macOS Analysis Report
pwm_3.3.1.1_aarch64.dmg

Overview

General Information

Sample Name: pwm_3.3.1.1_aarch64.dmg
Analysis ID: 752914
MD5: 860615adad871e67d0e2a362f7824b7b
SHA1: 462830c61a38b1d0c501b34bad200aec74ce3763
SHA256: 8ad57fb0368aeb7b73c4ef77da30bc9193f200a2c53b2b1cfa6d8dec6bdf0c8a
Infos:

Detection

Score: 0
Range: 0 - 100
Whitelisted: false

Signatures

Reads launchservices plist files

Classification

Source: unknown TCP traffic detected without corresponding DNS query: 17.253.15.199
Source: unknown TCP traffic detected without corresponding DNS query: 104.76.200.212
Source: unknown TCP traffic detected without corresponding DNS query: 17.253.15.199
Source: unknown TCP traffic detected without corresponding DNS query: 104.76.200.212
Source: classification engine Classification label: clean0.macDMG@0/0@0/0
Reads launchservices plist files
Source: /usr/bin/open (PID: 899) Launchservices plist file read: /System/Library/Preferences/Logging/Subsystems/com.apple.launchservices.plist Jump to behavior
Source: submission CodeSign Info: Executable=/Volumes/PWMinder_3.3.1.1/PWMinder.app/Contents/MacOS/PWMinder
Source: /usr/bin/open (PID: 899) System or server version plist file read: /System/Library/CoreServices/SystemVersion.plist Jump to behavior
cam-macmac-stand
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Contacted Public IPs

IP Domain Country Flag ASN ASN Name Malicious
104.76.200.212
 unknown United States
3462 HINETDataCommunicationBusinessGroupTW false