atomdrift labBETA

Open-source atomic malware analysis

Analyze another

yt_dlp-2026.6.16.235352.dev0-py3-none-any.whl

WHL

BENIGN

467810235f10a2b45607c112b874e876c8c167ba129bbc85aa160f78b12222b3

Mal-ecule

K(Li)O₁₃(Ca₄AlAs₁₃C₁₄CoEr₂Eu₃PDyILaS₃Xe₂)H₆(Cm₂₄Cr₆Db₁₁F₉Os₃Po₇)Md₄(Pa₂Pt)

Size 3.0 MB download

First seen 4 days ago

Analyzed 4 days ago

Ecosystem python

Source pythonhosted.org

Objectives

credential-access/browser Python Chromium DPAPI decryption

anti-analysis/debugger-detect Python Frida tool name

anti-static/obfuscation/control-flow Large integer array assignment

anti-static/obfuscation/string Reverse-slice adjacent to base64/hex decode

0x101e ×2
0x2090 ×2
0x165a
0x1854
0x1a4
0x2239
0x22f3
0x33d0

command-and-control/channel/tunnel SOCKS proxy server implementation

0x1272
0x129f
0x2f5
0x308
0x3ff
0x564
0x565
0x6dc

command-and-control/dropper/staging Direct ctypes BCrypt CNG bypass

0x252 ×2
0x2886 ×2
0x431 ×2
0x104
0x2ea1
0x3a0
0x3f7
0xc6

evasion/security-bypass Python pycurl SSL_VERIFYHOST disabled

exfiltration/dns Long encoded-looking DNS subdomain label

exfiltration/http Python raw socket stream

persistence/login/account RouterOS full admin group

Micro-behaviors

0x1396
0x13e
0x15b
0x18b
0x1cc
0x1df
0x212
0x213

0x149 ×2
0x1b2 ×2
0x108
0x10d
0x112
0x122
0x134
0x144

0x107 ×2
0x16c ×2
0x23a ×2
0xabe ×2
0xdb2 ×2
0xe6 ×2
0x18a
0x198

20 of 86 traits shown

Identity

SHA-256	467810235f10a2b45607c112b874e876c8c167ba129bbc85aa160f78b12222b3
Canonical SHA-256	0037463de05d4bb8ccc06007e5130a7982f052fd2fd91d6853ac615ebf0bd2f6
Filename	yt_dlp-2026.6.16.235352.dev0-py3-none-any.whl
Package	yt-dlp
Version	2026.6.16.235352.dev0-py3-none-any

Origin

Source	harvest
Feed	pypi.org
Ecosystem	python
Domain	pythonhosted.org

Timeline

First seen	16 Jun 2026 21:22 UTC
First analyzed	16 Jun 2026 23:33 UTC
Last analyzed	16 Jun 2026 23:33 UTC
Last updated	16 Jun 2026 23:33 UTC

Labeling

Label	unknown
Label source	harvest
Traits version	27202

Not seeing what you expected? Let us know