Overview

overview

10

Static

static

10

7401d34d7b...0b.dmg

macos-10.15-amd64

4

source_fol...pleApp

macos-10.15-amd64

4

Resubmissions

14/08/2024, 04:50

240814-fga32sxapf 10

14/08/2024, 04:47

240814-fewlzaxamg 10

Sharing

Copy URL Twitter E-mail

General

  • Target

    7401d34d7bc93cf94e50cc5fc7c00cdc6f2e632063ea03f8f56df4af7bfa0c0b.zip

  • Size

    494KB

  • MD5

    406213f0fe5da2fdfa4e4d8f014dce26

  • SHA1

    b90ed0e1f482f11d5249c23364fbc88542f97e51

  • SHA256

    d25a91eba9af2685822f212418d2cec6004b9a76f1b3d7d9aff2ef13cfeaab67

  • SHA512

    031c023908dbc9ccbaad96a3892ac459ce52c7b92ebceec03efadd1642a93c36d6cd6cbadf10828c9afbad2995f594dc7a9689cb1270a1bd04faaffe0ea3e12e

  • SSDEEP

    6144:hJrNXiZhOMq1v6q28nB82ALS1KZYajUoFLO8fBgZhqNCZOm366ikjvIIyIZJujkf:h/yZOMo+zLSs1jjLzgeCewLBBTZc7FY

Score
10/10
amosstealer

Malware Config

Extracted

Family

amosstealer

C2

91.103.252.213:443

Attributes
  • uuid

    4b6e10bc-21bc-44b1-8a24-f9e678343436

Signatures

Files

  • 7401d34d7bc93cf94e50cc5fc7c00cdc6f2e632063ea03f8f56df4af7bfa0c0b.zip
    .zip

    Password: infected

  • 7401d34d7bc93cf94e50cc5fc7c00cdc6f2e632063ea03f8f56df4af7bfa0c0b.dmg
    .dmg macos

    Password: infected

  • source_folder/.DS_Store
  • source_folder/.DropDMGBackground/background.png
    .png

    Password: infected

  • source_folder/.DropDMGBackground/background.png:com.apple.provenance
  • source_folder/.DropDMGBackground:com.apple.provenance
  • source_folder/.fseventsd/00000000023db1c2
    .gz

    Password: infected

  • 00000000023db1c2
  • source_folder/.fseventsd/00000000023db1c3
    .gz

    Password: infected

  • 00000000023db1c3
  • source_folder/.fseventsd/00000000023db2d0
    .gz

    Password: infected

  • 00000000023db2d0
  • source_folder/.fseventsd/00000000023db2d1
    .gz

    Password: infected

  • 00000000023db2d1
  • source_folder/.fseventsd/00000000023db326
    .gz

    Password: infected

  • 00000000023db326
  • source_folder/.fseventsd/00000000023db327
    .gz

    Password: infected

  • 00000000023db327
  • source_folder/.fseventsd/fseventsd-uuid
  • source_folder/.journal
  • source_folder/.journal_info_block
  • source_folder/AppleApp.app/Contents/Info.plist
    .xml
  • source_folder/AppleApp.app/Contents/Info.plist:com.apple.provenance
  • source_folder/AppleApp.app/Contents/MacOS/AppleApp
    .macho macos arch:arm64 arch:x64
  • source_folder/AppleApp.app/Contents/MacOS/AppleApp:com.apple.provenance
  • source_folder/AppleApp.app/Contents/MacOS:com.apple.provenance
  • source_folder/AppleApp.app/Contents/Resources/AppIcon.icns
    .png
  • source_folder/AppleApp.app/Contents/Resources/AppIcon.icns:com.apple.provenance
  • source_folder/AppleApp.app/Contents/Resources:com.apple.provenance
  • source_folder/AppleApp.app/Contents:com.apple.provenance
  • source_folder/AppleApp.app:com.apple.provenance
  • source_folder:com.apple.provenance