General
-
Target
RobloxStudioInstaller.dmg
-
Size
8.4MB
-
Sample
250328-qzpn9swydx
-
MD5
7d3af8e6237b147557238bf491671e50
-
SHA1
8c082d4bc3aa840dfa13365966cee30c62d431f4
-
SHA256
a60a31a504037f25652e4f59a14f9c014f7b020ffb1bd41419bac2e43e64c903
-
SHA512
571e966d249695424edd0efde0fb6751a20255094826557c53a9924a305a1ce64b721e733528cc8f4065698611b78b7ce0e8f6ebf50e0fbfbcb9b087dcd1c92c
-
SSDEEP
196608:Vovu6Bn0UKwRks0NlBrvEdT/IV0RORIRUn1IS:VoPn0UlkLNTrvW0VhN
Malware Config
Targets
-
-
Target
RobloxStudioInstaller.dmg
-
Size
8.4MB
-
MD5
7d3af8e6237b147557238bf491671e50
-
SHA1
8c082d4bc3aa840dfa13365966cee30c62d431f4
-
SHA256
a60a31a504037f25652e4f59a14f9c014f7b020ffb1bd41419bac2e43e64c903
-
SHA512
571e966d249695424edd0efde0fb6751a20255094826557c53a9924a305a1ce64b721e733528cc8f4065698611b78b7ce0e8f6ebf50e0fbfbcb9b087dcd1c92c
-
SSDEEP
196608:Vovu6Bn0UKwRks0NlBrvEdT/IV0RORIRUn1IS:VoPn0UlkLNTrvW0VhN
Score8/10-
Path Permission
Adversaries may modify directory permissions/attributes to evade access control lists (ACLs) and access protected files.
-
Gatekeeper Bypass
Adversaries may modify file attributes and subvert Gatekeeper functionality to evade user prompts and execute untrusted programs. Gatekeeper is a set of technologies that act as layer of Apples security model to ensure only trusted applications are executed on a host.
-
File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity. Malware, tools, or other non-native files dropped or created on a system by an adversary (ex: Ingress Tool Transfer) may leave traces to indicate to what was done within a network and how. Removal of these files can occur.
-