Overview

overview

4

Static

static

1

ExtPack-license.html

windows7-x64

3

ExtPack-license.html

windows10-2004-x64

3

ExtPack-license.rtf

windows7-x64

4

ExtPack-license.rtf

windows10-2004-x64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd...eR0.r0

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.amd....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

darwin.arm....dylib

macos-10.15-amd64

1

linux.amd6...cam.so

ubuntu-24.04-amd64

1

linux.amd6...eR0.r0

ubuntu-24.04-amd64

1

linux.amd6...eR3.so

ubuntu-20.04-amd64

1

linux.amd6...pto.so

ubuntu-24.04-amd64

1

linux.amd6...ain.so

ubuntu-18.04-amd64

1

linux.amd6...nVM.so

ubuntu-24.04-amd64

1

linux.amd6...rR3.so

ubuntu-24.04-amd64

1

linux.amd6...mR3.so

ubuntu-22.04-amd64

1

linux.amd6...RDP.so

ubuntu-24.04-amd64

1

Analysis

  • max time kernel
    69s
  • max time network
    128s
  • platform
    macos-10.15_amd64
  • resource
    macos-20241106-en
  • resource tags

    arch:amd64arch:i386image:macos-20241106-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    03/12/2024, 14:58

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    darwin.amd64/VBoxVRDP.dylib

  • Size

    856KB

  • MD5

    8bffa5f2a171bf016ebabf6f610ca2c4

  • SHA1

    9e945fd27f45b957b746095cac3b29761008017c

  • SHA256

    4ca211e74ba01d63d17363ee93848ffb5721a6ec637020428875281d4e657ff8

  • SHA512

    e068f984af077dfccaddf089852d7d9ecfb1b07da81759b7499b2c01f8b7a53ff84069f19362492da4ce280d3e31cf77d2c78daba9a9e6e1ff49ae9d5f879a7e

  • SSDEEP

    12288:vQf0XZ2DGCQJ6ObgD4Jzfy2CZXz6rdtVKdE2SzvaPu7U0N2ZxL/A05Z37Txe+d2j:4foFXJ9N

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/darwin.amd64/VBoxVRDP.dylib\""
    1⤵
      PID:471
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/darwin.amd64/VBoxVRDP.dylib\""
      1⤵
        PID:471
      • /usr/bin/sudo
        sudo /bin/zsh -c /Users/run/darwin.amd64/VBoxVRDP.dylib
        1⤵
          PID:471
          • /bin/zsh
            /bin/zsh -c /Users/run/darwin.amd64/VBoxVRDP.dylib
            2⤵
              PID:472
            • /Users/run/darwin.amd64/VBoxVRDP.dylib
              /Users/run/darwin.amd64/VBoxVRDP.dylib
              2⤵
                PID:472

            Network

                  MITRE ATT&CK Matrix

                  Replay Monitor

                  Loading Replay Monitor...

                  Downloads