de7c6bce6526cbac7d1140badcfc941cfc3c563338699272968675ec8dc435d6 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

6

Pluh Tag s...er.apk

macos-10.15-amd64

8

Sharing

General

Target

Pluh Tag sigmaerererer.apk
Size

48.8MB
Sample

240901-3vgjbavgqq
MD5

a8c4c713defa089fcc6a8a7c54a10738
SHA1

75e9b2094efcf6e394b45bb0c9969d3fd4ac17e6
SHA256

de7c6bce6526cbac7d1140badcfc941cfc3c563338699272968675ec8dc435d6
SHA512

a3e9df6c8388aae6d3bded5c357f53285656905008cecd01d7c861df2a1a37f3784ab82e76296997476d09203ccdcb1ebde20c0ebf010ea2eaa4e7c18159202c
SSDEEP

786432:ALSqOmXZf0p69jDKCcbOow37RJuE8Dcz+9oIkHRIZZES+pWg2fvxo:ipsp6tJcbOoaurcz7HOopWg2fvxo

Score

8^/10

discovery evasion macos

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Pluh Tag sigmaerererer.apk

Resource

macos-20240711.1-en

discovery evasion

macos-10.15-amd64

5 signatures

300 seconds

Malware Config

Targets

- Target
  
  Pluh Tag sigmaerererer.apk
- Size
  
  48.8MB
- MD5
  
  a8c4c713defa089fcc6a8a7c54a10738
- SHA1
  
  75e9b2094efcf6e394b45bb0c9969d3fd4ac17e6
- SHA256
  
  de7c6bce6526cbac7d1140badcfc941cfc3c563338699272968675ec8dc435d6
- SHA512
  
  a3e9df6c8388aae6d3bded5c357f53285656905008cecd01d7c861df2a1a37f3784ab82e76296997476d09203ccdcb1ebde20c0ebf010ea2eaa4e7c18159202c
- SSDEEP
  
  786432:ALSqOmXZf0p69jDKCcbOow37RJuE8Dcz+9oIkHRIZZES+pWg2fvxo:ipsp6tJcbOoaurcz7HOopWg2fvxo
Score

8^/10

discovery evasion
- Path Permission
  Adversaries may modify directory permissions/attributes to evade access control lists (ACLs) and access protected files.
  evasion
- Gatekeeper Bypass
  Adversaries may modify file attributes and subvert Gatekeeper functionality to evade user prompts and execute untrusted programs. Gatekeeper is a set of technologies that act as layer of Apples security model to ensure only trusted applications are executed on a host.
  evasion
- File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity. Malware, tools, or other non-native files dropped or created on a system by an adversary (ex: Ingress Tool Transfer) may leave traces to indicate to what was done within a network and how. Removal of these files can occur.
  evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Linux and Mac File and Directory Permissions Modification

Hide Artifacts

Resource Forking

Indicator Removal

File Deletion

Subvert Trust Controls

Gatekeeper Bypass

Credential Access

Discovery

File and Directory Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

© 2018-2025

Terms | Privacy