452320f3b1da42b30c32ea5ab5887983b575638ceb4e3beacfefbbb3b0510a48 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

3

ExtPack-license.html

windows7-x64

1

ExtPack-license.html

windows10-2004-x64

1

ExtPack-license.rtf

windows7-x64

4

ExtPack-license.rtf

windows10-2004-x64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd...eR0.r0

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

linux.amd6...cam.so

ubuntu-18.04-amd64

1

linux.amd6...eR0.r0

ubuntu-18.04-amd64

1

linux.amd6...eR3.so

ubuntu-18.04-amd64

1

linux.amd6...pto.so

ubuntu-18.04-amd64

1

linux.amd6...ain.so

ubuntu-18.04-amd64

1

linux.amd6...nVM.so

ubuntu-18.04-amd64

1

linux.amd6...rR3.so

ubuntu-18.04-amd64

1

linux.amd6...mR3.so

ubuntu-18.04-amd64

1

linux.amd6...RDP.so

ubuntu-18.04-amd64

1

linux.amd6...ypt.so

ubuntu-18.04-amd64

1

Analysis

max time kernel
134s
max time network
148s
platform
macos_amd64
resource
macos-20220504-en
resource tags

arch:amd64arch:i386image:macos-20220504-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
submitted
24/05/2023, 04:42

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ExtPack-license.html

Resource

win7-20230220-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

ExtPack-license.html

Resource

win10v2004-20230220-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral3

Sample

ExtPack-license.rtf

Resource

win7-20230220-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral4

Sample

ExtPack-license.rtf

Resource

win10v2004-20230220-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral5

Sample

darwin.amd64/VBoxHostWebcam.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

darwin.amd64/VBoxNvmeR0.r0

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

darwin.amd64/VBoxNvmeR3.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

darwin.amd64/VBoxPuelCrypto.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

darwin.amd64/VBoxPuelMain.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

darwin.amd64/VBoxPuelMainVM.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

darwin.amd64/VBoxUsbCardReaderR3.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

darwin.amd64/VBoxUsbWebcamR3.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

darwin.amd64/VBoxVRDP.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

darwin.amd64/VDPluginCrypt.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

darwin.arm64/VBoxNvmeR3.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

darwin.arm64/VBoxPuelCrypto.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

darwin.arm64/VBoxPuelMain.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

darwin.arm64/VBoxPuelMainVM.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

darwin.arm64/VBoxUsbCardReaderR3.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

darwin.arm64/VBoxUsbWebcamR3.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

darwin.arm64/VBoxVRDP.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

darwin.arm64/VDPluginCrypt.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

linux.amd64/VBoxHostWebcam.so

Resource

ubuntu1804-amd64-en-20211208

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

linux.amd64/VBoxNvmeR0.r0

Resource

ubuntu1804-amd64-20221125-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

linux.amd64/VBoxNvmeR3.so

Resource

ubuntu1804-amd64-20221111-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

linux.amd64/VBoxPuelCrypto.so

Resource

ubuntu1804-amd64-en-20211208

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

linux.amd64/VBoxPuelMain.so

Resource

ubuntu1804-amd64-20221111-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

linux.amd64/VBoxPuelMainVM.so

Resource

ubuntu1804-amd64-20221125-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

linux.amd64/VBoxUsbCardReaderR3.so

Resource

ubuntu1804-amd64-en-20211208

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

linux.amd64/VBoxUsbWebcamR3.so

Resource

ubuntu1804-amd64-20221125-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

linux.amd64/VBoxVRDP.so

Resource

ubuntu1804-amd64-20221111-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

linux.amd64/VDPluginCrypt.so

Resource

ubuntu1804-amd64-en-20211208

ubuntu-18.04-amd64

0 signatures

150 seconds

Report Analysis Logs

General

Target

darwin.arm64/VBoxUsbWebcamR3.dylib
Size

101KB
MD5

1d35f057f3f9102428cc8a01482ba4f1
SHA1

87642d9cbcf36c39b83c7307aadb172d3712bdf1
SHA256

bb8f4d31b9a761768a7c1f057522df16ecfe2f23ccc799f3cb5a8b13d1ee5ba5
SHA512

08dee571f2e52348a9a04ac47c9eb1271ba2c791acc84a39a10529d0b795ee72f64fcdfe72a4cef678bdd54d4c10d017df10ff6bdfadd3a724203b5b77bea4eb
SSDEEP

1536:AI6sPr7bEWpnvui3PW5Zo9XOGjTpbFKh:hPrvECnmEW/AjnW

Score

1^/10

Malware Config

Signatures

Processes

/bin/sh
sh -c "sudo /bin/zsh -c \"/Users/run/darwin.arm64/VBoxUsbWebcamR3.dylib\""
1⤵
PID:522

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/darwin.arm64/VBoxUsbWebcamR3.dylib\""
1⤵
PID:522

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/darwin.arm64/VBoxUsbWebcamR3.dylib\""
1⤵
PID:522

/usr/bin/sudo
sudo /bin/zsh -c /Users/run/darwin.arm64/VBoxUsbWebcamR3.dylib
1⤵
PID:522

/usr/bin/sudo
sudo /bin/zsh -c /Users/run/darwin.arm64/VBoxUsbWebcamR3.dylib
1⤵
PID:522
- /bin/zsh
  /bin/zsh -c /Users/run/darwin.arm64/VBoxUsbWebcamR3.dylib
  2⤵
  PID:523
- /bin/zsh
  /bin/zsh -c /Users/run/darwin.arm64/VBoxUsbWebcamR3.dylib
  2⤵
  PID:523
- /Users/run/darwin.arm64/VBoxUsbWebcamR3.dylib
  /Users/run/darwin.arm64/VBoxUsbWebcamR3.dylib
  2⤵
  PID:523
- /Users/run/darwin.arm64/VBoxUsbWebcamR3.dylib
  /Users/run/darwin.arm64/VBoxUsbWebcamR3.dylib
  2⤵
  PID:523

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy