Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 14:42:44 UTC
Home > List all groups > List all tools > List all groups using tool PyDCrypt
 Tool: PyDCrypt
Names PyDCrypt
Category Malware
Type Remote command, Loader
Description
(Check Point) The main goals of PyDCrypt are to infect other computers and to make
sure the main payload, DCSrv, is executed properly. The executable is written in Python
and compiled with PyInstaller with encryption, using the --key flag during the build
phase. As we mentioned previously, the attackers build a new sample for each infected
organization, and hardcode the parameters collected from the victim’s environment.
Information MITRE ATT&CK Last change to this tool card: 30 December 2022
Download this tool card in JSON format
All groups using tool PyDCrypt
Changed Name Country Observed
Other groups
 Moses Staff 2021-Nov 2022
1 group listed (0 APT, 1 other, 0 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=6d7303ed-87b7-4c75-89e0-80cbce684a85
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=6d7303ed-87b7-4c75-89e0-80cbce684a85
Page 1 of 1