91a8cafe34209fd52d5b5652b530c7aad2f35588d1175a5293a15f2096707bbc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

522a5015d4d11833ead6d88d4405c0f4119ff29b1f64b226c464e958f03e1434.zip
Size

7.5MB
Sample

230418-y6n1bafg7v
MD5

822187d033246cc0b9277dde1069a69e
SHA1

f0ed2e18f79de7f9b804f1f37012b8d95fcf7144
SHA256

91a8cafe34209fd52d5b5652b530c7aad2f35588d1175a5293a15f2096707bbc
SHA512

5e34e8f60ef7c16cc5debd112bc32c029a551ec67853135349fdb7a55a640ed0d58fd3623e1959a949a5216629903226efa60484885b29084aca99564d4c011e
SSDEEP

196608:/gCOIsB2YyWoYGjPK5/Z+HmiGWHxjegK2H2kZjMpULh:Inzna2ZmVTHtegZWZW

Score

8^/10

discovery macos

Malware Config

Targets

- Target
  
  522a5015d4d11833ead6d88d4405c0f4119ff29b1f64b226c464e958f03e1434.macho
- Size
  
  19.2MB
- MD5
  
  6d719c9a7538e24bc23400b446d94010
- SHA1
  
  98b629758fabb99dc84723cb6bd26fb10cb40e3c
- SHA256
  
  522a5015d4d11833ead6d88d4405c0f4119ff29b1f64b226c464e958f03e1434
- SHA512
  
  e72f5546a4c885341ca2ffb09418394acfcb7a8504c0c2b7eda8e95d7f0e0622758c053a28e596bfcd45ca8a7485fa432c98cf6cace5542ff6b6e3e08b9cc02d
- SSDEEP
  
  196608:CmKGAHyBqCPoo2A/d+mRD57vL50vxmL/H4cdNnpfMx3t:YisxaH4cH9W
Score

8^/10

discovery
- Contacts a large (683) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1