---

-= Per source details. Do not edit below this line.=-

Source: kam193 (24dbb5643933ff305b2eab164e820476f645ef2b59ad7c7cdfdeb2c3c3bfb98f)

During installation, package attempts to download and run an executable imitating malicious activity.

---

Category: PROBABLY_PENTEST - Packages looking like typical pentest packages, but also anything that looks like testing, exploring pre-prepared kits, research & co, with clearly low-harm possibilities.

Campaign: 2026-06-goodoldtoulas

Reasons (based on the campaign):

• The package overrides the install command in setup.py to execute malicious code during installation.

• Downloads and executes a remote executable.