-strongkong/kongstrong","modified_time":"2024-07-29T21:40:08Z","ranges":[{"events":[{"introduced":"0"}],"type":"ECOSYSTEM"}]},{"import_time":"2025-12-10T21:38:57.563996237Z","sha256":"810d35fec918010d936d169be0d6987cb60415411149b450d639b691fdd9c53c","source":"kam193","id":"pypi/2024-07-strongkong/kongstrong","modified_time":"2024-07-29T21:40:08Z","versions":["0.0.1"]},{"import_time":"2026-03-19T12:19:57.866509411Z","sha256":"767d280d2ac438b3617190c999aebb3ded809e7796bc479b7568486934122ccf","source":"reversing-labs","id":"RLUA-2026-00456","modified_time":"2026-03-18T12:15:26Z"}]},"references":[{"type":"WEB","url":"https://bad-packages.kam193.eu/pypi/package/kongstrong"}],"affected":[{"package":{"name":"kongstrong","ecosystem":"PyPI","purl":"pkg:pypi/kongstrong"},"versions":["0.0.1"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/kongstrong/MAL-2024-10039.json"}}],"schema_version":"1.7.5","credits":[{"name":"Kamil Mańkowski (kam193)","contact":["https://github.com/kam193","https://bad-packages.kam193.eu/"]},{"name":"Kamil Mańkowski (kam193)","contact":["https://github.com/kam193","https://bad-packages.kam193.eu/"],"type":"ANALYST"},{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}