Overview

overview

10

Static

static

VirusShare...fd.exe

windows7_x64

10

VirusShare...fd.exe

windows10_x64

10

VirusShare...fd.exe

windows10-2004_x64

10

VirusShare...fd.exe

windows11_x64

VirusShare...fd.exe

macos_amd64

1

VirusShare...fd.exe

linux_armhf

VirusShare...fd.exe

linux_mips

VirusShare...fd.exe

linux_mipsel

Analysis

  • max time kernel
    1790s
  • max time network
    1798s
  • platform
    macos_amd64
  • resource
    macos
  • submitted
    07-04-2022 19:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    VirusShare_8ec363843a850f67ebad036bb4d18efd.exe

  • Size

    186KB

  • MD5

    8ec363843a850f67ebad036bb4d18efd

  • SHA1

    ac856eb04ca1665b10bed5a1757f193ff56aca02

  • SHA256

    27233293b7a11e9ab8c1bca56a7e415914e1269febb514563e522afd04bc39f8

  • SHA512

    800f15fb824a28860719b2ff329dd9bcd94cf9db26c9617656665564b39d8c116552296656f5c109a697b6afc5658f0ba4688e4803358504000f6150047d6684

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/VirusShare_8ec363843a850f67ebad036bb4d18efd.exe\""
    1⤵
      PID:595
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/VirusShare_8ec363843a850f67ebad036bb4d18efd.exe\""
      1⤵
        PID:595
      • /bin/bash
        sh -c "sudo /bin/zsh -c \"/Users/run/VirusShare_8ec363843a850f67ebad036bb4d18efd.exe\""
        1⤵
          PID:595
        • /usr/bin/sudo
          sudo /bin/zsh -c /Users/run/VirusShare_8ec363843a850f67ebad036bb4d18efd.exe
          1⤵
            PID:595
          • /usr/bin/sudo
            sudo /bin/zsh -c /Users/run/VirusShare_8ec363843a850f67ebad036bb4d18efd.exe
            1⤵
              PID:595
              • /bin/zsh
                /bin/zsh -c /Users/run/VirusShare_8ec363843a850f67ebad036bb4d18efd.exe
                2⤵
                  PID:598
                • /bin/zsh
                  /bin/zsh -c /Users/run/VirusShare_8ec363843a850f67ebad036bb4d18efd.exe
                  2⤵
                    PID:598
                  • /Users/run/VirusShare_8ec363843a850f67ebad036bb4d18efd.exe
                    /Users/run/VirusShare_8ec363843a850f67ebad036bb4d18efd.exe
                    2⤵
                      PID:598
                    • /Users/run/VirusShare_8ec363843a850f67ebad036bb4d18efd.exe
                      /Users/run/VirusShare_8ec363843a850f67ebad036bb4d18efd.exe
                      2⤵
                        PID:598
                    • /usr/bin/syslog
                      /usr/bin/syslog -s -k com.apple.message.domain com.apple.security.assessment.current_state com.apple.message.signature "assessments enabled" com.apple.message.signature2 "devid enabled" Message "Gatekeeper state assessments enabled/devid enabled"
                      1⤵
                        PID:596
                      • /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/bin/java
                        "/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/bin/java" "-Djdk.disableLastUsageTracking=true" "-Djava.awt.headless=true " -cp "/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/deploy.jar" com.sun.deploy.panel.ControlPanel -getSecurityLevel
                        1⤵
                          PID:601
                        • /usr/libexec/xpcproxy
                          xpcproxy com.apple.sysmond
                          1⤵
                            PID:621
                          • /usr/libexec/sysmond
                            /usr/libexec/sysmond
                            1⤵
                              PID:621
                            • /usr/libexec/xpcproxy
                              xpcproxy com.apple.spindump
                              1⤵
                                PID:641
                              • /usr/sbin/spindump
                                /usr/sbin/spindump
                                1⤵
                                  PID:641
                                • /usr/libexec/xpcproxy
                                  xpcproxy com.apple.diagnosticd
                                  1⤵
                                    PID:642
                                  • /usr/libexec/diagnosticd
                                    /usr/libexec/diagnosticd
                                    1⤵
                                      PID:642

                                    Network

                                    MITRE ATT&CK Matrix

                                    Replay Monitor

                                    Loading Replay Monitor...

                                    Downloads

                                    • /Users/run/Library/Application Support/Oracle/Java/Deployment/deployment.properties
                                      Filesize

                                      613B

                                      MD5

                                      7cac6c392782944d03ecc73a7b0eb49a

                                      SHA1

                                      bb17d812256ecf1d78ebadfe72b0abd4b1483487

                                      SHA256

                                      52654518c5f117c285aabe976d189bb7e485ae0fa01aec020aa41d6bf97c8551

                                      SHA512

                                      5328755f3045753ab3c6c4a7233a8baad7e89611fb9e79b041e5c88b84bf54252cfa8a5143e27a3b0a0480c7a4f0a3520da86c11f293737a16c0ce5e9196b967

                                      Download Submit

                                    • /private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/hsperfdata_run/601
                                      Filesize

                                      32KB

                                      MD5

                                      9ae1e5dd008defebba457000619b9c45

                                      SHA1

                                      52c843029cff99711b49d5eb6ffa503b8a4e55b7

                                      SHA256

                                      47f6251a7487c0fc73190ae25ba6448edeb774a0401e7904fad91a8a2bab7ee8

                                      SHA512

                                      e5afcbcc3722fa51c46795bfdbca2574410850b2caddd778ac3dfc2d6c9aca4987f1163e23513f5eb1b624c2f5a250bd937eef3cf7f6b0fc5fb201b753e596a3

                                      Download Submit