db5d7f84baf1b1e37383273814398ada75b8d1b0b1b4ec9227776f090cbc5870

Sharing

Copy URL

Twitter E-mail

General

Target

Paste 4.4.0 [MacKed].dmg
Size

18.0MB
Sample

240921-aaly3svhjd
MD5

ebcb830313f9d3f74ba099f171bf1741
SHA1

c810d3f36cf559a50be7d2364093e6dc65a63b9f
SHA256

db5d7f84baf1b1e37383273814398ada75b8d1b0b1b4ec9227776f090cbc5870
SHA512

144ddf9987d1f0b907fc3b86763d1c514794ba80db450ea33dccae8e359628eab0272f0966c6a13045dc0a9b412c65e2b2e6572e8580868e81eac2b17f706235
SSDEEP

393216:JZaDECXVBvr+IvEz7WhSlwxMQ48qxuVA7vVrXu/vHTktrh/4OJX2v9P:/CXnT+IvEzT/QAh9rXu//46OJGv9

Score

6^/10

Malware Config

Targets

- Target
  
  Paste 4.4.0 [MacKed].dmg
- Size
  
  18.0MB
- MD5
  
  ebcb830313f9d3f74ba099f171bf1741
- SHA1
  
  c810d3f36cf559a50be7d2364093e6dc65a63b9f
- SHA256
  
  db5d7f84baf1b1e37383273814398ada75b8d1b0b1b4ec9227776f090cbc5870
- SHA512
  
  144ddf9987d1f0b907fc3b86763d1c514794ba80db450ea33dccae8e359628eab0272f0966c6a13045dc0a9b412c65e2b2e6572e8580868e81eac2b17f706235
- SSDEEP
  
  393216:JZaDECXVBvr+IvEz7WhSlwxMQ48qxuVA7vVrXu/vHTktrh/4OJX2v9P:/CXnT+IvEzT/QAh9rXu//46OJGv9
Score

1^/10
behavioral1
- Target
  
  Paste 4.4.0 [MacKed]/.DS_Store
- Size
  
  8KB
- MD5
  
  af9c5437f25df56d38284b2013fb4457
- SHA1
  
  d4effef98846a5b68e17a6bacf916f6ac50c27e8
- SHA256
  
  22aa6dce9da8da2531ddc2537973f423a449d5b880d2b83efd21917c15715f77
- SHA512
  
  6226beba496ec0be49c588a076897c9f01fdd0f116c8ea68d3450ae3046a632323412f21140c067f5fb73e914acc465677caa3060e8e9120ed0810712cd24872
- SSDEEP
  
  24:DCMVZFHxhLmjz1A7/T7bkcl7aZW7Xc3l7gw5spmlAaZDd5GQZqc2aCEXfLTxZLe:D5hqjzAHIUGKXo5//j9dYpcRCEXfLW
Score

3^/10

discovery
behavioral2 behavioral3
- Target
  
  Paste 4.4.0 [MacKed]/.VolumeIcon.icns
- Size
  
  385KB
- MD5
  
  b7ffda8754a884d91e3073cb7383037f
- SHA1
  
  a846ee4a60e63d7dc4d192ed5f9ce2be5133d299
- SHA256
  
  93f7a4483c0b7de19cee799fa0e89b1d574195de70ade7da6354797da9a06a35
- SHA512
  
  46ae331e2f98d2f7fd4f332193b7acb5bda64bdfd13f299427b731da1724f4aa655b2692d4444f609e84615536943cf0faa16d21b708fb167f6ffca09656df53
- SSDEEP
  
  12288:v1HueinnlNeE8zOonpP9LmKXscisfEJhj:9H2nlgE8zOKBXsL/3j
Score

3^/10

discovery
behavioral4 behavioral5
- Target
  
  Paste 4.4.0 [MacKed]/.background/dmgcanvas_bg.tiff
- Size
  
  204KB
- MD5
  
  0bf2a3f85f5519047251ca5700dc8a52
- SHA1
  
  964c0d6f78eb5ccf65ee45df181aaf47cd9cdf32
- SHA256
  
  98324281fe9d787f20f76bde683ca15ca8632958da9823ebd487a51c0571053a
- SHA512
  
  c3f9b88abc38a847d419b1673669eec82d1662267ccd0b16d78ec161f4a29ae686dfdc59a7943f4b925981827a835315be70fe71f3d0b7ced36326ea9294f7f3
- SSDEEP
  
  3072:G9wDnfCpXzeQupuomjhayhFh1Mqm45A2b9CFk+ANFUEh8n9LOLqnpczqIdsq4b:G9wDnffQupudLhmO3Mk+21WjnpRes7
Score

1^/10
behavioral6 behavioral7
- Target
  
  Paste 4.4.0 [MacKed]/.fseventsd/000000000159b123
- Size
  
  48B
- MD5
  
  241f64e220a303c544e0d5283cab1701
- SHA1
  
  e3f1a643df5751336e18ac052463f50cd3308b58
- SHA256
  
  76e317044763e4e2515a1fb01326c7bbe1825e95b5bbdedb1f958e6f6d99dce3
- SHA512
  
  6ff7b928736032c5e95cae3ac9dd20de64bbf2c346037d422e240d34e2083eef651efddfb3b9c642b511b7ec2f7a751d9fe139bc80a9c213d19b600397be4396
Score

3^/10

discovery
behavioral8 behavioral9
- Target
  
  Paste 4.4.0 [MacKed]/.fseventsd/000000000159b124
- Size
  
  72B
- MD5
  
  a38a42a0dcd772a5e3ed5be9631c8ef7
- SHA1
  
  c8ed6828fc0f49f746e35201771629d5ea575a02
- SHA256
  
  69fdb513d0a71b6abfce7cb0f5231d506ea9aaada135fd8aec971291de500d3e
- SHA512
  
  6b5749fcb4f90edd46682aa90a2e6ee0bac111f09f26e580a1706febea6ec5e8e73e9c68a4dc8a7569366e924db879e856cd950fa6566d726df471aac52275ef
Score

3^/10

discovery
behavioral10 behavioral11
- Target
  
  Paste 4.4.0 [MacKed]/.fseventsd/fseventsd-uuid
- Size
  
  36B
- MD5
  
  084a5a4c87dc657f6be3dbfc2485d39f
- SHA1
  
  5986680bf65413177b196fad141db87859d9eb8c
- SHA256
  
  0410eb9290fc1d5453b92f287b9f0a992690a7af0a115b87dc2802053c24fa47
- SHA512
  
  16647314346aceceb8a11e32a67d2772abdb9eddaa3ae6b2f85b05109c15cfcb347a3182dffb50540e184473bb43189fb01a2c583563a88beacd6ccf3d1fac60
Score

1^/10
behavioral12 behavioral13
- Target
  
  Paste 4.4.0 [MacKed]/Paste.app/Contents/Info.plist
- Size
  
  2KB
- MD5
  
  c430f3318cf0923fa2a3e4be295bbb18
- SHA1
  
  3736a90b8960e088311362277a146f85329958c2
- SHA256
  
  73354ba74dbc7e0423b8d44297d7328d214e469254ac7be9a7d0c75ce038ae0b
- SHA512
  
  523e6982408383d494f3ab66688a78992cb15e9fd0a7cdabec573fbe6ad43a9955f0993f92b35b7d2d1dcece3a08d5ba82dc696eab5368821189fdad70acdfa9
Score

3^/10

discovery
behavioral14 behavioral15
- Target
  
  Paste 4.4.0 [MacKed]/Paste.app/Contents/Library/LoginItems/LaunchAtLoginHelper.app/Contents/Info.plist
- Size
  
  916B
- MD5
  
  90c34da4827440d0a51bbf6f30a55950
- SHA1
  
  6afd925d68c416d41988ef3d9f9246cff13f60ca
- SHA256
  
  7a982c3e189a5c61b013c30b51ae436f7cb78cf3d34ee1165abc9fa1fc933719
- SHA512
  
  54d6f6161de80ae32c7fc1274cb58d1a6da0d900e2b93f8d8cd82002ba17590046941cddd2fa333605a1cbabc2e5dd07c9dde814fed4f6bfba31dad176b23466
Score

3^/10

discovery
behavioral16 behavioral17
- Target
  
  Paste 4.4.0 [MacKed]/Paste.app/Contents/Library/LoginItems/LaunchAtLoginHelper.app/Contents/MacOS/LaunchAtLoginHelper
- Size
  
  177KB
- MD5
  
  50a5a0b4416cc144daa8d5a7cca6a0f7
- SHA1
  
  dcf03eda4ba38d8337805e6a13b9a1eef07aee08
- SHA256
  
  be27d44c13516e70361dc68986f93ecf18b1dc38071c6eee7529b05a2b1770c6
- SHA512
  
  2e3b2b5b88ea464d2b93e72d2e858dd6543301ebf006958915744182870b3f3478dbd179df4e3f015e354e9490cd3110d57c8e9f8099e9f680247e593172f47d
- SSDEEP
  
  3072:xGkGZg33b70AR6DW1AxxdGZg33b70AR6DW1AxopjhNGZg33b70AR6DW0GZg33b7a:xDGZg33b70AR6DW1AxxdGZg33b70AR6p
Score

1^/10
behavioral18
- Target
  
  Paste 4.4.0 [MacKed]/Paste.app/Contents/Library/LoginItems/LaunchAtLoginHelper.app/Contents/PkgInfo
- Size
  
  8B
- MD5
  
  23b7d7d024abb0f558420e098800bf27
- SHA1
  
  9f9eea0cfe2d65f2c3d6b092e375b40782d08f31
- SHA256
  
  82502191c9484b04d685374f9879a0066069c49b8acae7a04b01d38d07e8eca0
- SHA512
  
  f77d501528dd0ced155c80406cfbee38d5d3649b64d2a9324f3d6cee39491eb8f54cdebae49c6e21a20d2309d8fae1b01c41631224811e73483db25a2695738c
Score

1^/10
behavioral19 behavioral20
- Target
  
  Paste 4.4.0 [MacKed]/Paste.app/Contents/Library/LoginItems/LaunchAtLoginHelper.app/Contents/_CodeSignature/CodeResources
- Size
  
  2KB
- MD5
  
  c48c1d9c6cf982c32580a9c58b0cce51
- SHA1
  
  630a08873072069616cdcc31f55e6d7423086d78
- SHA256
  
  6686de10a28a2fe11b36cbb86dcbacc827cfc4ea116b4dabf1845e5aee629e9b
- SHA512
  
  27f6256579e03e319af66d7fa316935b4e2d5c126429a8b961424a466cab907ceab5d068fb87d763bc3d819a791492c17ab1d1b54f5530cb34224b582d00c013
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  Paste 4.4.0 [MacKed]/Paste.app/Contents/MacOS/Paste
- Size
  
  15.3MB
- MD5
  
  7ab722690af613a48db2147ec1fdac57
- SHA1
  
  1d46a96b5701499fa2be108fd72db13b198871e8
- SHA256
  
  2ebba7056363bc3cb70fba70f1cc2c45755d793c9fc41ff44ea0b8e4f743b26e
- SHA512
  
  7cdabf0a9a6ef134738a89eadf962385092860bbb7fc226340bb4386d8fdd7a33394bddcdefd7a57734b49d4bf10317b01665c7d6208e8072d82bc8fb67793f0
- SSDEEP
  
  98304:9C8G4bkZjUEue/+O08m9b61tr0IB/U2upBNDGgnZF8uyL9fd6JB/LzYipMUJ:c5AQ84/MNqgnZF8udn/
Score

4^/10

evasion
behavioral23
- Target
  
  Paste 4.4.0 [MacKed]/Paste.app/Contents/MacOS/macked.app.dylib
- Size
  
  2.8MB
- MD5
  
  12492c892bad82137dccb08ca271c1e6
- SHA1
  
  138b821bf32b75ee3e39ceda66529829f179bb4f
- SHA256
  
  3f00d664a9466f8acb2144b693ef36a4d602341f52cfec76fe2c298842fe9b18
- SHA512
  
  27952ad46b175349ee97bc5c6b5a7725099de9930e2256a7441f176f4ff70f00946370dc126646db7e021d4e1fe6ddaf5415b2975b513632ed3152d106c32b77
- SSDEEP
  
  49152:pRRcOFTsrwhoKb+R98wDd2DOzNjCJgjihy91SLO7ek7K2vBZZkBqu5:HCIqKb+R9/9b711ZkBqe
Score

4^/10

evasion
behavioral24
- Target
  
  Paste 4.4.0 [MacKed]/Paste.app/Contents/PkgInfo
- Size
  
  8B
- MD5
  
  23b7d7d024abb0f558420e098800bf27
- SHA1
  
  9f9eea0cfe2d65f2c3d6b092e375b40782d08f31
- SHA256
  
  82502191c9484b04d685374f9879a0066069c49b8acae7a04b01d38d07e8eca0
- SHA512
  
  f77d501528dd0ced155c80406cfbee38d5d3649b64d2a9324f3d6cee39491eb8f54cdebae49c6e21a20d2309d8fae1b01c41631224811e73483db25a2695738c
Score

1^/10
behavioral25 behavioral26
- Target
  
  Paste 4.4.0 [MacKed]/Paste.app/Contents/Resources/AppIcon.icns
- Size
  
  68KB
- MD5
  
  022b1c31cfd171abb454cb15f0fb1ccc
- SHA1
  
  243530fe0658038e4cdb51396e20067b9fd950e0
- SHA256
  
  76d474c6875235f71fd6ff126f6638d402cf9f302cd7d42a212579b3fe27eef6
- SHA512
  
  2808652b987554359a9c8a8025a422a9d23c302ad3fff7485deba17e6c5762d9a19885d6b64d9792de05686f74be95d0c3a8d22bc52e15ca9b9195b99604903b
- SSDEEP
  
  1536:oEs1byY0dJxzxzJkGnuaOK1CQaIquIoXZV9fgd5kQ8X3dfpOos2DL2m:FsZ7c1zJkmAKx/bI1TkQ8X3Rsen
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  Paste 4.4.0 [MacKed]/Paste.app/Contents/Resources/AppleIncRootCertificate.cer
- Size
  
  1KB
- MD5
  
  7e611e0f7ba31b51986f413b41383ef0
- SHA1
  
  611e5b662c593a08ff58d14ae22452d198df6c60
- SHA256
  
  b0b1730ecbc7ff4505142c49f1295e6eda6bcaed7e2c68c5be91b5a11001f024
- SHA512
  
  5621f576006af21c100ab091653762ccc72e66caadb5b61235ef2d91595cbcf897c449353e9ce818c97ab2a8ee938c7204ea38887cb4eb8e8cff3234edbcc65b
Score

1^/10
behavioral29 behavioral30
- Target
  
  Paste 4.4.0 [MacKed]/Paste.app/Contents/Resources/Assets.car
- Size
  
  3.5MB
- MD5
  
  ca5d0fced4d6cd6618200ed358ccbdb8
- SHA1
  
  a9932ec80ee08508657590fd096efe4fdf0730d6
- SHA256
  
  0e011f651eb313c7c05a66d650de81c0849b894345b5a56ab83ce6956473252f
- SHA512
  
  f7a28fd9149ba1f2e2649c01dd3c3265128e895bae3ec5f7857f198e2a59bea6a8190449439867416a9f5c782e5776d423c6137f7bf4ee15641c142e03ada275
- SSDEEP
  
  98304:Pu/I8p1EDtdBFy8kuJ2bkcyt30qXrZqwbffuX/:PW1kDi8kuJKytfpbffu
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

T1564

Resource Forking

T1564.009

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32