New macOS Bundlore Loader analysis
Tags
Common Information
| Type | Value |
|---|---|
| UUID | 8f977f62-64ca-46e4-9e3d-f36443cc0208 |
| Fingerprint | 2d3119f72c8494b1 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Dec. 10, 2019, 6:54 p.m. |
| Added to db | Sept. 26, 2022, 9:30 a.m. |
| Last updated | Sept. 5, 2024, 2:04 a.m. |
| Headline | New macOS Bundlore Loader Analysis |
| Title | New macOS Bundlore Loader analysis |
| Detected Hints/Tags/Attributes | 67/3/20 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://blog.confiant.com/new-macos-bundlore-loader-analysis-ca16d19c058c |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | adobleflashplayer.app |
|
| Details | Domain | 1 | dumped.py |
|
| Details | Domain | 1 | appsdown.urbanvillager.xyz |
|
| Details | Domain | 4 | mm-install-macos.app |
|
| Details | Domain | 1 | adobeflashplayer.app |
|
| Details | File | 3 | player.dmg |
|
| Details | File | 1 | bundlore_python_dump.py |
|
| Details | File | 1 | dumped.py |
|
| Details | File | 5 | mu.reg |
|
| Details | File | 2 | stmp.tar |
|
| Details | File | 4 | adobeflashplayer.dmg |
|
| Details | File | 1 | ioffers.tar |
|
| Details | sha256 | 1 | ac86946f8badb74a044509705da31a30be396bc09f8394e0b88f0f306d9eade3 |
|
| Details | sha256 | 1 | fd92b5236742c66013a9ccbd44659f1bcba0865d7c0169afa4904f5c6ed96e8e |
|
| Details | sha256 | 1 | dc7ad37ee8f253150f85548575cc589210aa3d172fcccf52cb48d3e481b67e62 |
|
| Details | sha256 | 1 | 549a4060effe5423fe2bb85b5aa22a70b558bd5fa4c2de9acfda3c76da532b23 |
|
| Details | sha256 | 1 | 254951ce0f0b282f16c31a69b1951b5484c2fcae1ef20172758ec1bdf8798305 |
|
| Details | IPv4 | 1 | 100.0.30.6 |
|
| Details | IPv4 | 1 | 100.0.33.9 |
|
| Details | Url | 1 | http://appsdown.urbanvillager.xyz/ioffers.tar.gz?ts=[timestamp] |