Overview

overview

10

Static

static

VirusShare...ac.exe

windows7_x64

10

VirusShare...ac.exe

windows10_x64

10

VirusShare...ac.exe

windows10-2004_x64

10

VirusShare...ac.exe

windows11_x64

VirusShare...ac.exe

macos_amd64

1

VirusShare...ac.exe

linux_armhf

VirusShare...ac.exe

linux_mips

VirusShare...ac.exe

linux_mipsel

VirusShare...ac.exe

linux_amd64

Analysis

  • max time kernel
    783s
  • max time network
    1802s
  • platform
    macos_amd64
  • resource
    macos
  • submitted
    07-04-2022 19:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    VirusShare_270b70bad151a515136f553e5bc880ac.exe

  • Size

    344KB

  • MD5

    270b70bad151a515136f553e5bc880ac

  • SHA1

    77b7def336c7647c6faadaf7136d70ff1e9ba7fc

  • SHA256

    db2f389b5566822f8cecb27b989920f16137e82b54b446868d01f73af23f5bfa

  • SHA512

    c198f9498d634ec4d05cf29a1bb6ade8c59a2904510464e3b292b11bcf5382d7fe603e46b6a72b14f3f996811f68101e46c467914b21ea6eccaf423df2d1a43f

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/VirusShare_270b70bad151a515136f553e5bc880ac.exe\""
    1⤵
      PID:619
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/VirusShare_270b70bad151a515136f553e5bc880ac.exe\""
      1⤵
        PID:619
      • /bin/bash
        sh -c "sudo /bin/zsh -c \"/Users/run/VirusShare_270b70bad151a515136f553e5bc880ac.exe\""
        1⤵
          PID:619
        • /usr/bin/sudo
          sudo /bin/zsh -c /Users/run/VirusShare_270b70bad151a515136f553e5bc880ac.exe
          1⤵
            PID:619
          • /usr/bin/sudo
            sudo /bin/zsh -c /Users/run/VirusShare_270b70bad151a515136f553e5bc880ac.exe
            1⤵
              PID:619
              • /bin/zsh
                /bin/zsh -c /Users/run/VirusShare_270b70bad151a515136f553e5bc880ac.exe
                2⤵
                  PID:622
                • /bin/zsh
                  /bin/zsh -c /Users/run/VirusShare_270b70bad151a515136f553e5bc880ac.exe
                  2⤵
                    PID:622
                  • /Users/run/VirusShare_270b70bad151a515136f553e5bc880ac.exe
                    /Users/run/VirusShare_270b70bad151a515136f553e5bc880ac.exe
                    2⤵
                      PID:622
                    • /Users/run/VirusShare_270b70bad151a515136f553e5bc880ac.exe
                      /Users/run/VirusShare_270b70bad151a515136f553e5bc880ac.exe
                      2⤵
                        PID:622
                    • /usr/sbin/spctl
                      /usr/sbin/spctl --test-devid-status
                      1⤵
                        PID:621
                      • /usr/bin/syslog
                        /usr/bin/syslog -s -k com.apple.message.domain com.apple.security.assessment.current_state com.apple.message.signature "assessments enabled" com.apple.message.signature2 "devid enabled" Message "Gatekeeper state assessments enabled/devid enabled"
                        1⤵
                          PID:623
                        • /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/bin/java
                          "/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/bin/java" "-Djdk.disableLastUsageTracking=true" "-Djava.awt.headless=true " -cp "/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/deploy.jar" com.sun.deploy.panel.ControlPanel -getSecurityLevel
                          1⤵
                            PID:624
                          • /usr/libexec/xpcproxy
                            xpcproxy com.apple.newsyslog
                            1⤵
                              PID:645
                            • /usr/sbin/newsyslog
                              /usr/sbin/newsyslog
                              1⤵
                                PID:645

                              Network

                              MITRE ATT&CK Matrix

                              Replay Monitor

                              Loading Replay Monitor...

                              Downloads

                              • /Users/run/Library/Application Support/Oracle/Java/Deployment/deployment.properties
                                Filesize

                                613B

                                MD5

                                5f7d68ca4bda02753017f7f5979eaa2e

                                SHA1

                                3c3799733dbe8fc16300284cfbc17cde36ef4746

                                SHA256

                                787ed56c5b42211693673095630d1aac5d8f00e230bc6fa3bdcbcce9ef6d7579

                                SHA512

                                3d31b9c8c6f60cec65777f9fa087e6c6790a1b18d5ff927bae158fb5aeca5b923354c466a1acf3a5aa93b5aa4d9beb24540ab9aba592ed819a2bb6d7335bd82b

                                Download Submit

                              • /private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/hsperfdata_run/624
                                Filesize

                                32KB

                                MD5

                                bb7df04e1b0a2570657527a7e108ae23

                                SHA1

                                5188431849b4613152fd7bdba6a3ff0a4fd6424b

                                SHA256

                                c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

                                SHA512

                                768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

                                Download Submit