39eed41a282105d827a5ed1c6bd0e50e5b69d8535f80c2e67aeb2f0da72e1628

Resubmissions

15/10/2024, 23:54

241015-3x4fvsxemq 8

15/10/2024, 23:51

241015-3v719sxdrl 7

Sharing

Copy URL

Twitter E-mail

General

Target

superprivatedontleak.ipa
Size

15.8MB
Sample

241015-3v719sxdrl
MD5

78cd09fc014a93fc918b58893079c2d7
SHA1

359d210fc60a7dcd2ed43c9ae30768f572f86bd7
SHA256

39eed41a282105d827a5ed1c6bd0e50e5b69d8535f80c2e67aeb2f0da72e1628
SHA512

20b391d9d3a58896efe2682b6b7d62179ec7dbbf41b554ba7b98f46e4b2389815c9b0699444a2474a178af2c1e2f5b0a8dd8505a80123fdc95d0d349d2bf9b74
SSDEEP

393216:K3LNyK57G3YNyKxUfdfS37zBJlPFVrSV84Ka/VLIg:K3RyGG3wy/d6r1rNZSVxKa/N

Score

7^/10

discovery macos

Malware Config

Targets

- Target
  
  superprivatedontleak.ipa
- Size
  
  15.8MB
- MD5
  
  78cd09fc014a93fc918b58893079c2d7
- SHA1
  
  359d210fc60a7dcd2ed43c9ae30768f572f86bd7
- SHA256
  
  39eed41a282105d827a5ed1c6bd0e50e5b69d8535f80c2e67aeb2f0da72e1628
- SHA512
  
  20b391d9d3a58896efe2682b6b7d62179ec7dbbf41b554ba7b98f46e4b2389815c9b0699444a2474a178af2c1e2f5b0a8dd8505a80123fdc95d0d349d2bf9b74
- SSDEEP
  
  393216:K3LNyK57G3YNyKxUfdfS37zBJlPFVrSV84Ka/VLIg:K3RyGG3wy/d6r1rNZSVxKa/N
Score

1^/10
behavioral1 behavioral2
- Target
  
  Payload/Mabz.app/[email protected]
- Size
  
  3KB
- MD5
  
  5d2de90949828b8ef011d3ff467ba90e
- SHA1
  
  f74b6a668d0fbf179e2a6111f84478ec8beb585c
- SHA256
  
  ae75d5d8b1b44f6876a70b07948c8fbd3b4edd457fcc822b40e2f02910e2b5e5
- SHA512
  
  3c903277a142e03a4fa58e7dc1367b146176d8bcca94a31a068db844643d7a0a6c2b933155cf5500b1c8096b3ed86fd1b68242130651ccbd5f31597ca3ff113b
Score

3^/10
behavioral3 behavioral4
- Target
  
  Payload/Mabz.app/AppIcon76x76@2x~ipad.png
- Size
  
  3KB
- MD5
  
  5b896a9a2ac2f3441a1aaba1ee3b095e
- SHA1
  
  11a87dd72aaba6d571769361d1c332e5e5e559f2
- SHA256
  
  1bde5e830a1a4fb6e5f183a39dbc25498680d27b318fb0fb00ee964563e96e45
- SHA512
  
  b4b05edc5d31d888a71c34cd4d0c5d8d9aac858088423349e38e3207c89d5cddab36778ac521b35ee6bb4bef513cf9c0b20f717efcd14e0281ba6632fbabf581
Score

3^/10
behavioral5 behavioral6
- Target
  
  Payload/Mabz.app/Assets.car
- Size
  
  2.8MB
- MD5
  
  5942385b00a885e9ceab94c9b81a1470
- SHA1
  
  2cd5f68ff1f654812ad81345006919522195d75f
- SHA256
  
  00248af0b060fb7ee1d705f377efbb2a368237401d1c3abceab6b30c6a346823
- SHA512
  
  3e6aa304308aac2c0bcc0ade73a5b70e3c48646bdd482eb017776dad7d0a62dbe77e76175b97f874baf7c5e50139af400428a7e34616b5df2c34cab354c2b7a1
- SSDEEP
  
  49152:Ey2eLLSnrFumyV/VVQQ6q1GorQCtkUg/bPWch/+3611kXcdY:EiLeQmyvVEqYuQcTYbnZLY
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  Payload/Mabz.app/CashMarket-BoldRounded.otf
- Size
  
  68KB
- MD5
  
  7f6dc1d0d8ef10cea2436d5120eb0ac1
- SHA1
  
  1e1b8832c3d92ea39fdf05ff7a80ca1f0d932a82
- SHA256
  
  3b717c915670b87ce5ea935daacb7516d2855c9d5be1ebc07f355ee03ce59d3c
- SHA512
  
  79f1bf104f058b8b15d937d648bb049f172ed34f76a3a2413fd7857a6585807f685df3730cea7827b850b0852eab87497430b20da257d015ebcc9f387553c3ba
- SSDEEP
  
  1536:HWpNzG8Fi5L5w9yKof3tZMXN06SCgdu/T7mxTIqSLiEvxqD:qc8UZa63tZG0Ndu/mx1eiE8
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral10 behavioral9
- Target
  
  Payload/Mabz.app/CashMarket-Light.otf
- Size
  
  49KB
- MD5
  
  4c988f833bb48f707b65dd3e798aac8d
- SHA1
  
  f2008c193dcfbfa29c39f849aa64f88fe5939890
- SHA256
  
  fae66e81c2b51ddb64b071c7c5054c690137b45057d17432f32b03fd3e6186cd
- SHA512
  
  b9b19b3d05af072964b28c56fe1b6cd1d03ce68ac080a6a7e2bd779a7929641af6ccf5e2faf5e9382ed53e7aafc23a40afcf044ec81f08b662b18c5d3df8a9ce
- SSDEEP
  
  768:9Wk9/wtQbWyXAT2BAsQo/4wJXGwdTuRTBpF9jUKM2GNuuy167:9WuqQayXAT0N/4uXGbTPUKMpuuy0
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral11 behavioral12
- Target
  
  Payload/Mabz.app/CashMarket-MediumRounded.otf
- Size
  
  68KB
- MD5
  
  c0c4497419bb9dfe4c1c9ab7dbe86824
- SHA1
  
  1dccf307337a7d96f7ddb8f98ef95820929afad2
- SHA256
  
  c6b956e8110f375bbfe81f0ecaecc7f9ccf301f1bec749e88aa017941de95a55
- SHA512
  
  d1cdca545ddacacff85fd6a362b01a734fd10e1d6040f99ae98178d65a0ae4a69ccba9bd9d4263dc690eb697554f4fb355ac6d1225205657690d5e2bc701930f
- SSDEEP
  
  1536:6Etz9Ks8fps4O+/6OWalv2W/NGu/d7mxTIqS/oXxbd:6ECs664VWalv2W/NGuFmx1KoP
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral13 behavioral14
- Target
  
  Payload/Mabz.app/CashMarket-RegularItalic.otf
- Size
  
  64KB
- MD5
  
  24cee769460c607db3fa8dd43ae8b285
- SHA1
  
  2ec45c3f9f5a523c7c7113d20d3c234d16aae378
- SHA256
  
  54f29b91cb7c989ba2bd27bfccf4c792d85345b2e76bb1d3b51f7845a5567621
- SHA512
  
  230671752cfca3394f534d816c489c367444f3d8635d73fec008e0bdaaa254024814957ed759e895e65c4dc06508ab4e0ab72a16d0f83df21fe7f6cf037a573e
- SSDEEP
  
  1536:eQTKLQX/34q3zkYgdvXjhClMBosPGcjerI6ago3XTb5kMRJZvZBvP:eQOMX/oq3YHvzSMhPGcjerI6ar3XTFkW
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral15 behavioral16
- Target
  
  Payload/Mabz.app/CashMarket-RegularRounded.otf
- Size
  
  58KB
- MD5
  
  d2f123a82945d52fceccf988e4d5c79d
- SHA1
  
  2adf3a88c00b8a7e725ab79806cb5e3c851ff46a
- SHA256
  
  f82baa37bba6f317c9011443916f38879245ccb555d394a6999b1a36d24a2050
- SHA512
  
  68bb022ddd555de903e05db92a4a32a693b0ebe17d64c2b6b3c2473f3a6f2b8b8d6f4ceb68a76e250aab48234cd718f16422bf62869550022eb69e77608a8a7c
- SSDEEP
  
  768:cm1HXTrDIsbA6IZLbGok8Tuib4PADSz+H9Rx7Cz5jkShy9fCOz7ylCUuR9uzj4Hd:1tzIfZL+8akuKjhujXKCOza4ISH639M
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral17 behavioral18
- Target
  
  Payload/Mabz.app/Info.plist
- Size
  
  2KB
- MD5
  
  12819148299da25be7357b07916c54ac
- SHA1
  
  c73fd39944749dca61eedbf98d0bde2a33d4f376
- SHA256
  
  baca1fce8f8f15b114e10e5ba3e7c9aba784cf6b3a715179298e82ccfa223c86
- SHA512
  
  40c22beba1d5c6cd5441bd736f9c6d1d68103ea9cb3d590519a876bffb445f72c45dc40af1d589c3ac549fc3659a9f6a1712cf01fb44db5a5bf6ccbd86deebe2
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  Payload/Mabz.app/Mabz
- Size
  
  4.3MB
- MD5
  
  6475433f22bb90483863351b57f72dba
- SHA1
  
  4e514712c86d60602b4a9fffd335f97004d585da
- SHA256
  
  ef4492017bea247f59cb6dbcd00f32de8bbfa2cc35f9c960cbf5d0788579bd13
- SHA512
  
  30f630f59267a814e75dde1edb524c57aacb1ebf4a8602c289da9780f7c53a9076b449ac6c5eeaba2f523dae9b0f6f7055875113588e4005090a63266df5f6b5
- SSDEEP
  
  24576:h2cxRBpw63y/WpNotSjzFZ+cy/QAdFm879oQUTdrB7ljq0zGWXVts4hGeSL7OHPp:h18WpT+cdAPUrkCGDztVCddEHHmSP
Score

1^/10
behavioral21
- Target
  
  Payload/Mabz.app/Mabz.bak
- Size
  
  4.3MB
- MD5
  
  b697de0f30a8fceb21d9c3d1bbc32198
- SHA1
  
  f15135851cd71882cd22ca14ea632ecb86dd53e6
- SHA256
  
  b14eafe819e50d656c345ede8aced67cd83bf68bac18460f099f4f2509095d6f
- SHA512
  
  4c430e8fb83c3344d304ecadcbfaa5b7294c7ba2c03fdab1786a9105000d978050788990308cbbfcfb7c155abbf7d7660bb39468fb604bd14b895c82a3693633
- SSDEEP
  
  24576:h2cxRBpw63y/WpNotSjzFZ+cy/QAdFm879oQUTdrB7lGq0zGWXVts4hGeSL7OHP0:h18WpT+cdAPUrHCGDztVCddEIHmSP
Score

1^/10
behavioral22
- Target
  
  Payload/Mabz.app/PhoneNumberKit_PhoneNumberKit.bundle/Info.plist
- Size
  
  702B
- MD5
  
  f4f10c2f85b6cd580c91fc1542e058a0
- SHA1
  
  a62004a0e0cd12a50d9ad4879bc920cc8b819f3a
- SHA256
  
  45df6d34e4df0d58e47007cdb0b5ae2f9b98d9d017331e071b230de437a0c716
- SHA512
  
  91c46d56905e0515f577f8a1754218c0b98a80a9270a5faaa2dfc14bc4374119510ce808c320f1d8d5def6aaa7170289af20bdd24f0aa468f6b74ff0e2bb3360
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  Payload/Mabz.app/PhoneNumberKit_PhoneNumberKit.bundle/PhoneNumberMetadata.json
- Size
  
  351KB
- MD5
  
  b0888ca83d9bd45aa19e49f9015c76a5
- SHA1
  
  562513b95dda5b5222202f1d56a89c3950cdaa59
- SHA256
  
  3d47e215206d79a787fe95baa2481f7ef0d765cbb9ea007635ae20ee9f9b5cb2
- SHA512
  
  070a4b40d53db4b016fdcf415371e278e6b7ab7614072f44cad1b92c1e938b47e94c617e5500206b6b20b5328950104be4dffb01de6a407438e51989fd6448c3
- SSDEEP
  
  3072:NULFPFjpXpcFrFHSFljL03d4PS8yAopmFPTswfNR2F6FkpbF0F6hF/eMTFNplbLk:05zCy9MFK
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  Payload/Mabz.app/PkgInfo
- Size
  
  8B
- MD5
  
  23b7d7d024abb0f558420e098800bf27
- SHA1
  
  9f9eea0cfe2d65f2c3d6b092e375b40782d08f31
- SHA256
  
  82502191c9484b04d685374f9879a0066069c49b8acae7a04b01d38d07e8eca0
- SHA512
  
  f77d501528dd0ced155c80406cfbee38d5d3649b64d2a9324f3d6cee39491eb8f54cdebae49c6e21a20d2309d8fae1b01c41631224811e73483db25a2695738c
Score

1^/10
behavioral27 behavioral28
- Target
  
  Payload/Mabz.app/PlugIns/CAREx.appex/CAREx
- Size
  
  87KB
- MD5
  
  41e2d28eb60143cb74655f911706c219
- SHA1
  
  99cb59c5dbc470cd70492de62eb982f523daa41f
- SHA256
  
  4dd9f0c111c8b308cdc31c240f7fd5a6350117a34c98551775466d3aa7073357
- SHA512
  
  32a83c4f5a256dde8f561e2d6aadc5cd08800087bc2ff8820c01dd5b28498a6eda020bdb1c522a1f47a96feb755c6e3711ad7fc572231a8909cbad8cbf34f810
- SSDEEP
  
  192:nbpn0K2sHTIPR+QKMJO4+npo80M1/LcCl4aqw+RdkpV1ReJOh5w07JIx8P0JYQoK:nbpn0K2Tjk1nHpTl4BAt128Za
Score

1^/10
behavioral29
- Target
  
  Payload/Mabz.app/PlugIns/CAREx.appex/Info.plist
- Size
  
  962B
- MD5
  
  aff00cc21a529f1a2dcc53dded6ac4aa
- SHA1
  
  7d3c2fd4e42d79d2e8030044dad96ccfc83d9c71
- SHA256
  
  1a47efa41f61bf1061bc84523a1f169de320cb8490a52a7eacf5389e26fbf043
- SHA512
  
  cba35f14b31c3caca1974914ad8432a5df71b3c99d143e664089825b4e7d001c132c1804a56d3260beeed5bc536fdcbeaee68e9a67101c67f9a1cf484bfcb4c7
Score

3^/10

discovery
behavioral30 behavioral31
- Target
  
  Payload/Mabz.app/PlugIns/CAREx.appex/_CodeSignature/CodeResources
- Size
  
  6KB
- MD5
  
  cdabdbef20d28478a8743d2022259008
- SHA1
  
  f21bd6b56304195f90187126e9a73ba1a828d6a5
- SHA256
  
  c5a89b76b1b469a458f1d72143599e9d338621cdd1fa401000da6a0ad96b83de
- SHA512
  
  7a5ba2bd081709a9cf9634e451ac02a822b7981a5102d201355ecf80ba9e81d6dd4e81dc71e35bf6cd95f4e0ccd61309968e1f60721b3638ec1b2841aa7348f5
- SSDEEP
  
  96:CykGl0kmmpCnXVwU4pAjMeHb7Bsnd7LfldLm/s6qLm3xjWlDYVKQALcVW1xo93D4:XPBFWSRDasE3R6
Score

3^/10

discovery
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Checks computer location settings

Checks computer location settings

Checks computer location settings

Checks computer location settings

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32