MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 bfd74b4a1b413fa785a49ca4a9c0594441a3e01983fc7f86125376fdbd4acf6b. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Lazarus


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: bfd74b4a1b413fa785a49ca4a9c0594441a3e01983fc7f86125376fdbd4acf6b
SHA3-384 hash: a3ce7138baa33e6abe8e97ce1b7aa5328a1f1f048312ed2770ca79b07f5bb5e8a54cc2552108449c8e1d15b460d7c01d
SHA1 hash: 676537b0f7707feae0130bbcbdc881f5b4eb3f03
MD5 hash: 05957d98a75c04597649295dc846682d
humanhash: papa-july-nitrogen-network
File name:os_helper
Download: download sample
Signature Lazarus
Create hunting rule
File size:173'792 bytes
First seen:2024-03-03 13:36:18 UTC
Last seen:Never
File type:php macho
MIME type:application/x-mach-binary
ssdeep 768:+D4IjR+m+k5C0E6PTz8WXmonko/Sr63jaPE5LJImKGeMCpiA5Ndnk1Qdmw:9n6PTNOKjaPILJ6G9EJdnd
TLSH T164043A43FF481807C8C4813D6AB947024167F2567AA6D3BF2754A71CAFAD3D5731AA0B
TrID 82.2% (.DYLIB) Mac OS X Mach-O universal Dynamically linked shared Library (32500/1/5)
17.7% (.O/DYLIB/BUNDLE) Mac OS X Universal Binary (generic) (7002/2)
Reporter smica83
Tags:Lazarus machO SimpleTea

Intelligence

File Origin
# of uploads :
1
# of downloads :
228
Origin country :
HU HU
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Other.Malware-gen.30857.8698.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
nukesped
Link:
https://www.filescan.io/uploads/65e47cff3b77ec652564a12f/reports/283a9179-84fe-42b5-9061-e4bc2fb419db/overview
Verdict:
Malicious
Labled as:
Trojan.MAC.Lazarus.7;Gen:Trojan.MAC.Lazarus.Generic
Link:
https://www.hybrid-analysis.com/sample/bfd74b4a1b413fa785a49ca4a9c0594441a3e01983fc7f86125376fdbd4acf6b
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/bfd74b4a1b413fa785a49ca4a9c0594441a3e01983fc7f86125376fdbd4acf6b/
Threat name:
MacOS.Trojan.Lazarus
Create hunting rule
Status:
Malicious
First seen:
2024-03-01 16:55:30 UTC
File Type:
Binary (Archive)
Extracted files:
2
AV detection:
12 of 38 (31.58%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=x7luwsq3ie72pbnetssktqczira2hyazqp6h7bqskn3p3pkkz5vq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
0.70
Link:
https://yomi.yoroi.company/submissions/bfd74b4a1b413fa785a49ca4a9c0594441a3e01983fc7f86125376fdbd4acf6b

File information

The table below shows additional information about this malware sample such as delivery method and external references.

  
X
https://twitter.com/malwrhunterteam/status/1764037492812943550?t=a2Yv_KgBQR1Sw6XRlnbGyQ&s=19

Comments