OSX/AceInstaller appears to be a Trojaned or bundled installer distributed with torrent downloads . However, there is little publicly available information about this threat at this time. Researching the Yara rule, a matching file appears to have been uploaded and analyzed by malwr.com. The sample contains additional strings that indicate its ability to masquerade as an Adobe Flash Installer, likely as a form of Adware . While the hash associated with the malwr.com analysis  is not currently found in VirusTotal, the hash associated a second sample at malwr.com  is detected by many AV products as a variant of OSX/Genieo.