VIRTUALSPHERE (8e231a5b-98a4-4fea-9219-7c616ac87e4c)
VIRTUALSPHERE is the controller part of a simple VMCI-based backdoor. The malware transmits the second command-line argument over the VMCI socket to the server running inside the target VM.[Google Cloud June 18 2024]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| VIRTUALSPHERE (8e231a5b-98a4-4fea-9219-7c616ac87e4c) | Tidal Software | UNC3886 (23af694a-11f4-43eb-a176-683059b301cb) | Tidal Groups | 1 |