5591fdfb74f64af1769b8069122ce4eabae061740919ebd8b11fed6fbb0c1b10 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

FanContrl_v.5.68.dmg
Size

2.8MB
Sample

240810-exhmdsvhnn
MD5

03e7bcb97df8d72322236a488cea3995
SHA1

76a2e551ebedae2f4b59afc73162fc6ff6120587
SHA256

5591fdfb74f64af1769b8069122ce4eabae061740919ebd8b11fed6fbb0c1b10
SHA512

fe52d4b0a1743e94c3e0d5a41ebb812fb709143840576223e50ca3b64cb802b70913ee9a4ecdadf258b893ac0d65d0158ac8a142921c620a9221f4ee18c0e321
SSDEEP

24576:j2ivYKOuOA1DKfyG0RcbOOEWTKnOgKY/Y2AsOYHkc6kdN/OlTMxrWSy+/LPttftb:1vYYO8KfyG0Obqwq/

Score

7^/10

discovery evasion execution macos

Malware Config

Targets

- Target
  
  FanContrl_v.5.68.dmg
- Size
  
  2.8MB
- MD5
  
  03e7bcb97df8d72322236a488cea3995
- SHA1
  
  76a2e551ebedae2f4b59afc73162fc6ff6120587
- SHA256
  
  5591fdfb74f64af1769b8069122ce4eabae061740919ebd8b11fed6fbb0c1b10
- SHA512
  
  fe52d4b0a1743e94c3e0d5a41ebb812fb709143840576223e50ca3b64cb802b70913ee9a4ecdadf258b893ac0d65d0158ac8a142921c620a9221f4ee18c0e321
- SSDEEP
  
  24576:j2ivYKOuOA1DKfyG0RcbOOEWTKnOgKY/Y2AsOYHkc6kdN/OlTMxrWSy+/LPttftb:1vYYO8KfyG0Obqwq/
Score

7^/10

discovery evasion execution
- Queries the macOS version information.
  An adversary may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture.
  discovery
- System Checks
  Adversaries may employ various system checks to detect and avoid virtualization and analysis environments. This may include changing behaviors based on the results of checks for the presence of artifacts indicative of a virtual machine environment (VME) or sandbox.
  evasion
behavioral1
- Target
  
  FanContrlApp/FanContrlApp
- Size
  
  828KB
- MD5
  
  2555014bd59be23a008d79078ff3ac73
- SHA1
  
  7dc3856f8777ea1701ad7ae720bef9fce78c135c
- SHA256
  
  6eb02a5d5e43f55254f112f34a3bee271e4d76f4a0a2743150b29d84032bf733
- SHA512
  
  e8a9ef57bf1d5616abe72c49cf0a6d5d81e18622070e5459e741b8dbb2e0652e2992444d180f617a94544dd3ca34ee31eb1086562c5cae50b699fea3172ccb87
- SSDEEP
  
  12288:8MMHf0+utO/vYjNfiRFc9941VoKWaeKkaEd4J+GK5OmrziwLfMHRvcDk2CXo:8p/DqcJSYEd4J+15OmrziwLfcOk2B
Score

7^/10

discovery evasion execution
- Queries the macOS version information.
  An adversary may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture.
  discovery
- System Checks
  Adversaries may employ various system checks to detect and avoid virtualization and analysis environments. This may include changing behaviors based on the results of checks for the presence of artifacts indicative of a virtual machine environment (VME) or sandbox.
  evasion
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Resource Forking

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

Virtualization/Sandbox Evasion

System Checks

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionexecution

behavioral2

discoveryevasionexecution