Bundlore

Summary
Common adware comonly dropped by various freeware
Class
Adware
Class Summary
Adware is a type of software that delivers unsolicited advertisements, typically through pop-up messages or browser redirection. While not always harmful, adware can significantly degrade system performance and user experience. Adware often infiltrates systems through free software downloads or malicious websites. If adware made it on to the system, scrutinize any recent software downloads, especially free software, as it's often the source. Adware can often be removed by looking for odd LaunchAgents, LaunchDaemons, and unexpected 3rd-party browser extensions.
Description

Bundlore is a highly common macOS adware family that has historically made its way onto systems by packaging with freeware tools and is installed in the background when the freeware installer is run. Bundlore variants are often signed with a legitimate developer certificate and dropped by distributed malware droppers such as the Shlayer malware dropper. Unsigned variants exist as well.

References
Example Hashes
  • 59d670fe3896864b21f150ca9380c0694c0d1deb
    VirusTotal
  • def6e592d4ecb7829aa3b4cf2c9fb47cac80aed3
    VirusTotal
  • 3c71a5c2068a28cfc585557f3450faf696f91b62
    VirusTotal
  • 0a06cf975f46b8a534addbf8dadc1f83ea4a587d
    VirusTotal