Overview

overview

1

Static

static

1

launchdhook.dylib

macos-10.15-amd64

1

nekod

macos-10.15-amd64

1

nekoutil.app/nekoutil

macos-10.15-amd64

1

opainject

macos-10.15-amd64

1

rootlesshooks.dylib

macos-10.15-amd64

1

systemhook.dylib

macos-10.15-amd64

1

Payload/ne...server

macos-10.15-amd64

1

Payload/ne...nekojb

macos-10.15-amd64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    476893436b6f7feca1e17bea59263c8a.bin

  • Size

    17.9MB

  • MD5

    0d4f5de23db1448259253123355fa5ce

  • SHA1

    35707f4a3e35347c7fd358878e791902f5cbfdce

  • SHA256

    d00d74dc4fbe897d20164af2a086f82cb9fc5bb81c115514c34768b6087ab163

  • SHA512

    7d9b359564c44196c4de3b6c0aaa41fbc44f17f38ad7e33278128f265831942533e2dec8778a05ea44fe647d98d0b3340cce9578aa0bab01754cd56d43a81e9e

  • SSDEEP

    393216:XEk78/ACNqI25pH+/f5ye1Bqxpddah2Z1bMMxTTJ:XEkXCNqI25pe/fF0py2Ys/J

Score
1/10

Malware Config

Signatures

Files

  • 476893436b6f7feca1e17bea59263c8a.bin
    .zip

    Password: infected

  • 28ef44e17fd66b19b223b30b7970cd2e8a372f6f40117d6daa5010b522d3c9fb.zip
    .zip

    Password: infected

  • Payload/nekojb.app/[email protected]
    .png
  • Payload/nekojb.app/AppIcon76x76@2x~ipad.png
    .png
  • Payload/nekojb.app/Assets.car
  • Payload/nekojb.app/Info.plist
  • Payload/nekojb.app/PkgInfo
  • Payload/nekojb.app/XPC.apinotes
  • Payload/nekojb.app/_CodeSignature/CodeResources
    .xml
  • Payload/nekojb.app/ar.lproj/Localizable.strings
  • Payload/nekojb.app/basebin.tar
    .tar

    Password: infected

  • LaunchDaemons/xyz.hhls.nekod.plist
    .xml
  • fallback/CydiaSubstrate.framework/CydiaSubstrate
    .dylib macos arch:arm64
  • launchdhook.dylib
    .dylib macos arch:arm64
  • nekod
    .macho macos arch:arm64
  • nekoutil.app/[email protected]
    .png
  • nekoutil.app/AppIcon76x76@2x~ipad.png
    .png
  • nekoutil.app/Assets.car
  • nekoutil.app/Base.lproj/LaunchScreen.storyboardc/01J-lp-oVM-view-Ze5-6b-2t3.nib
  • nekoutil.app/Base.lproj/LaunchScreen.storyboardc/Info.plist
  • nekoutil.app/Base.lproj/LaunchScreen.storyboardc/UIViewController-01J-lp-oVM.nib
  • nekoutil.app/Info.plist
  • nekoutil.app/PkgInfo
  • nekoutil.app/README.md
  • nekoutil.app/en.lproj/Localizable.strings
  • nekoutil.app/nekoutil
    .macho macos arch:arm64
  • nekoutil.app/palera1n_LICENSE
  • opainject
    .macho macos arch:arm64
  • rootlesshooks.dylib
    .dylib macos arch:arm64
  • systemhook.dylib
    .dylib macos arch:arm64
  • Payload/nekojb.app/basebin.tc
  • Payload/nekojb.app/binpack-iphoneos-arm64.tar
    .tar
  • Payload/nekojb.app/binpack-iphoneos-arm64.tc
  • Payload/nekojb.app/com.serena.santanderfm_1.0_iphoneos-arm64.deb
  • Payload/nekojb.app/de.lproj/Localizable.strings
  • Payload/nekojb.app/debugserver
    .macho macos arch:arm64
  • Payload/nekojb.app/ellekit_1.0-18.8c90474_iphoneos-arm64.deb
  • Payload/nekojb.app/en.lproj/Localizable.strings
  • Payload/nekojb.app/es.lproj/Localizable.strings
  • Payload/nekojb.app/fr.lproj/Localizable.strings
  • Payload/nekojb.app/hehe.tc
  • Payload/nekojb.app/nekod.tc
  • Payload/nekojb.app/nekojb
    .macho macos arch:arm64
  • Payload/nekojb.app/notTar
  • Payload/nekojb.app/ro.lproj/Localizable.strings
  • Payload/nekojb.app/ru.lproj/Localizable.strings
  • Payload/nekojb.app/tar.tc
  • Payload/nekojb.app/vi.lproj/Localizable.strings
  • Payload/nekojb.app/ws.hbang.newterm3_3.0.beta1_iphoneos-arm64.deb
  • Payload/nekojb.app/xyz.hhls.nekod.plist
  • Payload/nekojb.app/xyz.willy.zebra_1.1.35_iphoneos-arm64.deb