Overview

overview

10

Static

static

10

e83f6fdf04...09bf68

macos_amd64

1

Analysis

  • max time kernel
    3s
  • max time network
    119s
  • platform
    macos_amd64
  • resource
    macos
  • submitted
    31/01/2022, 06:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e83f6fdf04928cf1be0cec6c4c5a583561a06b5c18b559dc2298ae174709bf68

  • Size

    159KB

  • MD5

    ef599bb5ed844b9a51817bd4385d3683

  • SHA1

    f639975bcb89262d73369fbb6d051643804b18cd

  • SHA256

    e83f6fdf04928cf1be0cec6c4c5a583561a06b5c18b559dc2298ae174709bf68

  • SHA512

    1987a794da0f6c5dde2c07488ab060c7332fe15c540c43417f5455f92e4418bcd6c4655c9ba23063454d473664b36f2e771ce9902bbe26d46c272436b8a5e64e

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/e83f6fdf04928cf1be0cec6c4c5a583561a06b5c18b559dc2298ae174709bf68\""
    1⤵
      PID:623
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/e83f6fdf04928cf1be0cec6c4c5a583561a06b5c18b559dc2298ae174709bf68\""
      1⤵
        PID:623
      • /bin/bash
        sh -c "sudo /bin/zsh -c \"/Users/run/e83f6fdf04928cf1be0cec6c4c5a583561a06b5c18b559dc2298ae174709bf68\""
        1⤵
          PID:623
        • /usr/bin/sudo
          sudo /bin/zsh -c /Users/run/e83f6fdf04928cf1be0cec6c4c5a583561a06b5c18b559dc2298ae174709bf68
          1⤵
            PID:623
          • /usr/bin/sudo
            sudo /bin/zsh -c /Users/run/e83f6fdf04928cf1be0cec6c4c5a583561a06b5c18b559dc2298ae174709bf68
            1⤵
              PID:623
              • /bin/zsh
                /bin/zsh -c /Users/run/e83f6fdf04928cf1be0cec6c4c5a583561a06b5c18b559dc2298ae174709bf68
                2⤵
                  PID:625
                • /bin/zsh
                  /bin/zsh -c /Users/run/e83f6fdf04928cf1be0cec6c4c5a583561a06b5c18b559dc2298ae174709bf68
                  2⤵
                    PID:625
                  • /Users/run/e83f6fdf04928cf1be0cec6c4c5a583561a06b5c18b559dc2298ae174709bf68
                    /Users/run/e83f6fdf04928cf1be0cec6c4c5a583561a06b5c18b559dc2298ae174709bf68
                    2⤵
                      PID:625
                    • /Users/run/e83f6fdf04928cf1be0cec6c4c5a583561a06b5c18b559dc2298ae174709bf68
                      /Users/run/e83f6fdf04928cf1be0cec6c4c5a583561a06b5c18b559dc2298ae174709bf68
                      2⤵
                        PID:625
                    • /usr/sbin/spctl
                      /usr/sbin/spctl --test-devid-status
                      1⤵
                        PID:626
                      • /usr/bin/syslog
                        /usr/bin/syslog -s -k com.apple.message.domain com.apple.security.assessment.current_state com.apple.message.signature "assessments enabled" com.apple.message.signature2 "devid enabled" Message "Gatekeeper state assessments enabled/devid enabled"
                        1⤵
                          PID:627
                        • /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/bin/java
                          "/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/bin/java" "-Djdk.disableLastUsageTracking=true" "-Djava.awt.headless=true " -cp "/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/deploy.jar" com.sun.deploy.panel.ControlPanel -getSecurityLevel
                          1⤵
                            PID:629

                          Network

                          MITRE ATT&CK Matrix

                          Replay Monitor

                          Loading Replay Monitor...

                          Downloads