Overview

overview

1

Static

static

RecentNews....h.vbs

macos_amd64

1

RecentNews...ler.py

macos_amd64

1

RecentNews...st.xml

macos_amd64

1

RecentNews...taller

macos_amd64

1

RecentNews...python

macos_amd64

1

RecentNews...bsc/mt

macos_amd64

1

RecentNews...er.pyc

macos_amd64

1

RecentNews...ner.sh

macos_amd64

1

RecentNews...le.pdf

macos_amd64

1

RecentNews...t__.py

macos_amd64

1

RecentNews...r__.sh

macos_amd64

1

RecentNews...all-sh

macos_amd64

1

RecentNews...n2.7.a

macos_amd64

1

RecentNews....dylib

macos_amd64

1

RecentNews...thon.o

macos_amd64

1

RecentNews...te.pyc

macos_amd64

1

RecentNews...te.pyc

macos_amd64

pkg_resources.pyc

macos_amd64

1

Resubmissions

08-11-2021 08:45

211108-knqjjabfa3 1

08-11-2021 08:40

211108-kk3dxsbeh8 1

Analysis

  • max time network
    152s
  • platform
    macos_amd64
  • resource
    macos
  • submitted
    08-11-2021 08:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    RecentNews.?fdp.app/Contents/Resources/__boot__.py

  • Size

    1KB

  • MD5

    d4733f2e479965f40f563b39f2756a0f

  • SHA1

    83112c63aa0b915fbf838907f9120a09db20ab76

  • SHA256

    023ecc7863d1f2c70c4d832462c3a1b0e6b182631b62a9b8a90f5dc26d515fab

  • SHA512

    7dc8f39efc7908859e56d9597286a0f4067d126d14ad0052411b69496c680145c6ee04dfbeb16ff3ebc3361c8cb407b8681006e36d0778f0d4712d2045b95314

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /Users/run/RecentNews.?fdp.app/Contents/Resources/__boot__.py"
    1⤵
      PID:477
    • /bin/bash
      sh -c "sudo /Users/run/RecentNews.?fdp.app/Contents/Resources/__boot__.py"
      1⤵
        PID:477
      • /usr/bin/sudo
        sudo "/Users/run/RecentNews.?fdp.app/Contents/Resources/__boot__.py"
        1⤵
          PID:477
          • /Users/run/RecentNews.?fdp.app/Contents/Resources/__boot__.py
            "/Users/run/RecentNews.?fdp.app/Contents/Resources/__boot__.py"
            2⤵
              PID:478
            • /bin/sh
              sh "/Users/run/RecentNews.?fdp.app/Contents/Resources/__boot__.py"
              2⤵
                PID:478
              • /bin/bash
                sh "/Users/run/RecentNews.?fdp.app/Contents/Resources/__boot__.py"
                2⤵
                  PID:478

              Network

              MITRE ATT&CK Matrix

              Replay Monitor

              Loading Replay Monitor...

              Downloads