Overview

overview

10

Static

static

ed01ebfbc9...aa.exe

windows7_x64

10

ed01ebfbc9...aa.exe

windows10_x64

10

ed01ebfbc9...aa.exe

macos_amd64

1

ed01ebfbc9...aa.exe

linux_amd64

Analysis

  • max time kernel
    80s
  • max time network
    117s
  • platform
    macos_amd64
  • resource
    macos
  • submitted
    02-05-2022 15:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa.exe

  • Size

    3.4MB

  • MD5

    84c82835a5d21bbcf75a61706d8ab549

  • SHA1

    5ff465afaabcbf0150d1a3ab2c2e74f3a4426467

  • SHA256

    ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa

  • SHA512

    90723a50c20ba3643d625595fd6be8dcf88d70ff7f4b4719a88f055d5b3149a4231018ea30d375171507a147e59f73478c0c27948590794554d031e7d54b7244

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa.exe\""
    1⤵
      PID:603
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa.exe\""
      1⤵
        PID:603
      • /bin/bash
        sh -c "sudo /bin/zsh -c \"/Users/run/ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa.exe\""
        1⤵
          PID:603
        • /usr/bin/sudo
          sudo /bin/zsh -c /Users/run/ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa.exe
          1⤵
            PID:603
          • /usr/bin/sudo
            sudo /bin/zsh -c /Users/run/ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa.exe
            1⤵
              PID:603
              • /bin/zsh
                /bin/zsh -c /Users/run/ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa.exe
                2⤵
                  PID:605
                • /bin/zsh
                  /bin/zsh -c /Users/run/ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa.exe
                  2⤵
                    PID:605
                  • /Users/run/ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa.exe
                    /Users/run/ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa.exe
                    2⤵
                      PID:605
                    • /Users/run/ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa.exe
                      /Users/run/ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa.exe
                      2⤵
                        PID:605
                    • /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/bin/java
                      "/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/bin/java" "-Djdk.disableLastUsageTracking=true" "-Djava.awt.headless=true " -cp "/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/deploy.jar" com.sun.deploy.panel.ControlPanel -getSecurityLevel
                      1⤵
                        PID:617
                      • /usr/libexec/xpcproxy
                        xpcproxy com.apple.PerformanceAnalysis.animationperfd
                        1⤵
                          PID:638
                        • /System/Library/PrivateFrameworks/PerformanceAnalysis.framework/Versions/A/XPCServices/com.apple.PerformanceAnalysis.animationperfd.xpc/Contents/MacOS/com.apple.PerformanceAnalysis.animationperfd
                          /System/Library/PrivateFrameworks/PerformanceAnalysis.framework/Versions/A/XPCServices/com.apple.PerformanceAnalysis.animationperfd.xpc/Contents/MacOS/com.apple.PerformanceAnalysis.animationperfd
                          1⤵
                            PID:638

                          Network

                          MITRE ATT&CK Matrix

                          Replay Monitor

                          Loading Replay Monitor...

                          Downloads

                          • /Users/run/Library/Application Support/Oracle/Java/Deployment/deployment.properties
                            Filesize

                            613B

                            MD5

                            9d8472854a575406b1bff133ebc9ebff

                            SHA1

                            a28b5ef1568d00474511cc6cfdb45eb8e97d48c0

                            SHA256

                            0c9fa488993e796b04b6b75f4b4e31808cbef62c865d042e34aea26e1817fc78

                            SHA512

                            f58a2fc4737e0970e7464304f99f35eb08f83e259baf15c6c24efe33b3a7205dfa25586a08de997bc53c1a226e9ee9ba2d135806a36ef2fd3a987c1becd14d1c

                            Download Submit

                          • /private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/hsperfdata_run/617
                            Filesize

                            32KB

                            MD5

                            9397a86595c6a2995a32ca814e6ea9cb

                            SHA1

                            476dbf8792150e815ba026b661459e0439b2ab7c

                            SHA256

                            0adaf07cecf3c83b41fe45759cf92e1b9aa28bf03fa82351eb2ad8ef5d5a3c9d

                            SHA512

                            f042a3fb6453dcb1fcbb23173e47325a3a5762838596074f252fa3b0e2378be24a0407ac8c1db9fdd5cfcb175e91a6de6154ec98cbfea7debd679f49bfa6d8c6

                            Download Submit