Overview

overview

7

Static

static

1

Setup.dmg

macos-10.15-amd64

7

Setup/Setup

macos-10.15-amd64

4

Sharing

Copy URL
Twitter E-mail

General

  • Target

    240722-15xl6szgfb_pw_infected.zip

  • Size

    2.6MB

  • Sample

    240801-2hvpqszcnp

  • MD5

    13838ec36849717e4fedad4294d3672f

  • SHA1

    0f2655560d0a8199958e0c1ec98d7931d1ae8d87

  • SHA256

    10600c2358f13b48f1d15cfc637498a3d4a69cba56c6cf468c2039d3f324d6cc

  • SHA512

    296efbec30aed796e8aecf278d3c68f565d24e9ba6c6cb69bc5c8e8bf57d93ac8f27b4a091d995bf664fc84fa1487cfe5cdb7d8388577b75a16529e6573c021c

  • SSDEEP

    49152:ktDyg1g++Cirj1ZGTRi09/4nJG9ib9yKZWZxMa5YQBZyfryxZ8xUc:kH1UJ1ST9/+s9g9EkQB8ribc

Score
7/10
discoveryevasionexecutionmacos

Malware Config

Targets

    • Target

      Setup.dmg

    • Size

      2.7MB

    • MD5

      951974368341669aaff35d467035a6a0

    • SHA1

      b11435a9d0cedb31346fc47ab703dfea89d0a469

    • SHA256

      0b4f5327c6c89f8aa2d642fc7a1955bc90ffcd8b41f21974517b7f58c3ed7323

    • SHA512

      4cdaf5000d51b362af9e1f77b3dc80476a8fa09bf126754c1a190e1d85e0bc2f6deff422e8e60cc7488ad88fed6027968883a7c766b2be113261b9f5b44755d7

    • SSDEEP

      49152:DK7MD2//MbqqXe70a7bG9neIG2BDI0Rnto/9wB5W4ERbNW4ERb1Y2mvVWp83GdC+:DKoD2/Uuqu7hO9nnG2BPn296WnZWnhkh

    Score
    7/10
    discoveryevasionexecution

    • Queries the macOS version information.

      An adversary may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture.

      discovery

    • System Checks

      Adversaries may employ various system checks to detect and avoid virtualization and analysis environments. This may include changing behaviors based on the results of checks for the presence of artifacts indicative of a virtual machine environment (VME) or sandbox.

      evasion

    • File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity. Malware, tools, or other non-native files dropped or created on a system by an adversary (ex: Ingress Tool Transfer) may leave traces to indicate to what was done within a network and how. Removal of these files can occur.

      evasion
    behavioral1

    • Target

      Setup/Setup

    • Size

      482KB

    • MD5

      df83c4ade9b56ad1ce73bed137fd04c9

    • SHA1

      29819bba483498e418b568c9dcf7d1bfcaa5e1b5

    • SHA256

      c74208661a6d2d914e60cecb837835b0ccb9214bb8130b85a4fc864ae6b52776

    • SHA512

      ab7463448f04b8285a913b7a8e13fe4a6685f334fa22db8b787d15f5d2e77c87c5beb75489500159c2c39faf196c85aa14300866735105585387991485e790d0

    • SSDEEP

      12288:kQdh8iZh3xQLFSclCpHzpJCBNHO+dYnR:jiY

    Score
    4/10
    evasionexecution
    behavioral2

MITRE ATT&CK Enterprise v15

Tasks