We recently identified a mass promotion campaign for the Mac OS X software called MacClean360. After a further look, we identified that the same service is used by the AdLoad Adware campaign.
The detection rate of the MacClean360 is low on VT.
IOC and binary information:
MD5 (MacClean360Trial.dmg) = c8987bce923f896475d9c0083015ac95
MD5 (/Applications/MacClean360.app/Contents/MacOS/MacClean360) = fc05a3de0c95c9ca74e7a53a4700a4ed
Format=app bundle with Mach-O thin (x86_64)
CodeDirectory v=20200 size=12602 flags=0x0(none) hashes=387+4 location=embedded
Authority=Developer ID Application: FENG TAO (92Z5UVVL5Y)
Authority=Developer ID Certification Authority
Authority=Apple Root CA
Signed Time=Sep 11, 2019 at 1:36:37 AM
Sealed Resources version=2 rules=12 files=192
Internal requirements count=1 size=188
For the moment we will keep the detection as PUP until further analysis.