VIRTUALGATE (Windows) (58926fd0-4662-4ea9-afd5-aab2536bc95b)
VIRTUALGATE (Windows) is a utility program written in C that is comprised of two (2) parts, a dropper, and the payload. The memory only dropper deobfuscates a second stage DLL payload that uses VMware's virtual machine communication interface (VMCI) sockets to run commands on a guest virtual machine from a hypervisor host, or between guest virtual machines on the same host.[Google Cloud September 29 2022]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| UNC3886 (23af694a-11f4-43eb-a176-683059b301cb) | Tidal Groups | VIRTUALGATE (Windows) (58926fd0-4662-4ea9-afd5-aab2536bc95b) | Tidal Software | 1 |