General
-
Target
Setup.dmg
-
Size
384KB
-
Sample
240618-mnmhzstfkp
-
MD5
2d0a0ffe25aa84951f6eb356855e988e
-
SHA1
b745b2ed9ea89e5938d7e2327b95d4c03eac074b
-
SHA256
4f169105b0104b0cd60e929631965993c315d39e9cf09d1db990c12a05166e63
-
SHA512
962d9e86388b93afcdaf5a4e194e02f5ec032d9ce72ac69289e993accb92e685fff399b66693deac8e1e09481476774f737eb8a3878c1765b206f5d74681c788
-
SSDEEP
12288:XsAbkg1WovYfA0H6Kn0uMvYfg0pIVzrrnL8QZC/1wPXr6:Xs0Phv5EQvj8iHrn4QZC9e
Static task
static1
Behavioral task
behavioral1
Sample
Setup.dmg
Resource
macos-20240611-en
Malware Config
Targets
-
-
Target
Setup.dmg
-
Size
384KB
-
MD5
2d0a0ffe25aa84951f6eb356855e988e
-
SHA1
b745b2ed9ea89e5938d7e2327b95d4c03eac074b
-
SHA256
4f169105b0104b0cd60e929631965993c315d39e9cf09d1db990c12a05166e63
-
SHA512
962d9e86388b93afcdaf5a4e194e02f5ec032d9ce72ac69289e993accb92e685fff399b66693deac8e1e09481476774f737eb8a3878c1765b206f5d74681c788
-
SSDEEP
12288:XsAbkg1WovYfA0H6Kn0uMvYfg0pIVzrrnL8QZC/1wPXr6:Xs0Phv5EQvj8iHrn4QZC9e
Score8/10-
Identifies hardware specifics through system_profiler
-
Exfiltration Over Alternative Protocol
Adversaries may steal data by exfiltrating it over an un-encrypted network protocol other than that of the existing command and control channel.
-
File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity. Malware, tools, or other non-native files dropped or created on a system by an adversary (ex: Ingress Tool Transfer) may leave traces to indicate to what was done within a network and how. Removal of these files can occur.
-