Analysis
-
max time kernel
71s -
max time network
95s -
platform
macos_amd64 -
resource
macos -
submitted
24/01/2022, 21:06
General
-
Target
types-config.ts
-
Size
351KB
-
MD5
e06e06752509f9cd8bc85aa1aa24dba2
-
SHA1
554aef8bf44e7fa941e1190e41c8770e90f07254
-
SHA256
1a9a5c797777f37463b44de2b49a7f95abca786db3977dcdac0f79da739c08ac
-
SHA512
78a210c5fd1ac8c601fbb4ed226e7aaf1cc5bda187807ba3020997862fd54b59081f0b7f4fdc720acfa8e3d6a35dbe9309e0b2fe38088f493a02717a1057a56e
Score
1/10
Malware Config
Signatures
Processes
-
/bin/shsh -c "sudo /bin/zsh -c \"/Users/run/types-config.ts\""1⤵
-
/bin/bashsh -c "sudo /bin/zsh -c \"/Users/run/types-config.ts\""1⤵
-
/bin/bashsh -c "sudo /bin/zsh -c \"/Users/run/types-config.ts\""1⤵
-
/usr/bin/sudosudo /bin/zsh -c /Users/run/types-config.ts1⤵
-
/usr/bin/sudosudo /bin/zsh -c /Users/run/types-config.ts1⤵
-
/bin/zsh/bin/zsh -c /Users/run/types-config.ts2⤵
-
-
/bin/zsh/bin/zsh -c /Users/run/types-config.ts2⤵
-
-
/Users/run/types-config.ts/Users/run/types-config.ts2⤵
-
-
/Users/run/types-config.ts/Users/run/types-config.ts2⤵
-
-
/bin/shsh -c whoami1⤵
-
/bin/bashsh -c whoami1⤵
-
/bin/bashsh -c whoami1⤵
-
/usr/bin/whoamiwhoami1⤵
-
/usr/bin/whoamiwhoami1⤵
-
/usr/sbin/spctl/usr/sbin/spctl --test-devid-status1⤵
-
/usr/bin/syslog/usr/bin/syslog -s -k com.apple.message.domain com.apple.security.assessment.current_state com.apple.message.signature "assessments enabled" com.apple.message.signature2 "devid enabled" Message "Gatekeeper state assessments enabled/devid enabled"1⤵
-
/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/bin/java"/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/bin/java" "-Djdk.disableLastUsageTracking=true" "-Djava.awt.headless=true " -cp "/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/deploy.jar" com.sun.deploy.panel.ControlPanel -getSecurityLevel1⤵