pupy (Malware Family)
By Fraunhofer FKIE
Archived: 2026-04-05 21:59:22 UTC
Pupy is an open-source, cross-platform RAT and post-exploitation framework mainly written in python. Pupy can
be loaded from various loaders, including PE EXE, reflective DLL, Linux ELF, pure python, powershell and APK.
Most of the loaders bundle an embedded python runtime, python library modules in source/compiled/native forms
as well as a flexible configuration. They bootstrap a python runtime environment mostly in-memory for the later
stages of pupy to run in. Pupy can communicate using various transports, migrate into processes, load remote
python code, python packages and python C-extensions from memory.
[TLP:WHITE] win_pupy_auto (20201014 | autogenerated rule brought to you by yara-signator)
Source: https://malpedia.caad.fkie.fraunhofer.de/details/win.pupy
https://malpedia.caad.fkie.fraunhofer.de/details/win.pupy
Page 1 of 1