Overview

overview

10

Static

static

VirusShare...93.exe

windows7_x64

10

VirusShare...93.exe

windows10_x64

10

VirusShare...93.exe

windows10-2004_x64

10

VirusShare...93.exe

windows11_x64

VirusShare...93.exe

macos_amd64

1

VirusShare...93.exe

linux_armhf

VirusShare...93.exe

linux_mips

VirusShare...93.exe

linux_mipsel

VirusShare...93.exe

linux_amd64

Analysis

  • max time kernel
    360s
  • max time network
    1802s
  • platform
    macos_amd64
  • resource
    macos
  • submitted
    07-04-2022 19:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    VirusShare_6653ef20d2a3a6ef656d9c886ebabd93.exe

  • Size

    392KB

  • MD5

    6653ef20d2a3a6ef656d9c886ebabd93

  • SHA1

    bb0cc0b05bb70a3d347faa94fb36a35c771b0692

  • SHA256

    48ff838a7fe98ec2c5bb59a8a76100047abcfa6db824f4982b8e7fdf2110f05d

  • SHA512

    b68b37147ce0d1389d62f5f72ebb616edc7d2ed2aaa484e85f6dc4b6070c9ce973a523e11e311686dc0efb0757fe52dcfa430afb1f48f98ecfdc257c6f3cc360

Score
1/10

Malware Config

Signatures

Processes

  • /usr/sbin/spctl
    /usr/sbin/spctl --test-devid-status
    1⤵
      PID:602
    • /usr/bin/syslog
      /usr/bin/syslog -s -k com.apple.message.domain com.apple.security.assessment.current_state com.apple.message.signature "assessments enabled" com.apple.message.signature2 "devid enabled" Message "Gatekeeper state assessments enabled/devid enabled"
      1⤵
        PID:603
      • /bin/sh
        sh -c "sudo /bin/zsh -c \"/Users/run/VirusShare_6653ef20d2a3a6ef656d9c886ebabd93.exe\""
        1⤵
          PID:604
        • /bin/bash
          sh -c "sudo /bin/zsh -c \"/Users/run/VirusShare_6653ef20d2a3a6ef656d9c886ebabd93.exe\""
          1⤵
            PID:604
          • /bin/bash
            sh -c "sudo /bin/zsh -c \"/Users/run/VirusShare_6653ef20d2a3a6ef656d9c886ebabd93.exe\""
            1⤵
              PID:604
            • /usr/bin/sudo
              sudo /bin/zsh -c /Users/run/VirusShare_6653ef20d2a3a6ef656d9c886ebabd93.exe
              1⤵
                PID:604
              • /usr/bin/sudo
                sudo /bin/zsh -c /Users/run/VirusShare_6653ef20d2a3a6ef656d9c886ebabd93.exe
                1⤵
                  PID:604
                  • /bin/zsh
                    /bin/zsh -c /Users/run/VirusShare_6653ef20d2a3a6ef656d9c886ebabd93.exe
                    2⤵
                      PID:605
                    • /bin/zsh
                      /bin/zsh -c /Users/run/VirusShare_6653ef20d2a3a6ef656d9c886ebabd93.exe
                      2⤵
                        PID:605
                      • /Users/run/VirusShare_6653ef20d2a3a6ef656d9c886ebabd93.exe
                        /Users/run/VirusShare_6653ef20d2a3a6ef656d9c886ebabd93.exe
                        2⤵
                          PID:605
                        • /Users/run/VirusShare_6653ef20d2a3a6ef656d9c886ebabd93.exe
                          /Users/run/VirusShare_6653ef20d2a3a6ef656d9c886ebabd93.exe
                          2⤵
                            PID:605
                        • /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/bin/java
                          "/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/bin/java" "-Djdk.disableLastUsageTracking=true" "-Djava.awt.headless=true " -cp "/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/deploy.jar" com.sun.deploy.panel.ControlPanel -getSecurityLevel
                          1⤵
                            PID:627
                          • /usr/libexec/xpcproxy
                            xpcproxy com.apple.newsyslog
                            1⤵
                              PID:643
                            • /usr/sbin/newsyslog
                              /usr/sbin/newsyslog
                              1⤵
                                PID:643
                              • /usr/libexec/xpcproxy
                                xpcproxy com.apple.diagnosticd
                                1⤵
                                  PID:655
                                • /usr/libexec/diagnosticd
                                  /usr/libexec/diagnosticd
                                  1⤵
                                    PID:655

                                  Network

                                  MITRE ATT&CK Matrix

                                  Replay Monitor

                                  Loading Replay Monitor...

                                  Downloads

                                  • /Users/run/Library/Application Support/Oracle/Java/Deployment/deployment.properties
                                    Filesize

                                    613B

                                    MD5

                                    9e236e34fb33ec3f4d570306a44c0f6c

                                    SHA1

                                    3bdfe484376b2eaad64a98ec16203061e06c4d78

                                    SHA256

                                    f85252767a2ab5856cac63cb3118bc1f9c990703b3823c263ee02afb0477a456

                                    SHA512

                                    c2ab2ee700785339ed5d348e019dd0126e4a5981064edfcf582c85b79b0b14a921532cc58ec12c2b6e44b6b1cbdf134e8b52cfe2a4db2cc5aed844dc99d1d707

                                    Download Submit

                                  • /private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/hsperfdata_run/627
                                    Filesize

                                    32KB

                                    MD5

                                    bb7df04e1b0a2570657527a7e108ae23

                                    SHA1

                                    5188431849b4613152fd7bdba6a3ff0a4fd6424b

                                    SHA256

                                    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

                                    SHA512

                                    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

                                    Download Submit