Overview

overview

10

Static

static

10

085cad9cd0...9b9ca8

macos_amd64

1

Analysis

  • max time kernel
    98s
  • max time network
    153s
  • platform
    macos_amd64
  • resource
    macos
  • submitted
    30/01/2022, 22:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    085cad9cd08cab0e326cb46c3a2e9d97a628678d9d0bc262021d3454cc9b9ca8

  • Size

    95KB

  • MD5

    703ba6365fa47296e99de75c6395b3c5

  • SHA1

    741b412c954a39977a985960dbaa988211afe444

  • SHA256

    085cad9cd08cab0e326cb46c3a2e9d97a628678d9d0bc262021d3454cc9b9ca8

  • SHA512

    9038468ae7b3482bd88caa519448cbba02beadff309fcb3b8076681b1d856801bab6a2c546cf1d9e8496faf83d4acb7e936aa0fe27e72fa33f2cd4f76b77bbaa

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/085cad9cd08cab0e326cb46c3a2e9d97a628678d9d0bc262021d3454cc9b9ca8\""
    1⤵
      PID:611
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/085cad9cd08cab0e326cb46c3a2e9d97a628678d9d0bc262021d3454cc9b9ca8\""
      1⤵
        PID:611
      • /bin/bash
        sh -c "sudo /bin/zsh -c \"/Users/run/085cad9cd08cab0e326cb46c3a2e9d97a628678d9d0bc262021d3454cc9b9ca8\""
        1⤵
          PID:611
        • /usr/bin/sudo
          sudo /bin/zsh -c /Users/run/085cad9cd08cab0e326cb46c3a2e9d97a628678d9d0bc262021d3454cc9b9ca8
          1⤵
            PID:611
          • /usr/bin/sudo
            sudo /bin/zsh -c /Users/run/085cad9cd08cab0e326cb46c3a2e9d97a628678d9d0bc262021d3454cc9b9ca8
            1⤵
              PID:611
              • /bin/zsh
                /bin/zsh -c /Users/run/085cad9cd08cab0e326cb46c3a2e9d97a628678d9d0bc262021d3454cc9b9ca8
                2⤵
                  PID:613
                • /bin/zsh
                  /bin/zsh -c /Users/run/085cad9cd08cab0e326cb46c3a2e9d97a628678d9d0bc262021d3454cc9b9ca8
                  2⤵
                    PID:613
                  • /Users/run/085cad9cd08cab0e326cb46c3a2e9d97a628678d9d0bc262021d3454cc9b9ca8
                    /Users/run/085cad9cd08cab0e326cb46c3a2e9d97a628678d9d0bc262021d3454cc9b9ca8
                    2⤵
                      PID:613
                    • /Users/run/085cad9cd08cab0e326cb46c3a2e9d97a628678d9d0bc262021d3454cc9b9ca8
                      /Users/run/085cad9cd08cab0e326cb46c3a2e9d97a628678d9d0bc262021d3454cc9b9ca8
                      2⤵
                        PID:613
                    • /usr/sbin/spctl
                      /usr/sbin/spctl --test-devid-status
                      1⤵
                        PID:612
                      • /usr/bin/syslog
                        /usr/bin/syslog -s -k com.apple.message.domain com.apple.security.assessment.current_state com.apple.message.signature "assessments enabled" com.apple.message.signature2 "devid enabled" Message "Gatekeeper state assessments enabled/devid enabled"
                        1⤵
                          PID:614
                        • /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/bin/java
                          "/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/bin/java" "-Djdk.disableLastUsageTracking=true" "-Djava.awt.headless=true " -cp "/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/deploy.jar" com.sun.deploy.panel.ControlPanel -getSecurityLevel
                          1⤵
                            PID:616
                          • /usr/libexec/xpcproxy
                            xpcproxy com.apple.sysmond
                            1⤵
                              PID:639
                            • /usr/libexec/sysmond
                              /usr/libexec/sysmond
                              1⤵
                                PID:639

                              Network

                              MITRE ATT&CK Matrix

                              Replay Monitor

                              Loading Replay Monitor...

                              Downloads