MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 7ab47b7b14f4d6848b9f4d410d1315ccc68e9a6714d94a2e870b6ba77d28e828. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


RustyPages


Vendor detections: 9


Intelligence 9 IOCs YARA 2 File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 7ab47b7b14f4d6848b9f4d410d1315ccc68e9a6714d94a2e870b6ba77d28e828
SHA3-384 hash: fc6a048fe78845590d5fef1035c4f40e449d59a4645043e743397f94e3e4c6b9f10cbafc58f0793fd7d3d74941c989c8
SHA1 hash: d96656859e3f5da8883515c9cc45938552fa4886
MD5 hash: b4fd1d58230915bf917304a83d8976e5
humanhash: london-three-burger-stream
File name:7ab47b7b14f4d6848b9f4d410d1315ccc68e9a6714d94a2e870b6ba77d28e828
Download: download sample
Signature RustyPages
Create hunting rule
File size:91'308 bytes
First seen:2025-12-14 20:23:08 UTC
Last seen:Never
File type:php macho
MIME type:application/x-mach-binary
ssdeep 1536:CU/2AludaRdwoWhSWWVmnqZp+oKMTWR2zzayUnWrauva+zFkIMGo2kpY:6Asi2oWkWrwp3Ww3ayUnWrauva+zFCGn
TLSH T19A935B379260A574D086407453DBCBA36B22F471290AA30E27D4BA275F7ADD6BB4F313
Magika macho
Reporter Anonymous
Tags:machO Rust RustyPages

Intelligence

File Origin
# of uploads :
1
# of downloads :
34
Origin country :
CA CA
Vendor Threat Intelligence
No detections
Detection(s):
SecuriteInfo.com.MacOS.Dropper-B.93892561.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Score:
81.4%
Link:
https://cyber-fortress.com/docs/result/index.php?id=693f1cb2039c1dfc7339397e
Tags:
virus agent
Verdict:
Malicious
Labled as:
Trojan.Generic
Link:
https://www.hybrid-analysis.com/sample/7ab47b7b14f4d6848b9f4d410d1315ccc68e9a6714d94a2e870b6ba77d28e828
Verdict:
Malicious
File Type:
macho x64 le
First seen:
2025-08-15T18:20:00Z UTC
Last seen:
2025-08-23T04:41:00Z UTC
Hits:
~10
Detections:
HEUR:Trojan-Downloader.OSX.Zdrusty.gen HEUR:Trojan-Downloader.OSX.Zdrusty.a
Link:
https://opentip.kaspersky.com/7ab47b7b14f4d6848b9f4d410d1315ccc68e9a6714d94a2e870b6ba77d28e828/results?tab=lookup
Score:
78%
Verdict:
Malware
File Type:
Mach-O
Link:
https://malprob.io/report/7ab47b7b14f4d6848b9f4d410d1315ccc68e9a6714d94a2e870b6ba77d28e828
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/7ab47b7b14f4d6848b9f4d410d1315ccc68e9a6714d94a2e870b6ba77d28e828/
Verdict:
Malicious
Threat:
Trojan-Downloader.OSX.Zdrusty
Link:
https://tip.neiki.dev/file/7ab47b7b14f4d6848b9f4d410d1315ccc68e9a6714d94a2e870b6ba77d28e828
Threat name:
MacOS.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2025-08-09 13:37:00 UTC
File Type:
MachO64 Little (Exe)
AV detection:
9 of 36 (25.00%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=pk2hw6yu6tlijc47jvaq2eyvztdi5gthctmuuluhbnv2o7ji5aua._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/7ab47b7b14f4d6848b9f4d410d1315ccc68e9a6714d94a2e870b6ba77d28e828

YARA Signatures

MalwareBazaar uses YARA rules from several public and non-public repositories, such as YARAhub and Malpedia. Those are being matched against malware samples uploaded to MalwareBazaar as well as against any suspicious process dumps they may create. Please note that only results from TLP:CLEAR rules are being displayed.

Rule name:CP_Script_Inject_Detector
Create hunting rule
Author:DiegoAnalytics
Description:Detects attempts to inject code into another process across PE, ELF, Mach-O binaries
Rule name:evilcrackz
Create hunting rule
Author:stu
Description:test - file evilcrackz.macho
Reference:https://github.com/Neo23x0/yarGen

File information

The table below shows additional information about this malware sample such as delivery method and external references.

  
Link
https://the-sequence.com/rustypages-malware-part-i

Comments