OSX Kirino (BigFive) BackDoor

Forum for analysis and discussion about malware.

OSX Kirino (BigFive) BackDoor

Postby K_Mikhail » Mon Jul 03, 2017 10:59 am

Subj

[1] https://virustotal.com/en/file/2ccd0e9d ... 499079161/ (HEUR:Exploit.OSX.CVE-2016-4625.a || Exploit.CVE-2016-4625.1 || a variant of OSX/Exploit.CVE-2016-4625.B)

[2] https://virustotal.com/en/file/5b13a275 ... 499079170/

[3] https://virustotal.com/en/file/dd065e79 ... 499079184/

[4] https://virustotal.com/en/file/b2638362 ... 499079198/

Dr.Web anti-virus vendor resume: Mac.BackDoor.BigFive.1, Mac.BackDoor.BigFive.2, Mac.BackDoor.BigFive.3

UPD: Kaspersky anti-virus vendor resume: HEUR:Backdoor.OSX.Rinoki.a
K_Mikhail
 
Posts: 41
Joined: Tue Apr 13, 2010 4:13 pm
Reputation point: 15

Re: OSX Kirino (BigFive) BackDoor

Postby K_Mikhail » Mon Jul 03, 2017 6:16 pm

Mac.BackDoor.BigFive.1, Mac.BackDoor.BigFive.2, Mac.BackDoor.BigFive.3 renamed on Mac.BackDoor.Kirino.1, Mac.BackDoor.Kirino.2, Mac.BackDoor.Kirino.3.
K_Mikhail
 
Posts: 41
Joined: Tue Apr 13, 2010 4:13 pm
Reputation point: 15

Re: OSX Kirino (BigFive) BackDoor

Postby maddog4012 » Wed Jul 05, 2017 1:03 pm

Samples from VT
You do not have the required permissions to view the files attached to this post.
User avatar
maddog4012
 
Posts: 43
Joined: Mon Aug 04, 2014 6:53 pm
Reputation point: 35


Return to Malware

Who is online

Users browsing this forum: No registered users and 14 guests