Overview

overview

1

Static

static

Data/53220...30.jpg

macos-10.15-amd64

1

Data/53220...34.jpg

macos-10.15-amd64

1

Data/53224...23.jpg

macos-10.15-amd64

1

Data/IMG_0556-353.jpg

macos-10.15-amd64

1

Data/IMG_0...54.jpg

macos-10.15-amd64

1

Metadata/B...ry.xml

macos-10.15-amd64

1

Analysis

  • max time kernel
    146s
  • max time network
    126s
  • platform
    macos_amd64
  • resource
    macos-20220504-en
  • resource tags

    arch:amd64arch:i386image:macos-20220504-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    11-01-2023 21:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Data/532241774_2880x1920-small-223.jpg

  • Size

    9KB

  • MD5

    ac28f7b1ac9dc84b1e26117a580ae587

  • SHA1

    2172b0bffe24a7e8299f7ba015732ee813775876

  • SHA256

    e274d566087c932ed1bfcc601a2d37ec16a08f7f43182548d563df2ff022ef35

  • SHA512

    88f8990874ed7b098ba85ba3e4426be2e5e58cffc3617cdc8b144e25dea8a4c060e0d1bfbfde2626250cfe2ca08b164610605ac419a81ff7073440492bb88b2f

  • SSDEEP

    192:8c36NPxsC6spHzFoywlxV1dl+jQBNXmgfoN1ohlSJHRNQH/tBwDI:8cK1xpDVzFYlpX+jUXmeoN1KqHTquI

Score
1/10

Malware Config

Signatures

Processes

  • /usr/bin/syslog
    /usr/bin/syslog -s -k com.apple.message.domain com.apple.security.assessment.current_state com.apple.message.signature "assessments enabled" com.apple.message.signature2 "devid enabled" Message "Gatekeeper state assessments enabled/devid enabled"
    1⤵
      PID:511
    • /bin/sh
      sh -c "sudo /bin/zsh -c \"/Users/run/Data/532241774_2880x1920-small-223.jpg\""
      1⤵
        PID:512
      • /bin/bash
        sh -c "sudo /bin/zsh -c \"/Users/run/Data/532241774_2880x1920-small-223.jpg\""
        1⤵
          PID:512
        • /bin/bash
          sh -c "sudo /bin/zsh -c \"/Users/run/Data/532241774_2880x1920-small-223.jpg\""
          1⤵
            PID:512
          • /usr/bin/sudo
            sudo /bin/zsh -c /Users/run/Data/532241774_2880x1920-small-223.jpg
            1⤵
              PID:512
            • /usr/bin/sudo
              sudo /bin/zsh -c /Users/run/Data/532241774_2880x1920-small-223.jpg
              1⤵
                PID:512
                • /bin/zsh
                  /bin/zsh -c /Users/run/Data/532241774_2880x1920-small-223.jpg
                  2⤵
                    PID:513
                  • /bin/zsh
                    /bin/zsh -c /Users/run/Data/532241774_2880x1920-small-223.jpg
                    2⤵
                      PID:513
                    • /Users/run/Data/532241774_2880x1920-small-223.jpg
                      /Users/run/Data/532241774_2880x1920-small-223.jpg
                      2⤵
                        PID:513
                      • /Users/run/Data/532241774_2880x1920-small-223.jpg
                        /Users/run/Data/532241774_2880x1920-small-223.jpg
                        2⤵
                          PID:513
                      • /usr/libexec/xpcproxy
                        xpcproxy com.apple.tailspind
                        1⤵
                          PID:524
                        • /usr/libexec/tailspind
                          /usr/libexec/tailspind
                          1⤵
                            PID:524

                          Network

                          MITRE ATT&CK Matrix

                          Replay Monitor

                          Loading Replay Monitor...

                          Downloads