General
-
Target
DiscordSetup (1).exe
-
Size
102.3MB
-
Sample
241018-bvaxzsyaqg
-
MD5
6c7d2869363c940af1fed172f59e2ad5
-
SHA1
4d8e17b12ae770a1c09beac525f9f1e958ebcdd1
-
SHA256
85060117d7c75378fcbf8b3824e79549002bc5298ae46fcaa2524c83c476596a
-
SHA512
a71a4a388885ceff74e87f62b790f2ebff33a28258435b2f1809eb8271d2550d1a8950d274fb8a950e037f6c5285f0e9325db0ed1afebefbd66408f1818435c7
-
SSDEEP
3145728:SJgLR2Mq/UaiyEagbCzXlcG+qTfRDzrogxD:S3j/UaCaSCgOfRDAgxD
Malware Config
Targets
-
-
Target
DiscordSetup (1).exe
-
Size
102.3MB
-
MD5
6c7d2869363c940af1fed172f59e2ad5
-
SHA1
4d8e17b12ae770a1c09beac525f9f1e958ebcdd1
-
SHA256
85060117d7c75378fcbf8b3824e79549002bc5298ae46fcaa2524c83c476596a
-
SHA512
a71a4a388885ceff74e87f62b790f2ebff33a28258435b2f1809eb8271d2550d1a8950d274fb8a950e037f6c5285f0e9325db0ed1afebefbd66408f1818435c7
-
SSDEEP
3145728:SJgLR2Mq/UaiyEagbCzXlcG+qTfRDzrogxD:S3j/UaCaSCgOfRDAgxD
Score8/10-
Path Permission
Adversaries may modify directory permissions/attributes to evade access control lists (ACLs) and access protected files.
-
Gatekeeper Bypass
Adversaries may modify file attributes and subvert Gatekeeper functionality to evade user prompts and execute untrusted programs. Gatekeeper is a set of technologies that act as layer of Apples security model to ensure only trusted applications are executed on a host.
-
Legitimate hosting services abused for malware hosting/C2
-
File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity. Malware, tools, or other non-native files dropped or created on a system by an adversary (ex: Ingress Tool Transfer) may leave traces to indicate to what was done within a network and how. Removal of these files can occur.
-