3235e753ca0ea63328c1828ab539da958bb46597d8060683f649dcdb0fb49b9d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

EternalDecaySetup_v.4.56.dmg
Size

874KB
Sample

240914-pq79kstdqj
MD5

ce0b6c581255f9e47f1b4e2e1bafbc9b
SHA1

47e692f9c8b7a74bd64a506a5589b5c63dd16c6a
SHA256

3235e753ca0ea63328c1828ab539da958bb46597d8060683f649dcdb0fb49b9d
SHA512

6207e7e3d1d1de16bf328bdc14a4ad6b23b31ccd429f1f57bc2145503f2fb590186e4b8546c946a47d7cd0ac1b5290d2743a31ad45029ce81c56530e5c342186
SSDEEP

12288:GeYqEi/z+aZYEFv6pS+WZiG7nQ8K4aW1lnmNgWhC1/h8XVeDflwO+n6ldj:EY7NYEFvdBiG7nrDNnEgWc/1wO

Score

8^/10

evasion exfiltration macos

Malware Config

Targets

- Target
  
  EternalDecaySetup_v.4.56.dmg
- Size
  
  874KB
- MD5
  
  ce0b6c581255f9e47f1b4e2e1bafbc9b
- SHA1
  
  47e692f9c8b7a74bd64a506a5589b5c63dd16c6a
- SHA256
  
  3235e753ca0ea63328c1828ab539da958bb46597d8060683f649dcdb0fb49b9d
- SHA512
  
  6207e7e3d1d1de16bf328bdc14a4ad6b23b31ccd429f1f57bc2145503f2fb590186e4b8546c946a47d7cd0ac1b5290d2743a31ad45029ce81c56530e5c342186
- SSDEEP
  
  12288:GeYqEi/z+aZYEFv6pS+WZiG7nQ8K4aW1lnmNgWhC1/h8XVeDflwO+n6ldj:EY7NYEFvdBiG7nrDNnEgWc/1wO
Score

8^/10

evasion exfiltration
- Identifies hardware specifics through system_profiler
- Exfiltration Over Alternative Protocol
  Adversaries may steal data by exfiltrating it over an un-encrypted network protocol other than that of the existing command and control channel.
  exfiltration
- File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity. Malware, tools, or other non-native files dropped or created on a system by an adversary (ex: Ingress Tool Transfer) may leave traces to indicate to what was done within a network and how. Removal of these files can occur.
  evasion
behavioral1
- Target
  
  EternalDecaySetup/EternalDecaySetup
- Size
  
  197KB
- MD5
  
  813c9029a82dedeba3dbb4488516e8f9
- SHA1
  
  d79030a3c95a283566ff7e6fb80bfaa4ff25bc59
- SHA256
  
  f1b047207f730f1cd70660b87f475b7f6d693c4fe0d7fee39ecd8e71912d47a8
- SHA512
  
  549de350dacf07541b757b8808072350fb3c1a5e8a7492664a78fd0a7ce0832919f69012920c75f4eead0edc9a22d4f94b9ddf5277c24d7566e65dbe5831b703
- SSDEEP
  
  1536:mPHRRL1Eb2drDINyG78C7jsN3RL1Eb2drDINyG78C7M:mvRR1hdrkNb7Ru3R1hdrkNb7R
Score

8^/10

exfiltration
- Identifies hardware specifics through system_profiler
- Exfiltration Over Alternative Protocol
  Adversaries may steal data by exfiltrating it over an un-encrypted network protocol other than that of the existing command and control channel.
  exfiltration
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Resource Forking

Indicator Removal

File Deletion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Exfiltration Over Alternative Protocol

Exfiltration Over Unencrypted Non-C2 Protocol

Impact

Tasks

static1

behavioral1

evasionexfiltration

behavioral2