452320f3b1da42b30c32ea5ab5887983b575638ceb4e3beacfefbbb3b0510a48 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

3

ExtPack-license.html

windows7-x64

1

ExtPack-license.html

windows10-2004-x64

1

ExtPack-license.rtf

windows7-x64

4

ExtPack-license.rtf

windows10-2004-x64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd...eR0.r0

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

linux.amd6...cam.so

ubuntu-18.04-amd64

1

linux.amd6...eR0.r0

ubuntu-18.04-amd64

1

linux.amd6...eR3.so

ubuntu-18.04-amd64

1

linux.amd6...pto.so

ubuntu-18.04-amd64

1

linux.amd6...ain.so

ubuntu-18.04-amd64

1

linux.amd6...nVM.so

ubuntu-18.04-amd64

1

linux.amd6...rR3.so

ubuntu-18.04-amd64

1

linux.amd6...mR3.so

ubuntu-18.04-amd64

1

linux.amd6...RDP.so

ubuntu-18.04-amd64

1

linux.amd6...ypt.so

ubuntu-18.04-amd64

1

Analysis

max time kernel
145s
max time network
153s
platform
macos_amd64
resource
macos-20220504-en
resource tags

arch:amd64arch:i386image:macos-20220504-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
submitted
24/05/2023, 04:42

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ExtPack-license.html

Resource

win7-20230220-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

ExtPack-license.html

Resource

win10v2004-20230220-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral3

Sample

ExtPack-license.rtf

Resource

win7-20230220-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral4

Sample

ExtPack-license.rtf

Resource

win10v2004-20230220-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral5

Sample

darwin.amd64/VBoxHostWebcam.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

darwin.amd64/VBoxNvmeR0.r0

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

darwin.amd64/VBoxNvmeR3.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

darwin.amd64/VBoxPuelCrypto.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

darwin.amd64/VBoxPuelMain.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

darwin.amd64/VBoxPuelMainVM.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

darwin.amd64/VBoxUsbCardReaderR3.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

darwin.amd64/VBoxUsbWebcamR3.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

darwin.amd64/VBoxVRDP.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

darwin.amd64/VDPluginCrypt.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

darwin.arm64/VBoxNvmeR3.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

darwin.arm64/VBoxPuelCrypto.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

darwin.arm64/VBoxPuelMain.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

darwin.arm64/VBoxPuelMainVM.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

darwin.arm64/VBoxUsbCardReaderR3.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

darwin.arm64/VBoxUsbWebcamR3.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

darwin.arm64/VBoxVRDP.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

darwin.arm64/VDPluginCrypt.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

linux.amd64/VBoxHostWebcam.so

Resource

ubuntu1804-amd64-en-20211208

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

linux.amd64/VBoxNvmeR0.r0

Resource

ubuntu1804-amd64-20221125-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

linux.amd64/VBoxNvmeR3.so

Resource

ubuntu1804-amd64-20221111-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

linux.amd64/VBoxPuelCrypto.so

Resource

ubuntu1804-amd64-en-20211208

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

linux.amd64/VBoxPuelMain.so

Resource

ubuntu1804-amd64-20221111-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

linux.amd64/VBoxPuelMainVM.so

Resource

ubuntu1804-amd64-20221125-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

linux.amd64/VBoxUsbCardReaderR3.so

Resource

ubuntu1804-amd64-en-20211208

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

linux.amd64/VBoxUsbWebcamR3.so

Resource

ubuntu1804-amd64-20221125-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

linux.amd64/VBoxVRDP.so

Resource

ubuntu1804-amd64-20221111-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

linux.amd64/VDPluginCrypt.so

Resource

ubuntu1804-amd64-en-20211208

ubuntu-18.04-amd64

0 signatures

150 seconds

Report Analysis Logs

General

Target

darwin.amd64/VBoxHostWebcam.dylib
Size

531KB
MD5

ea26096cc28721bde9f687067eca7f8b
SHA1

20af3b51fee5cfa3ac70338f36dab295bd8aa094
SHA256

ce68c9f8dc41c2eb50fe241dcb2bbe2a9b605b45af80cbb8cf776fd770d68c7c
SHA512

06cf9ba14fbdca18cda10bdcee0cd91af435cec35097b1a1e75cccfc6bb9e2abdef39d720f8925f6ba3556ed67696eaf36de60e0add955f3f9939036708c1f5b
SSDEEP

12288:l/kR8QvTQpK0CHJKMAGYyWR+R+oiapzsbQueUY3dvMBCGbKD5VrLnzC2njDJ5M:UJm

Score

1^/10

Malware Config

Signatures

Processes

/bin/sh
sh -c "sudo /bin/zsh -c \"/Users/run/darwin.amd64/VBoxHostWebcam.dylib\""
1⤵
PID:515

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/darwin.amd64/VBoxHostWebcam.dylib\""
1⤵
PID:515

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/darwin.amd64/VBoxHostWebcam.dylib\""
1⤵
PID:515

/usr/bin/sudo
sudo /bin/zsh -c /Users/run/darwin.amd64/VBoxHostWebcam.dylib
1⤵
PID:515

/usr/bin/sudo
sudo /bin/zsh -c /Users/run/darwin.amd64/VBoxHostWebcam.dylib
1⤵
PID:515
- /bin/zsh
  /bin/zsh -c /Users/run/darwin.amd64/VBoxHostWebcam.dylib
  2⤵
  PID:516
- /bin/zsh
  /bin/zsh -c /Users/run/darwin.amd64/VBoxHostWebcam.dylib
  2⤵
  PID:516
- /Users/run/darwin.amd64/VBoxHostWebcam.dylib
  /Users/run/darwin.amd64/VBoxHostWebcam.dylib
  2⤵
  PID:516
- /Users/run/darwin.amd64/VBoxHostWebcam.dylib
  /Users/run/darwin.amd64/VBoxHostWebcam.dylib
  2⤵
  PID:516

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy