Overview

overview

10

Static

static

10

RustBucket...applet

macos-10.15-amd64

1

RustBucket...n.scpt

macos-10.15-amd64

4

RustBucket...XT.rtf

macos-10.15-amd64

4

RustBucket...Viewer

macos-10.15-amd64

1

RustBucket/Stage_3

macos-10.15-amd64

1

RustBucket...stage2

macos-10.15-amd64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    RustBucket (1).zip

  • Size

    4.8MB

  • MD5

    fd8b207d8aedd10215dfa487984796e9

  • SHA1

    4936829ba846c010211e4dd45db31eff4f93f425

  • SHA256

    33119747bf65bd36cbd4cce4eb3834d7da1be4d323de3fa1eb1330d0ce6127d9

  • SHA512

    7145e30ab6072e349699df241c5be08c0ea6c74ecb0e658f9fe7a11c1aeb7545125aa02b16345ae3f36182be9d92470c2ef23414325a9ef9a1d5f535cd3e2117

  • SSDEEP

    98304:nzrNdcptbjOR2TuJC1u+SUOFXvcwNjWPpqW+Jxi4jd5JYyeE:nzr8bCcqMA+NO9vjWwW+B2tE

Score
10/10
rustbucket

Malware Config

Signatures

  • Detects RustBucket payload 1 IoCs
  • Rustbucket family
    rustbucket

Files

  • RustBucket (1).zip
    .zip

    Password: infect3d

  • RustBucket/Internal PDF Viewer (Stage 1).app/Contents/Info.plist
    .xml
  • RustBucket/Internal PDF Viewer (Stage 1).app/Contents/MacOS/applet
    .macho macos arch:x64
  • RustBucket/Internal PDF Viewer (Stage 1).app/Contents/PkgInfo
  • RustBucket/Internal PDF Viewer (Stage 1).app/Contents/Resources/Scripts/main.scpt
    .scpt macos
  • RustBucket/Internal PDF Viewer (Stage 1).app/Contents/Resources/applet.icns
  • RustBucket/Internal PDF Viewer (Stage 1).app/Contents/Resources/applet.rsrc
  • RustBucket/Internal PDF Viewer (Stage 1).app/Contents/Resources/description.rtfd/TXT.rtf
    .rtf
  • RustBucket/Internal PDF Viewer (Stage 2).app/Contents/Info.plist
    .xml
  • RustBucket/Internal PDF Viewer (Stage 2).app/Contents/MacOS/Internal PDF Viewer
    .macho macos arch:arm64 arch:x64
  • RustBucket/Internal PDF Viewer (Stage 2).app/Contents/PkgInfo
  • RustBucket/Internal PDF Viewer (Stage 2).app/Contents/Resources/AppIcon.icns
  • RustBucket/Internal PDF Viewer (Stage 2).app/Contents/Resources/Assets.car
  • RustBucket/Internal PDF Viewer (Stage 2).app/Contents/Resources/Base.lproj/Main.storyboardc/Info.plist
  • RustBucket/Internal PDF Viewer (Stage 2).app/Contents/Resources/Base.lproj/Main.storyboardc/MainMenu.nib/keyedobjects-101300.nib
  • RustBucket/Internal PDF Viewer (Stage 2).app/Contents/Resources/Base.lproj/Main.storyboardc/MainMenu.nib/keyedobjects.nib
  • RustBucket/Internal PDF Viewer (Stage 2).app/Contents/Resources/Base.lproj/Main.storyboardc/NSWindowController-B8D-0N-5wS.nib/keyedobjects-101300.nib
  • RustBucket/Internal PDF Viewer (Stage 2).app/Contents/Resources/Base.lproj/Main.storyboardc/NSWindowController-B8D-0N-5wS.nib/keyedobjects.nib
  • RustBucket/Internal PDF Viewer (Stage 2).app/Contents/Resources/Base.lproj/Main.storyboardc/XfG-lQ-9wD-view-m2S-Jp-Qdl.nib/keyedobjects-101300.nib
  • RustBucket/Internal PDF Viewer (Stage 2).app/Contents/Resources/Base.lproj/Main.storyboardc/XfG-lQ-9wD-view-m2S-Jp-Qdl.nib/keyedobjects.nib
  • RustBucket/Internal PDF Viewer (Stage 2).app/Contents/_CodeSignature/CodeResources
    .xml
  • RustBucket/Stage_3
    .macho macos arch:arm64 arch:x64
  • RustBucket/readme.txt
  • RustBucket/swiftBucket_stage2
    .macho macos arch:arm64 arch:x64