b88e6154aeb1c8505580917f36abef82ab4033e871559ed3634d90f9a144131f

Sharing

Copy URL

Twitter E-mail

General

Target

esign_4.8.2_unsigned.ipa
Size

6.8MB
Sample

231115-wvvydaee4y
MD5

825de48ae929d503e838c6952ff2fc77
SHA1

3199e665fed56762817cf486879177decd1200a5
SHA256

b88e6154aeb1c8505580917f36abef82ab4033e871559ed3634d90f9a144131f
SHA512

c365b94d3291bd660ea3deced8dfdd0e0579cdd7b5576cb2e20ec582fd52af1adf56aab17b9ea7dbfd3cd1dd2d5bd33faf58b4d6ad6093ef28704ef97fd4a4fa
SSDEEP

196608:P9aU4a6TMoyz7g90hrjhXcvPvHcQWVwheDjkX4Z:PD6Tj80wrFMvPv8TuheXkXo

Score

6^/10

Malware Config

Targets

- Target
  
  Payload/ESign.app/Assets.car
- Size
  
  1.5MB
- MD5
  
  8f63256f6deb6681dc55c9adf92669e6
- SHA1
  
  c86a3c611f182bf21ba9622df3fddcf74b384694
- SHA256
  
  8b8ee995e41859ef45cfe5ae1d5147e7d127fdc89b74d98822f767f7b63e0365
- SHA512
  
  0b19107961103faed1f836ffa6f844227ed3f98d8c09b454fbbca5ddf6d531febe1b2645acc4ba9d0fbb101b6d949c55fb995f53b11cb14a2e654f7e6007f90a
- SSDEEP
  
  12288:VIdD6RdK+bPdzRibfZUeEsoUsTgBbVJzyoygT6SfzXCp+c0SvggkWxXkvZkoXT/8:Vqg154TpXgvJkWtsT/1xU/qZx
Score

1^/10
behavioral1 behavioral2
- Target
  
  Payload/ESign.app/ESign
- Size
  
  14.1MB
- MD5
  
  ceef5794faaf0297f451b80293ab2e81
- SHA1
  
  883909263493fcc34b2c43359165d91037838919
- SHA256
  
  a101e2aea1a97765f04640176cca504b7023fe8ebb4774576e81d9f400de59b9
- SHA512
  
  3eb1c5a7fa1452a77872fb042b078f307017d8cae1f19747f71ea130a7a5fa7439132141bbf669295b2e2944aeab4d73f2d5b3f2874c4452a570ca5c13ce4907
- SSDEEP
  
  393216:cwQ1Dj28ttf9qYoK9d64kVbPyKQLTR7G2bQGPE0m3VbjCflssY3by1sb305Yb3Yx:cqKkLibQGPE0m3VbjCflssY3by1sb30T
Score

1^/10
behavioral3
- Target
  
  Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/index.html
- Size
  
  9KB
- MD5
  
  9d8f28f7f146df3bfaa790f1f0a4b43d
- SHA1
  
  658c205ccfefc68b71374bd5da4bc461c2bbe38c
- SHA256
  
  8ce1267aa1c066e0dd98cb551ba2bf2755cf8f01cb0777bfa1f00850749b537b
- SHA512
  
  406879e5b86b3273df1c09f1998db33ba98511a10a0ede7170c23445ebcb73fd39a5e0641ce3020db62db920075d145b2940a81266036811cf7f6d44c3219177
- SSDEEP
  
  192:qorsIrsUSt3ix3HUrSR6LM9wCINJcYcpMvMwQYsquMEGKlps4Rc4cmnGXIzpFtTt:NrsIrsUSVQHaSR0y8LcYcpM0wQYsquM0
Score

1^/10
behavioral4 behavioral5
- Target
  
  Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/bootstrap.min.js
- Size
  
  28KB
- MD5
  
  ba847811448ef90d98d272aeccef2a95
- SHA1
  
  5814e91bb6276f4de8b7951c965f2f190a03978d
- SHA256
  
  898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
- SHA512
  
  bced99d9331614757643273441a2b8921103382949ab0e510f386c453ec2a2359da39680d8a169e6bcbe7531844eaf5f598560f0d133d3fa3a9f6c7502b148df
- SSDEEP
  
  768:jryxMjJYkskKzykVtCb+9C8agZMdyKHfivbOCtFKH:3HbjZC7w
Score

1^/10
behavioral6 behavioral7
- Target
  
  Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/html5shiv.min.js
- Size
  
  2KB
- MD5
  
  0ce8f355891c26c28f057e195e97dcd5
- SHA1
  
  3c7b369485cadd585d24be44701e459c8aa54d60
- SHA256
  
  8c7a9c0470563367ab00307b4fb9bb3052d0a27f0b94e63b9dc0bb8c369449cb
- SHA512
  
  2ef548277956106a8f0a21bee9a99f4dc804142cf77996a8355b453e1a9da5e4e39187bc87d67f9438f7acec4ea7e43f29a8d2b881fcd24b547a32537adeae1b
Score

1^/10
behavioral8 behavioral9
- Target
  
  Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/index.js
- Size
  
  11KB
- MD5
  
  64bcb9bd86e4265c1e1c9b7f0bdad2a4
- SHA1
  
  607acb49395e0531c60c4cd1c326ee530b7d047a
- SHA256
  
  e7d11c6392a54f1afef8205874b5d5b9d8ce3c7dae38b42d342bad89b44d9467
- SHA512
  
  ba7d55a86b1659061b01a823fcaee02f8ba8acada391f4d8515670520f546ea676b69b240b50715618ae06c189c94b26919c6da410e71de15364529f91d37bf8
- SSDEEP
  
  192:KorsIrsUSt3ix3HUYRQS0ELIYNQSIytnnI5wgUujRuMhTqQF33zzARK6H7D0zvL0:trsIrsUSVQH2EVKlfxvBojH3KxO
Score

1^/10
behavioral10 behavioral11
- Target
  
  Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/jquery.fileupload.js
- Size
  
  60KB
- MD5
  
  0a5e19875e467aa3f86c05182d28f550
- SHA1
  
  826329b6bd2df7c57a03bc2a342c27ecd3248822
- SHA256
  
  2b3df6d6dbe0c03ec7724dba14bd98f38cf0b4cfb4737e3fff7ff0594d103056
- SHA512
  
  a3c6878d8c90587948902ece767f8cbe08f4ccb99d274df7c4cddab713be9220f7088ed5376079b086a403fc30d7e143fac7cde52495ed97bc1dd64ea74adc6c
- SSDEEP
  
  768:skMch0r9GSzv5OhS4dNWzC8kNa9cxory0gn3DLpVNk2:HQzviSlzCO9OO2DLpVZ
Score

1^/10
behavioral12 behavioral13
- Target
  
  Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/jquery.iframe-transport.js
- Size
  
  10KB
- MD5
  
  9828c2356a0c63bd4b80b3a1c2698e19
- SHA1
  
  c91ad4c6a34839e7e2ad1cdf983b666a94f99546
- SHA256
  
  e127082f8c4e76952f5a8e1e9a0c2731372ca3f7d800fa9a5ec1bed0a516c2a9
- SHA512
  
  176d82ea767ad6d4d306964371f5bad60b908539e35062e861d5a4f637942796dac2d62ee8dc724945dcf5047faff43893841704711e0dc33c106b2346f336c0
- SSDEEP
  
  192:/nNlAOkhBIskbma7g+0LmU6/NfSmvN+wCniIy4:A9f+18Df
Score

1^/10
behavioral14 behavioral15
- Target
  
  Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/jquery.jeditable.js
- Size
  
  23KB
- MD5
  
  93328502da0021e0472587884e148673
- SHA1
  
  b0d45e340fbfc62e0d41965fce9cec1c506eaf5d
- SHA256
  
  882892a2c0ecb30e180f4305c2e04d7f8f24968681473ee8f9e48aad45c36587
- SHA512
  
  80ada1414fd725d51a62974a5909b5475f7fea37169ad1f2b3ea311e06a4b209f9a36fd5ac3cd5d9a56c7cbae2a33d7a3a0939c246cd858339cd3147d6c2d328
- SSDEEP
  
  384:kaiWqw2almv0UHLcG6cspPj1ezsVqCIJ1D0N2NX:lqw2awvEj1eeqCIJp7NX
Score

1^/10
behavioral16 behavioral17
- Target
  
  Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/jquery.min.js
- Size
  
  94KB
- MD5
  
  8fc25e27d42774aeae6edbc0a18b72aa
- SHA1
  
  b66ed708717bf0b4a005a4d0113af8843ef3b8ff
- SHA256
  
  b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
- SHA512
  
  87d90a665c15d71ac872bd8bc003d9863964c7ec7ada6370b902b93c0bbd7770fe25730d946c7c6a465baa95efa74bc0e78af3f83aea615af35060cc8702a6c1
- SSDEEP
  
  1536:EPpEy5BMibZGOj/bEe8v+/UWf4IhvAuCh/jqkODZ2D5N9Rag0MOIdSZAgtgoX5Yn:bIO/e2D5c4LgtImLja98HrK
Score

1^/10
behavioral18 behavioral19
- Target
  
  Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/jquery.ui.widget.js
- Size
  
  14KB
- MD5
  
  d1d42e7b1fa13faeeb3f1d9487107135
- SHA1
  
  68f3b63eb6242f2d77531257cfc8194e335502ef
- SHA256
  
  30e522d238f9e84ad8289ab5b43ee396ffbd1e96c8eab77157fbc6fa30edaacd
- SHA512
  
  83546162a687b18ae3453816177bdaff45f97adfc9701ed26acfa2758e2a748f1408413df590a43f73c143c1e2eac92c790aadcab509920b3da86ab5013a77b1
- SSDEEP
  
  384:EoP+wRnaPhYzsi+meG752KIg1IqtvATHtBf/eZIu+z+nUjB:1PEYzr77zIXpNBf//B
Score

1^/10
behavioral20 behavioral21
- Target
  
  Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/respond.min.js
- Size
  
  4KB
- MD5
  
  afc1984a3d17110449dc90cf22de0c27
- SHA1
  
  b5aba40d65b0d6f85859db47f757ea971a0efd30
- SHA256
  
  83a8807ef669fa70d0d9375347f5552897f76c6ae8e2e6f97ef592595462d8d1
- SHA512
  
  a9656fade32e1fd8b40ebba070eb627f176d6550412f45fbe6bf58c1e5ec7421ed5d489d95cb70ecd5e0e4a54fdc84cfb6a6764b9ef9034c0592f812d9a9ea48
- SSDEEP
  
  96:fmyBKAqK8GALbDdHx2YreRfMbSsYWjIvMAyAepEOHSQGw7TnK:f9qpG0tx2YreRfMbS8jIvMANepEOHSam
Score

1^/10
behavioral22 behavioral23
- Target
  
  Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/tmpl.min.js
- Size
  
  977B
- MD5
  
  bcb48547ab4ca73bb8ce6065013660d2
- SHA1
  
  58d4e6d37ae86bb8ec4b057a2767d0399c75e7cb
- SHA256
  
  8e882ad3513da790ead8b75161f03780a134a0dde5cbbae7ded807915bc23aa9
- SHA512
  
  8de87bd07faebaba2e1acb212a4e8707219341522c75eb8ee7cec12878064345acd91a5085548a2a2cbbe1c62959d79bee8c09864ac946db9d7f7277395791f4
Score

1^/10
behavioral24 behavioral25
- Target
  
  Payload/ESign.app/QMUIResources.bundle/Assets.car
- Size
  
  486KB
- MD5
  
  485aa9b9c11398c464d0c9535460b774
- SHA1
  
  2966cd8399f0bd5c4add81ea60f040a080936ab0
- SHA256
  
  2799307ba2063993f13fe5582c3ea3218990fa1ddedd7aee575d0b3effb8a3e1
- SHA512
  
  553471a4633e0f4a67d7dc816f2ef1840ec8beec3f5f755ef6a2cb2614c7c5e7002ee2d9b5503e73d2a14d31b518c17084e9da0bc2d7e7f539a8e4951b163c1e
- SSDEEP
  
  3072:IigNfod6Nq71AFSXwRJ0gLMTBRFDa9aft0UU1842Chi6zak5mY7:IigNfod6E7x8lLM7FDagfH941ta9
Score

1^/10
behavioral26 behavioral27

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27