General
-
Target
PostgreSQL_v.8.24.dmg
-
Size
8.5MB
-
Sample
240524-es8ysacg5y
-
MD5
e5375e47d4aa57e099bd80680afc9df3
-
SHA1
222fccee4cbc41a5612a3d3ed034bfb311f2a6bb
-
SHA256
01c9714f985ea18e3d62c611a83c36780d74617c2b284214c7fd06ba4aa78790
-
SHA512
836d37a23705abc4114d7153ad65a24465db9d4ece63856780dc2a16c596334be92af99bbf6c711acd688c50867b4fa775bb3f912d128ea6eff1d3ee592b0b82
-
SSDEEP
98304:c/gmaYwRcXEcwxMpiosLk9mU77yzl+mF4Ncsekgdsj1CwudKByOudKByrZkVypHS:cQfcwhosfjDpkKW75h5ryuoMYkUw
Static task
static1
Malware Config
Targets
-
-
Target
PostgreSQL_v.8.24.dmg
-
Size
8.5MB
-
MD5
e5375e47d4aa57e099bd80680afc9df3
-
SHA1
222fccee4cbc41a5612a3d3ed034bfb311f2a6bb
-
SHA256
01c9714f985ea18e3d62c611a83c36780d74617c2b284214c7fd06ba4aa78790
-
SHA512
836d37a23705abc4114d7153ad65a24465db9d4ece63856780dc2a16c596334be92af99bbf6c711acd688c50867b4fa775bb3f912d128ea6eff1d3ee592b0b82
-
SSDEEP
98304:c/gmaYwRcXEcwxMpiosLk9mU77yzl+mF4Ncsekgdsj1CwudKByOudKByrZkVypHS:cQfcwhosfjDpkKW75h5ryuoMYkUw
-
Queries the macOS version information.
An adversary may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture.
-
System Checks
Adversaries may employ various system checks to detect and avoid virtualization and analysis environments. This may include changing behaviors based on the results of checks for the presence of artifacts indicative of a virtual machine environment (VME) or sandbox.
-
File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity. Malware, tools, or other non-native files dropped or created on a system by an adversary (ex: Ingress Tool Transfer) may leave traces to indicate to what was done within a network and how. Removal of these files can occur.
-