File | Details |
/tmp/.hostname | gmzera54l5qpa6lm.onion |
/tmp/.privatkey | RSA private key |
File | Details |
/private/tmp/.com.apple.upd.plist | Copy of ~/Library/LaunchAgents/.com.apple.upd.plist |
~/Library/LaunchAgents/.com.apple.upd.plist | Persistence mechanism |
/tmp/loglog | Malware execution logs |
Filename | SHA256 | Detection name |
plugin | 6fe741ef057d38dd6d9bbe02dacbcb4940dac6c32e0f50a641e73727d6bf60d9 | Trojan.SH.GMERA.A |
stock | 6f48ef0d76ce68bbca53b05d2d22031aec5ce997e7227c3dcb20809959680f11 | Trojan.SH.GMERA.A |
Stockfoli | efd5b96f489f934f2465a185e43fddf50fcde51b12a8fb91d5d93b09a21706c7 | Trojan.MacOS.GMERA.A |
Trial_Stockfoli.zip | 18e1db7c37a63d987a5448b4dd25103c8053799b0deea5f45f00ca094afe2fe7 | Trojan.MacOS.GMERA.A |
Filename | SHA256 | Detection name |
com.apple.upd.plist | be8b6549da925f285307b17c616a010a9418af70d090ed960ade575ce27c7787 | Trojan.MacOS.GMERA.B |
run.sh | d50f5e94f2c417623c5f573963cc777c0676cc7245d65967ca09a53f464d2b50 | Trojan.SH.GMERA.B |
Stockfoli | 83df2f39140679a9cfb55f9c839ff8e7638ba29dba164900f9c77bb177796e03 (sample 2) | Trojan.MacOS.GMERA.B |
Trial_Stockfoli.zip | faa2799751582b8829c61cbfe2cbaf3e792960835884b61046778d17937520f4 (sample 2) | Trojan.MacOS.GMERA.B |