9960c49e9e2b4d98c0b3ae2da97f17daf7bf5dd19b974f5d2bdfbece8e888b3b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

anydesk.dmg
Size

12.2MB
Sample

240423-pswcssgd37
MD5

3cff095dcdbef87d5db631227d826d34
SHA1

c96dc4aa7264f23d3e5ec5b00608fc5e795681c4
SHA256

9960c49e9e2b4d98c0b3ae2da97f17daf7bf5dd19b974f5d2bdfbece8e888b3b
SHA512

40b10a998090ca1998e27540492aaf2c6fc1f047a5782bf9826edf84d678baef7c7e15df08dd5f2622694965a8b5691d4d3c3147358ea3bf9a4348f58a059493
SSDEEP

393216:/DzW6fQh8fu35WYFabuQcq8AaMDZQz4CyKbkv:bzWQQefu34i+vcq8ANOz4Czbkv

Score

4^/10

evasion macos

Malware Config

Targets

- Target
  
  anydesk.dmg
- Size
  
  12.2MB
- MD5
  
  3cff095dcdbef87d5db631227d826d34
- SHA1
  
  c96dc4aa7264f23d3e5ec5b00608fc5e795681c4
- SHA256
  
  9960c49e9e2b4d98c0b3ae2da97f17daf7bf5dd19b974f5d2bdfbece8e888b3b
- SHA512
  
  40b10a998090ca1998e27540492aaf2c6fc1f047a5782bf9826edf84d678baef7c7e15df08dd5f2622694965a8b5691d4d3c3147358ea3bf9a4348f58a059493
- SSDEEP
  
  393216:/DzW6fQh8fu35WYFabuQcq8AaMDZQz4CyKbkv:bzWQQefu34i+vcq8ANOz4Czbkv
Score

4^/10

evasion
behavioral1
- Target
  
  AnyDesk/AnyDesk.app/Contents/Library/LaunchServices/com.philandro.anydesk.Helper
- Size
  
  1.2MB
- MD5
  
  8780fee6ee1cea70303e87cad696c3bb
- SHA1
  
  d5731de89d351f62f2df8768789ab3156bd555c8
- SHA256
  
  7f593d2339abbeea897875107e690e64e5ecd294226d17ad73e42dcdb3f364cd
- SHA512
  
  42e5b313d8c3063e62cf168d387a74514540d8876b21a29abba42e155f6788f4fa6ffbaa2f14efce790207e3cfd4f3caf0c9b80e5a8c6d2650f38d3bed877b05
- SSDEEP
  
  24576:E0Frq4X3lzkCSdfYIFMEl5uf4JpYnvTlRAJv5:EQweipYnvKv5
Score

1^/10
behavioral2
- Target
  
  AnyDesk/AnyDesk.app/Contents/MacOS/AnyDesk
- Size
  
  18.1MB
- MD5
  
  96038326b646094a2e0cef816d3a0be7
- SHA1
  
  2e9abc025061c18690ee1ecb4faf8397ab7b3ca9
- SHA256
  
  adf0e7a3124ea007ead87b270572096c7495ff03512f67689f311d42180e16ec
- SHA512
  
  a575ddddf1e3d42d31034e493abd92385cb6db4121cb673b20c223823bde7173f71ac432da3c33da3c5b54237d6e3c244c3efb30e24120b29b54d4da9be9afca
- SSDEEP
  
  196608:QPI/hWEq7pr+fdq+d6bCeWnvZ8uqn6WzVJVUeaEL3y1v:Qyv8r+fdq+gbovZ8rn6W
Score

4^/10

evasion
behavioral3
- Target
  
  AnyDesk/AnyDesk.app/Contents/_CodeSignature/CodeResources
- Size
  
  35KB
- MD5
  
  2578efd7a92f334bd7773ac4b1739c1c
- SHA1
  
  131372aef3a806c13a454534cd9d927046d84d3a
- SHA256
  
  252ac947a85aca1c17c5d3bc33331438298cf01f6f656c513e59c513fd26e43d
- SHA512
  
  e8da77ada4d642f12be381f7161f1f53dd3e7e65c4debd121a5e5fd341fc60dcf7754b88fed6a17e873c3de66e10ce40f3a3150d2fce3abd88a2bd468ba0653c
- SSDEEP
  
  384:quKwNha4iuSJ+BAmNeNJi/lxTKUg61WZg2JAWfgptp4KYbHGRGURZP4PV65uS6s9:quKwToP60Zg2JWBxv9Dzd
Score

1^/10
behavioral4 behavioral5

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Resource Forking

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5