General
-
Target
Capture d’écran 2024-11-22 155137.png
-
Size
43KB
-
Sample
250220-k85tys1nhz
-
MD5
1786b6245aec7ed4d3553c0358cb5569
-
SHA1
5540f8d110663f29c3706423fccfba798e0a58b5
-
SHA256
f0854186d24200fe697aaa20459a7eb8263734998c79e46f7c91c96e81ec0ee5
-
SHA512
5a16b08121567f0c7049b225c75dcf08c2c3e94ac55eafe6a8c3f2c969c4d6f8b07fb2d2df5c06e81d2fec77f1906dc85a11d999b518c25fb6405b5822ad7c66
-
SSDEEP
768:ZJYDvtUYcxovnLjceXKbIWenuCYEGsOSNxOsgJhYQHOhFAdOAmRPusawWu:ZJEUpxovnLoeXKjNCYEGlnJGQHrdOAmd
Static task
static1
Behavioral task
behavioral1
Sample
Capture d’écran 2024-11-22 155137.png
Resource
macos-20241101-fr
Malware Config
Targets
-
-
Target
Capture d’écran 2024-11-22 155137.png
-
Size
43KB
-
MD5
1786b6245aec7ed4d3553c0358cb5569
-
SHA1
5540f8d110663f29c3706423fccfba798e0a58b5
-
SHA256
f0854186d24200fe697aaa20459a7eb8263734998c79e46f7c91c96e81ec0ee5
-
SHA512
5a16b08121567f0c7049b225c75dcf08c2c3e94ac55eafe6a8c3f2c969c4d6f8b07fb2d2df5c06e81d2fec77f1906dc85a11d999b518c25fb6405b5822ad7c66
-
SSDEEP
768:ZJYDvtUYcxovnLjceXKbIWenuCYEGsOSNxOsgJhYQHOhFAdOAmRPusawWu:ZJEUpxovnLoeXKjNCYEGlnJGQHrdOAmd
Score10/10-
Meduza Stealer payload
-
Meduza family
-
Path Permission
Adversaries may modify directory permissions/attributes to evade access control lists (ACLs) and access protected files.
-
Gatekeeper Bypass
Adversaries may modify file attributes and subvert Gatekeeper functionality to evade user prompts and execute untrusted programs. Gatekeeper is a set of technologies that act as layer of Apples security model to ensure only trusted applications are executed on a host.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity. Malware, tools, or other non-native files dropped or created on a system by an adversary (ex: Ingress Tool Transfer) may leave traces to indicate to what was done within a network and how. Removal of these files can occur.
-