Overview

overview

7

Static

static

1

[Canon]Pri...17.dmg

macos-10.15-amd64

7

[Canon]Pri..._store

windows7-x64

3

[Canon]Pri..._store

windows10-2004-x64

3

[Canon]Pri...n.icns

windows7-x64

3

[Canon]Pri...n.icns

windows10-2004-x64

3

[Canon]Pri...Kb.png

windows7-x64

3

[Canon]Pri...Kb.png

windows10-2004-x64

3

[Canon]Pri...ibrary

macos-10.15-amd64

1

[Canon]Pri...y:rsrc

windows7-x64

1

[Canon]Pri...y:rsrc

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    [Canon]Private Library_v.3.17.dmg

  • Size

    2.7MB

  • Sample

    240808-2df1sa1dnj

  • MD5

    ca0214a00b1cdc1242a9e9509510bdc3

  • SHA1

    5d1d23324bffa89b0a282a558ed6e97691e89ab4

  • SHA256

    3d03453ff27cb0153837abc5b9be0583a2cbe4b45a256426eb8e0d20a6f1bccf

  • SHA512

    181b344cf44742b8157906701fdb50820480030fa815d857bf246871c34d181092460fd4b0e6ab63ab623e1eb4732d8c10a0f5ab75efffe6d47d09935e51e4f4

  • SSDEEP

    24576:Zj4ceAVHecnwgQBBs1iB6ucAIOLfBsb7UtWKVmwCdWgx2kYQCt8ZQTL+7Hb6Lv3b:ZneACfB7

Score
7/10
discoveryevasionexecutionmacos

Malware Config

Targets

    • Target

      [Canon]Private Library_v.3.17.dmg

    • Size

      2.7MB

    • MD5

      ca0214a00b1cdc1242a9e9509510bdc3

    • SHA1

      5d1d23324bffa89b0a282a558ed6e97691e89ab4

    • SHA256

      3d03453ff27cb0153837abc5b9be0583a2cbe4b45a256426eb8e0d20a6f1bccf

    • SHA512

      181b344cf44742b8157906701fdb50820480030fa815d857bf246871c34d181092460fd4b0e6ab63ab623e1eb4732d8c10a0f5ab75efffe6d47d09935e51e4f4

    • SSDEEP

      24576:Zj4ceAVHecnwgQBBs1iB6ucAIOLfBsb7UtWKVmwCdWgx2kYQCt8ZQTL+7Hb6Lv3b:ZneACfB7

    Score
    7/10
    discoveryevasionexecution

    • Queries the macOS version information.

      An adversary may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture.

      discovery

    • System Checks

      Adversaries may employ various system checks to detect and avoid virtualization and analysis environments. This may include changing behaviors based on the results of checks for the presence of artifacts indicative of a virtual machine environment (VME) or sandbox.

      evasion
    behavioral1

    • Target

      [Canon]PrivateLibrary/.DS_Store

    • Size

      10KB

    • MD5

      520d21d60fabdff2400b11899b91e989

    • SHA1

      4e9bdcd4f7d4b7c94c0d33f8db748a3a4f35ee9f

    • SHA256

      bc301deb4b20b76c831ab23cac82c5026fe8c7f519f2fb248dc7a2369eefc9ff

    • SHA512

      86cfb241bc5ff7d2ff7920a902140c38f9b22957469fc94db49f2b59c0f1148b4e0d3af92a0de55c2ed456b247e4f6d31aece54e8da2285ec6528cc968c1e3c1

    • SSDEEP

      96:XqVgHW3SFtP8Eck18ODW+JNdcw7O5z4ZJlZJFNW+JF:XqO23SrXmsewq4flf3

    Score
    3/10
    discovery
    behavioral2behavioral3

    • Target

      [Canon]PrivateLibrary/.VolumeIcon.icns

    • Size

      40KB

    • MD5

      45523554444900abebc005017ca604eb

    • SHA1

      1a3ffcf94e67fba2063e371e0db3371aca3c0842

    • SHA256

      96552ff76492f920d3babcad3d83b67fd2e0943b30fdef809585e5d2c1a54915

    • SHA512

      4c57fb48c62159917f1a546905636afcfbe8748b01fdd9966625a0abdbeda7112ab9a981f4819d313706ed39f78eba58392369cd255ab835a355febe4c41df74

    • SSDEEP

      768:GtbWnfTZ4z60UPliWuF13ZJHFUtYFr6WghoQOQMoqeRnLHgTeb4sK05:GVWfTZ4jEUWuTJUtYFr6Wgho6XTnDgSv

    Score
    3/10
    discovery
    behavioral4behavioral5

    • Target

      [Canon]PrivateLibrary/.background/enHB2iKb.png

    • Size

      238KB

    • MD5

      e30638d56507f314c85fba28299fbe84

    • SHA1

      1454251d9cf2512236a499fd2d4e87b570e0b5b6

    • SHA256

      370562f3424838e75a5556f76805928eaf00fac6d079f4e1d4dac8cd9c1cd6e3

    • SHA512

      d5a724fa9a98ef256641f8e292ebc5300d7ff164fd6b89d15694d306680ff9e1be8b04eb48fd3927ae0c8952beeee87a3342c9a00e8c3179226207b731b13510

    • SSDEEP

      6144:03dY1qF/In8ztfgGUqakl7QO9ztbELudknrdZlqLBH6g4Fj:0tY1XnWNgGNl/9ztknrvGBH6px

    Score
    3/10
    behavioral6behavioral7

    • Target

      [Canon]PrivateLibrary/[Canon]PrivateLibrary

    • Size

      828KB

    • MD5

      b321dbde1e9bc45e9eeab58e28cb693a

    • SHA1

      ac5ff2488a65bf2a1ed83cc1a0e77395975d484b

    • SHA256

      fadc6f583c441755d2f826a6ae6c23a689f8079687c8f86030a2a1c481bd142a

    • SHA512

      3eaa984de66c606755f7217b77c4fcfb6dbd477a87d442b282335578f5df9e27708b57fe3fd3176ec07a7461ed07512a6177230db7859558d60a0cafa4272faa

    • SSDEEP

      12288:KCMHf0+utO/vYjNfZhlygvrvM0oKq+CxM1LyeG/pWGzrKDbP+sJthNVQ:KH/SJvAdM1LyecpWGzrKDbP5tNVQ

    Score
    1/10
    behavioral8

    • Target

      [Canon]PrivateLibrary/[Canon]PrivateLibrary:rsrc

    • Size

      96KB

    • MD5

      9d404c62160c85bd986d654031e4ce3b

    • SHA1

      8daa4d0f9a39b63c6afb2c425dceb83d9cdc0fb1

    • SHA256

      a2a39d47d892c5d8a743a0679c82a17a00a121d001f14a57f5bb239ab70de0d5

    • SHA512

      b2878d402525b9b8215d6cd126401dca6f2063455d916903880286a0336822489ef4735009c5c711a4b3617ddba314de0ff136cddf10f63c2e9f5628ddc12cd1

    • SSDEEP

      1536:w44G8VjZf3CMLLbcnQkj081lh44G8VjZf3CMLLbcnQkj081lr:k9f3CKLbohjp1l39f3CKLbohjp1lr

    Score
    1/10
    behavioral10behavioral9

MITRE ATT&CK Enterprise v15

Tasks