General

  • Target

    Setup.dmg

  • Size

    384KB

  • Sample

    240618-mnmhzstfkp

  • MD5

    2d0a0ffe25aa84951f6eb356855e988e

  • SHA1

    b745b2ed9ea89e5938d7e2327b95d4c03eac074b

  • SHA256

    4f169105b0104b0cd60e929631965993c315d39e9cf09d1db990c12a05166e63

  • SHA512

    962d9e86388b93afcdaf5a4e194e02f5ec032d9ce72ac69289e993accb92e685fff399b66693deac8e1e09481476774f737eb8a3878c1765b206f5d74681c788

  • SSDEEP

    12288:XsAbkg1WovYfA0H6Kn0uMvYfg0pIVzrrnL8QZC/1wPXr6:Xs0Phv5EQvj8iHrn4QZC9e

Malware Config

Targets

    • Target

      Setup.dmg

    • Size

      384KB

    • MD5

      2d0a0ffe25aa84951f6eb356855e988e

    • SHA1

      b745b2ed9ea89e5938d7e2327b95d4c03eac074b

    • SHA256

      4f169105b0104b0cd60e929631965993c315d39e9cf09d1db990c12a05166e63

    • SHA512

      962d9e86388b93afcdaf5a4e194e02f5ec032d9ce72ac69289e993accb92e685fff399b66693deac8e1e09481476774f737eb8a3878c1765b206f5d74681c788

    • SSDEEP

      12288:XsAbkg1WovYfA0H6Kn0uMvYfg0pIVzrrnL8QZC/1wPXr6:Xs0Phv5EQvj8iHrn4QZC9e

    Score
    8/10
    • Identifies hardware specifics through system_profiler

    • Exfiltration Over Alternative Protocol

      Adversaries may steal data by exfiltrating it over an un-encrypted network protocol other than that of the existing command and control channel.

    • File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity. Malware, tools, or other non-native files dropped or created on a system by an adversary (ex: Ingress Tool Transfer) may leave traces to indicate to what was done within a network and how. Removal of these files can occur.

MITRE ATT&CK Enterprise v15

Tasks