General
-
Target
Figma.dmg
-
Size
1.9MB
-
Sample
250220-g6d2nsymap
-
MD5
580d009f10c6c34765b0e61edd2de1ae
-
SHA1
5e5a735e353b75036d9d96b8456710dd08747047
-
SHA256
9a0b87d549c79c073c3bea352267f5e353c0d09e4be6b93db79ad14bb8c6c398
-
SHA512
acc2a9ff032e669689452ff2737e1ff5a218889527562df503db83372497a085042212f8b51524341d5e76be72b654bef1ee990753b08c0c14bf325188bae850
-
SSDEEP
49152:4NDO5qdoAVlqK+teg5tZHaUyMMf0455Gq2r7BnBg55UTN+thv7KJp:4NDO5qdR8tewL4xf0iqrpBw5qcve
Static task
static1
Behavioral task
behavioral1
Sample
Figma.dmg
Resource
macos-20241101-en
Behavioral task
behavioral2
Sample
Figma/Figma.app/Contents/MacOS/DynamicUniversalApp
Resource
macos-20241106-en
Malware Config
Targets
-
-
Target
Figma.dmg
-
Size
1.9MB
-
MD5
580d009f10c6c34765b0e61edd2de1ae
-
SHA1
5e5a735e353b75036d9d96b8456710dd08747047
-
SHA256
9a0b87d549c79c073c3bea352267f5e353c0d09e4be6b93db79ad14bb8c6c398
-
SHA512
acc2a9ff032e669689452ff2737e1ff5a218889527562df503db83372497a085042212f8b51524341d5e76be72b654bef1ee990753b08c0c14bf325188bae850
-
SSDEEP
49152:4NDO5qdoAVlqK+teg5tZHaUyMMf0455Gq2r7BnBg55UTN+thv7KJp:4NDO5qdR8tewL4xf0iqrpBw5qcve
Score10/10-
Meduza Stealer payload
-
Meduza family
-
Path Permission
Adversaries may modify directory permissions/attributes to evade access control lists (ACLs) and access protected files.
-
Gatekeeper Bypass
Adversaries may modify file attributes and subvert Gatekeeper functionality to evade user prompts and execute untrusted programs. Gatekeeper is a set of technologies that act as layer of Apples security model to ensure only trusted applications are executed on a host.
-
File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity. Malware, tools, or other non-native files dropped or created on a system by an adversary (ex: Ingress Tool Transfer) may leave traces to indicate to what was done within a network and how. Removal of these files can occur.
-
-
-
Target
Figma/Figma.app/Contents/MacOS/DynamicUniversalApp
-
Size
200KB
-
MD5
dcc30afa7f07f008f09c6c427c8d702f
-
SHA1
037c4830a4451055ab745f0b4e3593dda3440b8e
-
SHA256
8c9621b8b2ab17fd35d1a704c4c3a9dfe311e2e23dc3bd10388aa77646b4ab67
-
SHA512
f0d139a35070234c2209d80e4814db67a4781995d57626741d96098655d6381c8c57086d0aaed1d38206b1ca7cb4c8cd1fc88c3269ca6b3a5ad8bdd74aa6d0fd
-
SSDEEP
3072:D42FYXpCUHRoy2FHrJzzl4woO2V01s6c:DlFY5Doy23zB7oI17c
Score1/10 -