92d69b264f4f3d4c2f5ba4fd5c4700c2197b20d1ceea75c38a968be91ea6dc13 | Triage

Resubmissions

20-11-2024 18:22

241120-wz1dnazhje 8

Sharing

General

Target

DocuSignWITWB.dmg
Size

249KB
Sample

241120-wz1dnazhje
MD5

428ffe4753aa646259211668899cd6c3
SHA1

b2cc431816f54d3147f6b64fce2f7fc5f3d845fb
SHA256

92d69b264f4f3d4c2f5ba4fd5c4700c2197b20d1ceea75c38a968be91ea6dc13
SHA512

7a96e17d0d251a886c3eabcbe14ff50eb685b464918066814dedb9148d28cd828938e610710b7d78901229775e6af1ee87769998649fbd3da0f7327a5a019d92
SSDEEP

6144:XYo0JhH5/gTz5LVFEwtLMF/7WZar48ZZx1bFAumMT:XYzZ/QVFEEeWZm4UZxpFpT

Score

8^/10

exfiltration macos

Malware Config

Targets

- Target
  
  DocuSignWITWB/.DocuSignWITWB
- Size
  
  230KB
- MD5
  
  0b7052743eaca64ebf29a49bcbbdf2c3
- SHA1
  
  a6d9dbd40dee54c34a0007814593bb4964c8fff0
- SHA256
  
  cdfc3e388b6fe9ff73d3b02a61a741e17dd4fd1177f0ed771a075b5084aca7b3
- SHA512
  
  ecfa3ee89b3aa46af35b45f35ea3b59d55325f25e9db059826afe98d232b58a42c1542cfcfc4c00ece8ec8a7daad1c53812657ad6287d4342fa1c5bebd049618
- SSDEEP
  
  1536:lHDLV8NOYUr08NO1Ut+Co9I6wWuSLfrWChovpxo7F/IEln2ENjyCMMl+OpwhX8Ns:ZD3WBPpwhx3WBp2
Score

8^/10

exfiltration
- Identifies hardware specifics through system_profiler
- Exfiltration Over Alternative Protocol
  Adversaries may steal data by exfiltrating it over an un-encrypted network protocol other than that of the existing command and control channel.
  exfiltration
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Exfiltration Over Alternative Protocol

Exfiltration Over Unencrypted Non-C2 Protocol

Impact

Tasks

static1

behavioral1