MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 83b53fa861bb52ca6e27abe95937e639fbcd2b491a933473e33bc8741735f65b. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 8


Intelligence 8 IOCs YARA 1 File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 83b53fa861bb52ca6e27abe95937e639fbcd2b491a933473e33bc8741735f65b
SHA3-384 hash: 5bd56caf7dedcbe0be1e45632d017e8f044e98477a2f83e62a5de7ba484212897ae4c92b1e1de4d34364950a6b02793e
SHA1 hash: ed2f179b400cc4d5ac543fb7a66fb82d8a7963cf
MD5 hash: 24f9a9ed5dcff37af8fb1637293a4b83
humanhash: twenty-robert-nevada-venus
File name:PartyLauncher
Download: download sample
File size:494'272 bytes
First seen:2024-07-27 18:30:45 UTC
Last seen:Never
File type:php macho
MIME type:application/x-mach-binary
ssdeep 6144:DSW7dVr6dUEZi20H10FB34AqlyzoN7qAXCQGfkKwoCB0MHO+a893ofD7Zdy/r71:DSMGxHFB34AqlyzOdSQeJCBNHO+dYZd
TLSH T125B46D43064ACBD1E0D261B8BFDE67B1D160F8113F7BD58C7B0BE6666CB44A826D9203
TrID 82.2% (.DYLIB) Mac OS X Mach-O universal Dynamically linked shared Library (32500/1/5)
17.7% (.O/DYLIB/BUNDLE) Mac OS X Universal Binary (generic) (7002/2)
Reporter alp1n3
Tags:mac Mach-O machO macOS OSX


Avatar
alp1n3
Retrieved from https[://]r00m[.]io. The site downloads a malicious .dmg file which contains malware.

Intelligence

File Origin
# of uploads :
1
# of downloads :
199
Origin country :
US US
Vendor Threat Intelligence
Detection(s):
Unix.Malware.Macos-10033894-0
Create hunting rule

Unix.Malware.Macos-10033895-0
Create hunting rule

Verdict:
Malicious
Score:
81.4%
Link:
https://cyber-fortress.com/docs/result/index.php?id=66a53ce846f80f37dcaa81a2
Tags:
n/a
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/66a53ce84c5c17942a7ee8a3/reports/d2e66f60-183b-4976-aef7-83e89f7f2aaf/overview
Result
Verdict:
MALICIOUS
Score:
100%
Verdict:
Malware
File Type:
Mach-O universal binary
Link:
https://malprob.io/report/83b53fa861bb52ca6e27abe95937e639fbcd2b491a933473e33bc8741735f65b
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/83b53fa861bb52ca6e27abe95937e639fbcd2b491a933473e33bc8741735f65b/
Threat name:
MacOS.Infostealer.Generic
Create hunting rule
Status:
Suspicious
First seen:
2024-07-24 14:44:27 UTC
File Type:
Binary (Archive)
Extracted files:
2
AV detection:
10 of 38 (26.32%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=qo2t7kdbxnjmu3rhvpuvsn7ghh542k2jdkjti47dhpehifzv6znq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/83b53fa861bb52ca6e27abe95937e639fbcd2b491a933473e33bc8741735f65b

YARA Signatures

MalwareBazaar uses YARA rules from several public and non-public repositories, such as YARAhub and Malpedia. Those are being matched against malware samples uploaded to MalwareBazaar as well as against any suspicious process dumps they may create. Please note that only results from TLP:CLEAR rules are being displayed.

Rule name:Atomic_Stealer_Generic
Create hunting rule
Author:security-penguin
Description:Detects Atomic Stealer targeting MacOS

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

php macho 83b53fa861bb52ca6e27abe95937e639fbcd2b491a933473e33bc8741735f65b

(this sample)

  
Link
https://paragraph.xyz/@alp1n3.eth/party-royale-party-world-web3-scam-and-malware-analysis
  
Delivery method
Distributed via web download

Comments