Attachments
(476.43 KiB) Downloaded 58 times
ikolor wrote:next..MacKeeper.pkg MacOS:MacKeeper-N [PUP] -> Name self explaining, isn't it?
https://www.virustotal.com/en/file/0d9a ... 483034704/
A forum for reverse engineering, OS internals and malware analysis
Ring0 - the source of inspiration
thanks for analyze
https://www.virustotal.com/en/file/f559 ... 499619085/
https://www.virustotal.com/en/file/a920 ... 499617744/
https://www.virustotal.com/en/file/f559 ... 499619085/
https://www.virustotal.com/en/file/a920 ... 499617744/
Attachments
(309.97 KiB) Downloaded 25 times
(7.67 MiB) Downloaded 32 times
https://www.virustotal.com/en/file/f559 ... 499619085/This one is MacKeeper. It is a PUP for mac OS, it's not necessarily malware but it is also not very useful.
https://www.virustotal.com/en/file/a920 ... 499617744/This is a chinese malicous browser extension. It changes the HOSTS file, overwrites all browser desktop icons with new shortcut (to change homepage), mostly standard stuff for malicious browser extensions.
Installs kangle web server:
https://sourceforge.net/projects/kangle/
Attached config file for it.
Contacts a lot of hosts. Attached contacted hosts full list in csv format.
Something else interesting, it seems to do something with ChromeCast:
More info here: https://www.reverse.it/sample/a92058800 ... mentId=100
Attachments
(2.42 KiB) Downloaded 13 times
(22.81 KiB) Downloaded 12 times
