MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 3c4becde20e618efb209f97581e9ab6bf00cbd63f51f4ebd5677e352c57e992a. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Lazarus

Vendor detections: 6

Intelligence 6 IOCs YARA File information Comments

SHA256 hash:	3c4becde20e618efb209f97581e9ab6bf00cbd63f51f4ebd5677e352c57e992a
SHA3-384 hash:	4e9105aad0708ad0a3d82aee3f1dc2b93ee2b07e5ebc59475f642c115e13da9eed2cf2d33d93ffe7a771d373a2b99730
SHA1 hash:	e876ba6e23e09206f358dbd3a3642a7fd311bb22
MD5 hash:	8ffa3d4f4846b168343eb6a72a216abd
humanhash:	lactose-november-eight-neptune
File name:	CameraAccess
Download:	download sample
Signature	Lazarus Create hunting rule
File size:	232'144 bytes
First seen:	2025-01-30 13:40:13 UTC
Last seen:	2025-03-19 07:57:14 UTC
File type:	macho
MIME type:	application/x-mach-binary
ssdeep	1536:N3RpdGhyGkxhze14eTfS+C/yofKHz01B:/p2jkxuAi
TLSH	T10C3439D3BF686109C0AE517F44639B405233FD89AF1293A9B750A2AC8E737B4671394F
TrID	82.2% (.DYLIB) Mac OS X Mach-O universal Dynamically linked shared Library (32500/1/5) 17.7% (.O/DYLIB/BUNDLE) Mac OS X Universal Binary (generic) (7002/2)
Magika	macho
Reporter	smica83
Tags:	Lazarus machO MacOS-Driverfixer

Intelligence

File Origin

# of uploads :

# of downloads :

192

Origin country :

Vendor Threat Intelligence

Detection(s):

SecuriteInfo.com.MacOS.Agent-ASF.3805.1345.UNOFFICIAL

Verdict:

Malicious

Score:

81.4%

Link:

https://cyber-fortress.com/docs/result/index.php?id=679b82ae29ae628cf42ba780

Tags:

virus

Verdict:

Unknown

Threat level:

2.5/10

Confidence:

100%

Link:

https://www.filescan.io/uploads/679b8176ebc56cb02ee954b7/reports/6eb755f4-1797-4b86-ab6e-d8103def9042/overview

Verdict:

Malicious

Labled as:

OSX/PSW.Agent

Link:

https://www.hybrid-analysis.com/sample/3c4becde20e618efb209f97581e9ab6bf00cbd63f51f4ebd5677e352c57e992a

Score:

100%

Verdict:

Malware

File Type:

Mach-O universal binary

Link:

https://malprob.io/report/3c4becde20e618efb209f97581e9ab6bf00cbd63f51f4ebd5677e352c57e992a

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/3c4becde20e618efb209f97581e9ab6bf00cbd63f51f4ebd5677e352c57e992a/

Threat name:

MacOS.Trojan.Generic

Status:

Suspicious

First seen:

2025-01-28 18:03:51 UTC

File Type:

Binary (Archive)

Extracted files:

AV detection:

10 of 24 (41.67%)

Threat level:

5/5

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=hrf6zxra4ymo7mqj7f2yd2nlnpyazpld6upu5pkwo7rvfrl6teva._file

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Legit

Score:

0.00

Link:

https://yomi.yoroi.company/submissions/3c4becde20e618efb209f97581e9ab6bf00cbd63f51f4ebd5677e352c57e992a

File information

The table below shows additional information about this malware sample such as delivery method and external references.

No further information available

Reviews

ID	Capabilities	Evidence
IOKIT_API	Can Access Hardware Devices & Drivers	__swift_FORCE_LOAD_$_swiftIOKit

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample