Overview

overview

10

Static

static

URLScan

urlscan

10

https://api.viglink....

windows7-x64

1

https://api.viglink....

android-9-x86

1

https://api.viglink....

android-10-x64

1

https://api.viglink....

android-11-x64

7

https://api.viglink....

macos-10.15-amd64

1

https://api.viglink....

ubuntu-18.04-amd64

https://api.viglink....

debian-9-armhf

https://api.viglink....

debian-9-mips

https://api.viglink....

debian-9-mipsel

Analysis

  • max time kernel
    145s
  • max time network
    125s
  • platform
    macos_amd64
  • resource
    macos-20220504-en
  • resource tags

    arch:amd64arch:i386image:macos-20220504-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    04-10-2022 22:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://api.viglink.com/api/click?jsefdetfjyabksfjftji&out=%68%74%74%70%3Amomyhipfyx%2E%69%6C%69%31%2E%63%79%6F%75%2Fkbvet/eu/Y21WaFkyTnBiMjVoWkhabGNuTmhRR2R5ZFhCdlltbHZiV1Z3TG1OdmJTNXRlQT09OmF6YXp0cHF2ZWo=&key=fd5de1d096b38be9fffd6ddc1948df4f

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Applications/Google\\ Chrome.app/Contents/MacOS/Google\\ Chrome --new-window https://api.viglink.com/api/click?jsefdetfjyabksfjftji&out=%68%74%74%70%3Amomyhipfyx%2E%69%6C%69%31%2E%63%79%6F%75%2Fkbvet/eu/Y21WaFkyTnBiMjVoWkhabGNuTmhRR2R5ZFhCdlltbHZiV1Z3TG1OdmJTNXRlQT09OmF6YXp0cHF2ZWo=&key=fd5de1d096b38be9fffd6ddc1948df4f\""
    1⤵
      PID:493
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Applications/Google\\ Chrome.app/Contents/MacOS/Google\\ Chrome --new-window https://api.viglink.com/api/click?jsefdetfjyabksfjftji&out=%68%74%74%70%3Amomyhipfyx%2E%69%6C%69%31%2E%63%79%6F%75%2Fkbvet/eu/Y21WaFkyTnBiMjVoWkhabGNuTmhRR2R5ZFhCdlltbHZiV1Z3TG1OdmJTNXRlQT09OmF6YXp0cHF2ZWo=&key=fd5de1d096b38be9fffd6ddc1948df4f\""
      1⤵
        PID:493
      • /bin/bash
        sh -c "sudo /bin/zsh -c \"/Applications/Google\\ Chrome.app/Contents/MacOS/Google\\ Chrome --new-window https://api.viglink.com/api/click?jsefdetfjyabksfjftji&out=%68%74%74%70%3Amomyhipfyx%2E%69%6C%69%31%2E%63%79%6F%75%2Fkbvet/eu/Y21WaFkyTnBiMjVoWkhabGNuTmhRR2R5ZFhCdlltbHZiV1Z3TG1OdmJTNXRlQT09OmF6YXp0cHF2ZWo=&key=fd5de1d096b38be9fffd6ddc1948df4f\""
        1⤵
          PID:493
        • /usr/bin/sudo
          sudo /bin/zsh -c "/Applications/Google\\ Chrome.app/Contents/MacOS/Google\\ Chrome --new-window https://api.viglink.com/api/click?jsefdetfjyabksfjftji&out=%68%74%74%70%3Amomyhipfyx%2E%69%6C%69%31%2E%63%79%6F%75%2Fkbvet/eu/Y21WaFkyTnBiMjVoWkhabGNuTmhRR2R5ZFhCdlltbHZiV1Z3TG1OdmJTNXRlQT09OmF6YXp0cHF2ZWo=&key=fd5de1d096b38be9fffd6ddc1948df4f"
          1⤵
            PID:493
          • /usr/bin/sudo
            sudo /bin/zsh -c "/Applications/Google\\ Chrome.app/Contents/MacOS/Google\\ Chrome --new-window https://api.viglink.com/api/click?jsefdetfjyabksfjftji&out=%68%74%74%70%3Amomyhipfyx%2E%69%6C%69%31%2E%63%79%6F%75%2Fkbvet/eu/Y21WaFkyTnBiMjVoWkhabGNuTmhRR2R5ZFhCdlltbHZiV1Z3TG1OdmJTNXRlQT09OmF6YXp0cHF2ZWo=&key=fd5de1d096b38be9fffd6ddc1948df4f"
            1⤵
              PID:493
              • /bin/zsh
                /bin/zsh -c "/Applications/Google\\ Chrome.app/Contents/MacOS/Google\\ Chrome --new-window https://api.viglink.com/api/click?jsefdetfjyabksfjftji&out=%68%74%74%70%3Amomyhipfyx%2E%69%6C%69%31%2E%63%79%6F%75%2Fkbvet/eu/Y21WaFkyTnBiMjVoWkhabGNuTmhRR2R5ZFhCdlltbHZiV1Z3TG1OdmJTNXRlQT09OmF6YXp0cHF2ZWo=&key=fd5de1d096b38be9fffd6ddc1948df4f"
                2⤵
                  PID:494
                • /bin/zsh
                  /bin/zsh -c "/Applications/Google\\ Chrome.app/Contents/MacOS/Google\\ Chrome --new-window https://api.viglink.com/api/click?jsefdetfjyabksfjftji&out=%68%74%74%70%3Amomyhipfyx%2E%69%6C%69%31%2E%63%79%6F%75%2Fkbvet/eu/Y21WaFkyTnBiMjVoWkhabGNuTmhRR2R5ZFhCdlltbHZiV1Z3TG1OdmJTNXRlQT09OmF6YXp0cHF2ZWo=&key=fd5de1d096b38be9fffd6ddc1948df4f"
                  2⤵
                    PID:494
                • /usr/sbin/spctl
                  /usr/sbin/spctl --test-devid-status
                  1⤵
                    PID:495
                  • /usr/bin/syslog
                    /usr/bin/syslog -s -k com.apple.message.domain com.apple.security.assessment.current_state com.apple.message.signature "assessments enabled" com.apple.message.signature2 "devid enabled" Message "Gatekeeper state assessments enabled/devid enabled"
                    1⤵
                      PID:497
                    • /usr/bin/bzip2
                      /usr/bin/bzip2 -f /var/log/wifi.log.0
                      1⤵
                        PID:526

                      Network

                      MITRE ATT&CK Matrix

                      Replay Monitor

                      Loading Replay Monitor...

                      Downloads

                      • /private/var/log/wifi.log.0.bz2
                        Filesize

                        638B

                        MD5

                        2078e18788911bff841705adc5036680

                        SHA1

                        c095b020b4846799d4dc58b4f19a6b3eb1fa3db6

                        SHA256

                        c2c6e80aea0fde22438b11b349b99279bb039b767686ea94329aa7746c49c62f

                        SHA512

                        5d4a27cd66ac5e66d96e2bc17f3432ec08179bcaf92c8d0706e316fac11f0bac6d011329bd4e524b8a2423eb09650d98e3d6517da2a31b9cb99bb83b1925ac42

                        Download Submit
                      • /private/var/log/wifi.log.0.bz2
                        Filesize

                        638B

                        MD5

                        2078e18788911bff841705adc5036680

                        SHA1

                        c095b020b4846799d4dc58b4f19a6b3eb1fa3db6

                        SHA256

                        c2c6e80aea0fde22438b11b349b99279bb039b767686ea94329aa7746c49c62f

                        SHA512

                        5d4a27cd66ac5e66d96e2bc17f3432ec08179bcaf92c8d0706e316fac11f0bac6d011329bd4e524b8a2423eb09650d98e3d6517da2a31b9cb99bb83b1925ac42

                        Download Submit