mal-2026-878
Vulnerability from ossf_malicious_packages
Published
2026-02-13 10:56
Modified
2026-02-14 13:50
Summary
Malicious code in magichat (PyPI)
Details
-= Per source details. Do not edit below this line.=-
Source: kam193 (42cf9a8fdfde42b15f94ed81efe1d74f692ce738f3819978b6760e46faf1e95c)
The package is prepared to download a hardcoded executable and save it in %LOCALAPPDATA% under a very generic name, clearly aiming to hide its existence. Code is also prepared to alter MarkOfTheWeb, start as admin and run the executable, but in analyzed versions this behavior was not triggered in any existing code path. The downloading will happen e.g. on starting the declared command line.
Remote executables are standalone applications or installators, including ClickOnce installators. However, in the analysis attempts, none of them showed clear malicious behavior, in most cases crashing during the analysis. Captured network traffic shows communication with the remote server and likely expects the URL of the next stage, which was not delivered from the server. Additionally, the code embeds a separate path for execution on non-Windows machines. It attempts to execute a remote script, but in analyzed versions, the domain used is already suspended and not reachable.
Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.
Campaign: 2026-02-magichat
Reasons (based on the campaign):
-
Downloads and executes a remote executable.
-
other
-
typosquatting
Credits
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "magichat"
},
"versions": [
"0.1.0",
"1.0.1",
"1.0.2",
"1.0.3",
"1.0.4",
"1.0.5",
"1.0.6",
"1.0.7",
"1.0.8",
"1.0.9",
"1.1.0",
"1.1.1",
"1.1.2",
"1.1.8",
"1.2.2"
]
}
],
"credits": [
{
"contact": [
"https://github.com/kam193",
"https://bad-packages.kam193.eu/"
],
"name": "Kamil Ma\u0144kowski (kam193)",
"type": "ANALYST"
},
{
"contact": [
"https://github.com/kam193",
"https://bad-packages.kam193.eu/"
],
"name": "Kamil Ma\u0144kowski (kam193)",
"type": "REPORTER"
}
],
"database_specific": {
"iocs": {
"domains": [
"doc-sendapplication.com"
],
"urls": [
"https://www.dropbox.com/scl/fi/8g8j2g6ceuj12loonrxpu/Installer.exe?rlkey=9pi7bsdb31jlgxmntwde4j54h\u0026st=3t69etqf\u0026dl=1",
"https://www.dropbox.com/scl/fi/itjqck6r0eivh655ijau9/DocSend.application?rlkey=gmbotpa64r8gqtbwiyo4wlfys\u0026st=k0zrfnxe\u0026dl=1"
]
},
"malicious-packages-origins": [
{
"id": "pypi/2026-02-magichat/magichat",
"import_time": "2026-02-13T11:44:07.974194887Z",
"modified_time": "2026-02-13T10:56:11.411983Z",
"sha256": "016f12f6cc3656294be9c8d11c1d07ef953f6c204a9d76b1d5ab21b8ad87b2a1",
"source": "kam193",
"versions": [
"0.1.0",
"1.0.1",
"1.0.2",
"1.0.3",
"1.0.4",
"1.0.5",
"1.0.6",
"1.0.7",
"1.0.8",
"1.0.9",
"1.1.0",
"1.1.1",
"1.1.2"
]
},
{
"id": "pypi/2026-02-magichat/magichat",
"import_time": "2026-02-13T23:43:52.196017516Z",
"modified_time": "2026-02-13T10:56:11.411983Z",
"sha256": "42cf9a8fdfde42b15f94ed81efe1d74f692ce738f3819978b6760e46faf1e95c",
"source": "kam193",
"versions": [
"0.1.0",
"1.0.1",
"1.0.2",
"1.0.3",
"1.0.4",
"1.0.5",
"1.0.6",
"1.0.7",
"1.0.8",
"1.0.9",
"1.1.0",
"1.1.1",
"1.1.2"
]
},
{
"id": "pypi/2026-02-magichat/magichat",
"import_time": "2026-02-14T01:38:16.026134075Z",
"modified_time": "2026-02-14T00:52:47.961654Z",
"sha256": "b44e51035841826fb293ba041756cd9e79a7053fbb129e71a28b0a871639fe94",
"source": "kam193",
"versions": [
"0.1.0",
"1.0.1",
"1.0.2",
"1.0.3",
"1.0.4",
"1.0.5",
"1.0.6",
"1.0.7",
"1.0.8",
"1.0.9",
"1.1.0",
"1.1.1",
"1.1.2",
"1.1.8"
]
},
{
"id": "pypi/2026-02-magichat/magichat",
"import_time": "2026-02-14T13:48:17.481880598Z",
"modified_time": "2026-02-14T13:18:35.960251Z",
"sha256": "a77c3922633d4ba65720dabe7737b3ae2afcbbf6ba28435f18ef85c3289f2c92",
"source": "kam193",
"versions": [
"0.1.0",
"1.0.1",
"1.0.2",
"1.0.3",
"1.0.4",
"1.0.5",
"1.0.6",
"1.0.7",
"1.0.8",
"1.0.9",
"1.1.0",
"1.1.1",
"1.1.2",
"1.1.8",
"1.2.2"
]
}
]
},
"details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: kam193 (42cf9a8fdfde42b15f94ed81efe1d74f692ce738f3819978b6760e46faf1e95c)\nThe package is prepared to download a hardcoded executable and save it in %LOCALAPPDATA% under a very generic name, clearly aiming to hide its existence. Code is also prepared to alter MarkOfTheWeb, start as admin and run the executable, but in analyzed versions this behavior was not triggered in any existing code path. The downloading will happen e.g. on starting the declared command line.\n\nRemote executables are standalone applications or installators, including ClickOnce installators. However, in the analysis attempts, none of them showed clear malicious behavior, in most cases crashing during the analysis. Captured network traffic shows communication with the remote server and likely expects the URL of the next stage, which was not delivered from the server. Additionally, the code embeds a separate path for execution on non-Windows machines. It attempts to execute a remote script, but in analyzed versions, the domain used is already suspended and not reachable.\n\n\n---\n\nCategory: MALICIOUS - The campaign has clearly malicious intent, like infostealers.\n\n\nCampaign: 2026-02-magichat\n\n\nReasons (based on the campaign):\n\n\n - Downloads and executes a remote executable.\n\n\n - other\n\n\n - typosquatting\n",
"id": "MAL-2026-878",
"modified": "2026-02-14T13:50:00Z",
"published": "2026-02-13T10:56:11Z",
"references": [
{
"type": "EVIDENCE",
"url": "https://tria.ge/260212-z9ndmabs3b"
},
{
"type": "WEB",
"url": "https://bad-packages.kam193.eu/pypi/package/magichat"
},
{
"type": "EVIDENCE",
"url": "https://www.virustotal.com/gui/file/703439f496bded646bb01b62d2cec96f713346a5e38249cdcab4b4840ea56aa9/detection"
},
{
"type": "EVIDENCE",
"url": "https://app.any.run/tasks/6c406e3e-5a9b-4019-8427-8be8b30e284a"
},
{
"type": "EVIDENCE",
"url": "https://tria.ge/260213-22j3cah18b/behavioral1"
}
],
"schema_version": "1.7.4",
"summary": "Malicious code in magichat (PyPI)"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…