Overview

overview

10

Static

static

10

Covid/covid

windows11-21h2-x64

1

Covid/covid

macos-10.15-amd64

1

Covid/softwareupdated

windows11-21h2-x64

1

Covid/softwareupdated

macos-10.15-amd64

1

Covid/vpn.dmg

windows11-21h2-x64

3

Covid/vpn.dmg

macos-10.15-amd64

7

vpn.app/Co...OS/vpn

windows11-21h2-x64

1

vpn.app/Co...OS/vpn

macos-10.15-amd64

7

vpn.app/Co...script

windows11-21h2-x64

1

vpn.app/Co...script

macos-10.15-amd64

7

Resubmissions

07-11-2024 18:36

241107-w9c14sxcjh 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Covid.zip

  • Size

    6.1MB

  • MD5

    eaf401c1600c02f02082af187cd5caf8

  • SHA1

    442de34f63c39c8bb4df66b56c2d74cbdb1e97a0

  • SHA256

    809631d5c1dfd10a9e185e7ca312eeddcdb46b3ba4afa60ab8cb61accbf3a5fa

  • SHA512

    1bafa709232a1af604ff57454ca9931e5abf9a2acc0a9d32b08ff54457d26a273bc81fc033831b9a9d4296c6175b89804a73ed663ddb395a6d0c8fd5236db962

  • SSDEEP

    196608:Ibfm/K3CXUxEsuOjzVvKzPnF5tZsWCbOCrGw7:S4KR3KPnF5fDSOCrGw7

Score
10/10
sliver

Malware Config

Signatures

  • Sliver RAT v2 1 IoCs
  • Sliver family
    sliver

Files

  • Covid.zip
    .zip

    Password: infect3d

  • Covid/covid
    .macho macos arch:x64
  • Covid/readme.txt
  • Covid/softwareupdated
    .macho macos arch:x64
  • Covid/vpn.dmg
    .dmg macos

    Password: infect3d

  • .DS_Store
  • .DS_Store:com.apple.FinderInfo
  • 0.img
  • vpn.app/Contents/Info.plist
  • vpn.app/Contents/MacOS/vpn
    .macho macos arch:x64
  • vpn.app/Contents/Resources/AppIcon.icns
  • vpn.app/Contents/Resources/AppIcon.icns:com.apple.quarantine
  • vpn.app/Contents/Resources/AppSettings.plist
  • vpn.app/Contents/Resources/MainMenu.nib
  • vpn.app/Contents/Resources/script
    .sh linux
  • vpn.app/Contents/Resources/script:com.apple.macl
  • vpn.app/Contents/Resources/script:com.apple.quarantine
  • vpn.app/Icon :com.apple.FinderInfo
  • vpn.app/Icon :com.apple.ResourceFork