HIGHLY_SUSPICIOUS (1) package from Python Package Index.

1. Packages that are likely malicious, but due to the obfuscation level, lack of time or clear indicators it's hard to say what exactly they do; the highest risk of false positives.

sajadnewenc

• Metadata(1) Check in pypi-data project
• Affected versions(2) unspecified

1. May not be available. See more in pypi-json-data repository.
2. Version numbers are currently not tracked. Assume all versions are affected.

Campaign data

Campaign information may not always be 100% accurate for every related package.

Campaign description

A series of obfuscated packages with a hidden binary code (Python compiled to ARM). Hard to determine, what exactly their purpose is. Importing the package starts the code (L4+) that saves the embedded ZIP and runs it through Python. The main file in the ZIP is also obfuscated attempts to run the compiled ARM-code.

See more details on the campaign page.

obfuscation

Campaign targets obfuscation.