![]() ![]() It will check for the presence of ~/Library/._insu on disk, if present, Silver Sparrow removes all of its components from the endpoint. To check the file MD5 hash, open Terminal.app in your Mac and type md5 updater.pkg # or any other file Quick DiagnoseĪccording to Red Canary, Silver Sparrow includes a check file check that removes all persistence mechanisms and scripts. ![]() ![]() They also discovered version 2 of the malware which is M1-chip compatible.įor more technical details, check out the article published at Malware Filesįrom the latest record in VirusTotal, both version 1 and 2 malware are named updater.pkg with these MD5 file hash: Malware version 1 File name: updater.pkg (installer package for v1) MD5: 30c9bc7d40454e501c358f77449071aa Malware version 2 File name: update.pkg (installer package for v2) MD5: fdd6fb2b1dfe07b0e57d4cbfef9c8149 Engineers at Red Canary first detected version 1 of the macOS malware earlier in Jan 2021. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |