MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 9a4b14a7ff3cc6443a2b9e3a95a2259295d5809b81cd5829d12fa87d4e60ed71. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Threat unknown

Vendor detections: 8

Intelligence 8 IOCs YARA File information Comments

SHA256 hash:	9a4b14a7ff3cc6443a2b9e3a95a2259295d5809b81cd5829d12fa87d4e60ed71
SHA3-384 hash:	5f90deeab120839198442fc113d6f849a98969bb363b59c55721b4d771539ee699e25a244717121e8caccd679e5d7088
SHA1 hash:	8ee6ad37c6b245f42cbf0f2795f7ee2a5e13cfa1
MD5 hash:	26100a077b4661a0b29fccd58a7f2f9d
humanhash:	cat-double-iowa-network
File name:	ATTActiveArmor.dmg
Download:	download sample
File size:	804'019 bytes
First seen:	2025-10-22 15:55:42 UTC
Last seen:	Never
File type:
MIME type:	application/zlib
ssdeep	12288:rbmSyq/VJ+pBwDLohZHivB9U3oPOYakaZkYNWRUMG7pgTMdykhcFCqNwMgKciLC1:+xq/VewXCZ8TUZYax99gUyq0lgauT+C
TLSH	T16A05237F010E2EB5EC8D1C7498701F190EBE9ACFABB99156B5524E783AC3C5227B0349
TrID	97.6% (.DMG) Macintosh Disk image (BZlib compressed) (83000/1/20) 2.3% (.) ZLIB compressed data (best comp.) (2000/1)
Magika	dmg
Reporter	smica83
Tags:	185-93-89-62 dmg Odyssey

Intelligence

File Origin

# of uploads :

# of downloads :

Origin country :

Vendor Threat Intelligence

Verdict:

Malicious

Score:

92.5%

Link:

https://cyber-fortress.com/docs/result/index.php?id=68f8fe9ead6ce0f5ad40b247

Tags:

virus

Verdict:

Suspicious

Labled as:

OSX/AVI.Stealer

Link:

https://www.hybrid-analysis.com/sample/9a4b14a7ff3cc6443a2b9e3a95a2259295d5809b81cd5829d12fa87d4e60ed71

Verdict:

Malicious

File Type:

udif

First seen:

2025-10-21T20:24:00Z UTC

Last seen:

2025-10-22T13:19:00Z UTC

Hits:

~10

Detections:

HEUR:Trojan-PSW.OSX.Amos.aq

Link:

https://opentip.kaspersky.com/9a4b14a7ff3cc6443a2b9e3a95a2259295d5809b81cd5829d12fa87d4e60ed71/results?tab=lookup

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/9a4b14a7ff3cc6443a2b9e3a95a2259295d5809b81cd5829d12fa87d4e60ed71/

Verdict:

Malicious

Threat:

Trojan-PSW.OSX.Amos

Link:

https://tip.neiki.dev/file/9a4b14a7ff3cc6443a2b9e3a95a2259295d5809b81cd5829d12fa87d4e60ed71

Threat name:

MacOS.Trojan.Multiverze

Status:

Malicious

First seen:

2025-10-21 22:44:31 UTC

File Type:

Binary (Archive)

Extracted files:

AV detection:

12 of 24 (50.00%)

Threat level:

5/5

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=tjfrjj77htdeiorlty5jlirfskk5lae3qhgvqkorf6uh2tta5vyq._file

Malware family:

OdysseyStealer

Verdict:

Malicious

Link:

https://www.vmray.com/analyses/_mb/9a4b14a7ff3c/report/overview.html

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Legit

Score:

0.05

Link:

https://yomi.yoroi.company/submissions/9a4b14a7ff3cc6443a2b9e3a95a2259295d5809b81cd5829d12fa87d4e60ed71

File information

The table below shows additional information about this malware sample such as delivery method and external references.

No further information available

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample