e198b8d5f0cd71230509abec9855e737943bb99d8664c95d03ae9c3f395825ce | Triage

Resubmissions

04/02/2024, 13:35

240204-qv17habab6 7

04/02/2024, 12:57

240204-p6zx5saad5 7

Sharing

Copy URL Twitter E-mail

General

Target

MacKeeper.6.6.2.pkg
Size

124KB
Sample

240204-qv17habab6
MD5

455a12c0f3c78799ea1fece44589342e
SHA1

9c1c0e90b5b799958b5a8727424a7092ee65a2c3
SHA256

e198b8d5f0cd71230509abec9855e737943bb99d8664c95d03ae9c3f395825ce
SHA512

c5ccd0ce4490cedcf8526b2e9c37013742b516835665157236ab0e6deb4f47b57890c51b42800c4f9ed2d7e2844c5979a23e0edbdaf9d1610e04cbb685ed3449
SSDEEP

1536:DEW46NGiKoItSACBr33YLVNpwmj4OXAQbUjrOeiPN/QZvH+y1Sr1CIYlswhTQyl0:vDmtXCBr3iVLcOXSBehenSUNQSe0wF

Score

7^/10

discovery evasion execution exfiltration macos

Malware Config

Targets

- Target
  
  MacKeeper.6.6.2.pkg
- Size
  
  124KB
- MD5
  
  455a12c0f3c78799ea1fece44589342e
- SHA1
  
  9c1c0e90b5b799958b5a8727424a7092ee65a2c3
- SHA256
  
  e198b8d5f0cd71230509abec9855e737943bb99d8664c95d03ae9c3f395825ce
- SHA512
  
  c5ccd0ce4490cedcf8526b2e9c37013742b516835665157236ab0e6deb4f47b57890c51b42800c4f9ed2d7e2844c5979a23e0edbdaf9d1610e04cbb685ed3449
- SSDEEP
  
  1536:DEW46NGiKoItSACBr33YLVNpwmj4OXAQbUjrOeiPN/QZvH+y1Sr1CIYlswhTQyl0:vDmtXCBr3iVLcOXSBehenSUNQSe0wF
Score

7^/10

discovery evasion execution exfiltration
- Exfiltration Over Alternative Protocol
  exfiltration
- Queries the hardware information (I/O Kit registry).
  discovery
- Queries the macOS version information.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Resource Forking

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Exfiltration Over Alternative Protocol

Exfiltration Over Unencrypted Non-C2 Protocol

Impact

Tasks

static1

behavioral1

discoveryevasionexecutionexfiltration