OSX_OKAZ.AA

 Analysis by: Christopher Daniel So

 ALIASES:

Trojan.OSX.Okaz.a (Kaspersky), MacOS:Chatzum-A (Avast), OSX/Agent.L (AVG), MAC.OSX.Trojan.Zako.A (BitDefender)

 PLATFORM:

Mac OS X

 OVERALL RISK RATING:
 DAMAGE POTENTIAL:
 DISTRIBUTION POTENTIAL:
 REPORTED INFECTION:
 INFORMATION EXPOSURE:

  • Threat Type: Adware

  • Destructiveness: No

  • Encrypted: No

  • In the wild: Yes

  OVERVIEW

This adware arrives as a component bundled with malware/grayware packages.

  TECHNICAL DETAILS

File Size:

39,456 bytes

File Type:

Mach-O

Memory Resident:

Yes

Initial Samples Received Date:

25 Sep 2013

Arrival Details

This adware arrives as a component bundled with malware/grayware packages.

NOTES:

This is the Trend Micro detection for the ChatZum browser extension. It has the capability of changing the home page and search engine. It needs other components to perform its intended routine. It is typically installed in /Library/Internet Plug-Ins.