Overview

overview

4

Static

static

3

ExtPack-license.html

windows7-x64

1

ExtPack-license.html

windows10-2004-x64

1

ExtPack-license.rtf

windows7-x64

4

ExtPack-license.rtf

windows10-2004-x64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd...eR0.r0

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

linux.amd6...cam.so

ubuntu-18.04-amd64

1

linux.amd6...eR0.r0

ubuntu-18.04-amd64

1

linux.amd6...eR3.so

ubuntu-18.04-amd64

1

linux.amd6...pto.so

ubuntu-18.04-amd64

1

linux.amd6...ain.so

ubuntu-18.04-amd64

1

linux.amd6...nVM.so

ubuntu-18.04-amd64

1

linux.amd6...rR3.so

ubuntu-18.04-amd64

1

linux.amd6...mR3.so

ubuntu-18.04-amd64

1

linux.amd6...RDP.so

ubuntu-18.04-amd64

1

linux.amd6...ypt.so

ubuntu-18.04-amd64

1

Analysis

  • max time kernel
    98s
  • max time network
    143s
  • platform
    macos_amd64
  • resource
    macos-20220504-en
  • resource tags

    arch:amd64arch:i386image:macos-20220504-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    24/05/2023, 04:42

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    darwin.amd64/VBoxPuelMainVM.dylib

  • Size

    31KB

  • MD5

    d23d6289236d5268f17a781b596da96f

  • SHA1

    7e2ddb5bdc1d4c74d971a963ac0c9d6f4c22d2b7

  • SHA256

    06f87b41033cf2313fe639ec825781b1a025325465c9cdfe3ddb4243c82a4a35

  • SHA512

    1d04c44ca0d53c8578cd758e5701dc630a86685ae5a2587fff38d87b23afb96a2bdad226f3c65c28ed8bef86ac5bf7bc6be26a11aaf83eebc794f53ddecb3b01

  • SSDEEP

    192:e2fgu5eu+6ild+NLZlbSzr+RjG8P0GzrzjFJlzr/8rgUrvplkrv75alZ8P09rT:euYfiZRGr+Q8frzhrCzrv7krNab8erT

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/darwin.amd64/VBoxPuelMainVM.dylib\""
    1⤵
      PID:519
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/darwin.amd64/VBoxPuelMainVM.dylib\""
      1⤵
        PID:519
      • /bin/bash
        sh -c "sudo /bin/zsh -c \"/Users/run/darwin.amd64/VBoxPuelMainVM.dylib\""
        1⤵
          PID:519
        • /usr/bin/sudo
          sudo /bin/zsh -c /Users/run/darwin.amd64/VBoxPuelMainVM.dylib
          1⤵
            PID:519
          • /usr/bin/sudo
            sudo /bin/zsh -c /Users/run/darwin.amd64/VBoxPuelMainVM.dylib
            1⤵
              PID:519
              • /bin/zsh
                /bin/zsh -c /Users/run/darwin.amd64/VBoxPuelMainVM.dylib
                2⤵
                  PID:522
                • /bin/zsh
                  /bin/zsh -c /Users/run/darwin.amd64/VBoxPuelMainVM.dylib
                  2⤵
                    PID:522
                  • /Users/run/darwin.amd64/VBoxPuelMainVM.dylib
                    /Users/run/darwin.amd64/VBoxPuelMainVM.dylib
                    2⤵
                      PID:522
                    • /Users/run/darwin.amd64/VBoxPuelMainVM.dylib
                      /Users/run/darwin.amd64/VBoxPuelMainVM.dylib
                      2⤵
                        PID:522

                    Network

                    MITRE ATT&CK Matrix

                    Replay Monitor

                    Loading Replay Monitor...

                    Downloads