General

  • Target

    iZRX10_MORiA.dmg

  • Size

    401.7MB

  • Sample

    240608-blyyfsfh39

  • MD5

    badf9a90a347fffdd44b6cb869c59392

  • SHA1

    46082af5a1b1dc294c900d9224427836e7961980

  • SHA256

    16a084a0bc41ed6cb4a7df79e59050cd3c6990d693f218a3b913118fec94e54d

  • SHA512

    a41415116a8e207a33c4201aadad1705e7e6697b3c9ee760ac891068be21031865b1299efad8613bfd831c05ff1f5ef2db4ef203d56f05b0b4eb03c874e7e67e

  • SSDEEP

    12582912:UItm2nYgbmfaloLFSsEjg4CiOH1Re3tKEA2C3KJr6SJf:UUmk9malCMpjg4CLXaMY2KJr6S

Malware Config

Targets

    • Target

      iZRX10_MORiA.dmg

    • Size

      401.7MB

    • MD5

      badf9a90a347fffdd44b6cb869c59392

    • SHA1

      46082af5a1b1dc294c900d9224427836e7961980

    • SHA256

      16a084a0bc41ed6cb4a7df79e59050cd3c6990d693f218a3b913118fec94e54d

    • SHA512

      a41415116a8e207a33c4201aadad1705e7e6697b3c9ee760ac891068be21031865b1299efad8613bfd831c05ff1f5ef2db4ef203d56f05b0b4eb03c874e7e67e

    • SSDEEP

      12582912:UItm2nYgbmfaloLFSsEjg4CiOH1Re3tKEA2C3KJr6SJf:UUmk9malCMpjg4CLXaMY2KJr6S

    Score
    7/10
    • Installer Packages

      Adversaries may establish persistence and elevate privileges by using an installer to trigger the execution of malicious content. Installer packages are OS specific and contain the resources an operating system needs to install applications on a system.

    • Gatekeeper Bypass

      Adversaries may modify file attributes and subvert Gatekeeper functionality to evade user prompts and execute untrusted programs. Gatekeeper is a set of technologies that act as layer of Apples security model to ensure only trusted applications are executed on a host.

    • File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity. Malware, tools, or other non-native files dropped or created on a system by an adversary (ex: Ingress Tool Transfer) may leave traces to indicate to what was done within a network and how. Removal of these files can occur.

    • Target

      iZRX10 MORiA/iZotope Patcher MORiA.pkg

    • Size

      400.7MB

    • MD5

      69a5599a5269c6ca82da9dc82435acbc

    • SHA1

      e53925d6ff00934fcc95ef1e21a92e984eaa5b0a

    • SHA256

      45199a1219e3ab68be33895e195bc596131ad0b9d6e0fbc4800acfcf90b4aa4c

    • SHA512

      b0fab3c00747993f607754db1fab152148e3d606d489af7a12a0711691d9bc0d88b4b9c5b4a4e90fbcdb71a052b1cefd0018935e02b73190a4fd472df1e2caa9

    • SSDEEP

      12582912:uItp2nYgbmfaloLFSsEjg4CiOH1RTtKEA2C3KJj6S+em:uUpk9malCMpjg4CLXTMY2KJj6Su

    Score
    7/10
    • Installer Packages

      Adversaries may establish persistence and elevate privileges by using an installer to trigger the execution of malicious content. Installer packages are OS specific and contain the resources an operating system needs to install applications on a system.

    • Gatekeeper Bypass

      Adversaries may modify file attributes and subvert Gatekeeper functionality to evade user prompts and execute untrusted programs. Gatekeeper is a set of technologies that act as layer of Apples security model to ensure only trusted applications are executed on a host.

    • File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity. Malware, tools, or other non-native files dropped or created on a system by an adversary (ex: Ingress Tool Transfer) may leave traces to indicate to what was done within a network and how. Removal of these files can occur.

MITRE ATT&CK Enterprise v15

Tasks