3ed1b0ae617870f3820807c5a498b1bd0df848b25cc9d89fda7950cbca210a91 | Triage

Submit
Reports

Overview

overview

1

Static

static

is32bit.exe

windows10-1703-x64

1

is32bit.exe

windows7-x64

1

is32bit.exe

windows10-2004-x64

1

is32bit.exe

android-10-x64

is32bit.exe

android-11-x64

is32bit.exe

android-9-x86

is32bit.exe

macos-10.15-amd64

1

is32bit.exe

debian-9-armhf

is32bit.exe

debian-9-mips

is32bit.exe

debian-9-mipsel

is32bit.exe

ubuntu-18.04-amd64

Analysis

max time kernel
352s
max time network
1129s
platform
macos_amd64
resource
macos-20220504-en
resource tags

arch:amd64arch:i386image:macos-20220504-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
submitted
25/12/2022, 03:44

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

is32bit.exe

Resource

win10-20220812-en

windows10-1703-x64

0 signatures

1200 seconds

Behavioral task

behavioral2

Sample

is32bit.exe

Resource

win7-20221111-en

windows7-x64

0 signatures

1200 seconds

Behavioral task

behavioral3

Sample

is32bit.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

1200 seconds

Behavioral task

behavioral4

Sample

is32bit.exe

Resource

android-x64-20220823-en

android-10-x64

0 signatures

1200 seconds

Behavioral task

behavioral5

Sample

is32bit.exe

Resource

android-x64-arm64-20220823-en

android-11-x64

0 signatures

1200 seconds

Behavioral task

behavioral6

Sample

is32bit.exe

Resource

android-x86-arm-20220823-en

android-9-x86

0 signatures

1200 seconds

Behavioral task

behavioral7

Sample

is32bit.exe

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

1200 seconds

Behavioral task

behavioral8

Sample

is32bit.exe

Resource

debian9-armhf-20221111-en

debian-9-armhf

0 signatures

1200 seconds

Behavioral task

behavioral9

Sample

is32bit.exe

Resource

debian9-mipsbe-en-20211208

debian-9-mips

0 signatures

1200 seconds

Behavioral task

behavioral10

Sample

is32bit.exe

Resource

debian9-mipsel-20221111-en

debian-9-mipsel

0 signatures

1200 seconds

Behavioral task

behavioral11

Sample

is32bit.exe

Resource

ubuntu1804-amd64-en-20211208

ubuntu-18.04-amd64

0 signatures

1200 seconds

Report Analysis Logs

General

Target

is32bit.exe
Size

14KB
MD5

0b43689e83aaae848bb8c7de9ddcfbb4
SHA1

dc1af7e611fb53d6b82f919041f7470301160483
SHA256

3ed1b0ae617870f3820807c5a498b1bd0df848b25cc9d89fda7950cbca210a91
SHA512

e906b03602ba82bdb423836734e510512eb83a5f4a4ee90b6e1b9de45c242dd98065ae57c960ca1aae097818dae0a2b587a4e4dfb69a99f1bf95fe1384281080
SSDEEP

192:CrHD4WJ973cJgba5o1xRyBNk2ScNoVWjAFC238ghaV5JeAXwvjylkhfP7rDi:CLh73QvexRKccNGC238xUAXw7ywrDi

Score

1^/10

Malware Config

Signatures

Processes

/usr/sbin/spctl
/usr/sbin/spctl --status
1⤵
PID:488

/usr/sbin/spctl
/usr/sbin/spctl --test-devid-status
1⤵
PID:489

/usr/bin/syslog
/usr/bin/syslog -s -k com.apple.message.domain com.apple.security.assessment.current_state com.apple.message.signature "assessments enabled" com.apple.message.signature2 "devid enabled" Message "Gatekeeper state assessments enabled/devid enabled"
1⤵
PID:491

/bin/sh
sh -c "sudo /bin/zsh -c \"/Users/run/is32bit.exe\""
1⤵
PID:492

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/is32bit.exe\""
1⤵
PID:492

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/is32bit.exe\""
1⤵
PID:492

/usr/bin/sudo
sudo /bin/zsh -c /Users/run/is32bit.exe
1⤵
PID:492

/usr/bin/sudo
sudo /bin/zsh -c /Users/run/is32bit.exe
1⤵
PID:492
- /bin/zsh
  /bin/zsh -c /Users/run/is32bit.exe
  2⤵
  PID:499
- /bin/zsh
  /bin/zsh -c /Users/run/is32bit.exe
  2⤵
  PID:499
- /Users/run/is32bit.exe
  /Users/run/is32bit.exe
  2⤵
  PID:499
- /Users/run/is32bit.exe
  /Users/run/is32bit.exe
  2⤵
  PID:499

/usr/libexec/xpcproxy
xpcproxy com.apple.spindump
1⤵
PID:544

/usr/sbin/spindump
/usr/sbin/spindump
1⤵
PID:544

/usr/libexec/xpcproxy
xpcproxy com.apple.diagnosticd
1⤵
PID:545

/usr/libexec/diagnosticd
/usr/libexec/diagnosticd
1⤵
PID:545

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy