2546dcffc5ad854d4ddc64fbf056871cd5a00f2471cb7a5bfd4ac23b6e9eedad

Analysis

max time kernel
99s
max time network
115s
platform
macos_amd64
resource
macos-20220504-en
resource tags

arch:amd64arch:i386image:macos-20220504-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
submitted
19-01-2023 15:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

eicar_com.zip
Size

184B
MD5

6ce6f415d8475545be5ba114f208b0ff
SHA1

d27265074c9eac2e2122ed69294dbc4d7cce9141
SHA256

2546dcffc5ad854d4ddc64fbf056871cd5a00f2471cb7a5bfd4ac23b6e9eedad
SHA512

d9305862fe0bf552718d19db43075d88cffd768974627db60fa1a90a8d45563e035a6449663b8f66aac53791d77f37dbb5035159aa08e69fc473972022f80010

Score

1^/10

Malware Config

Signatures

/usr/sbin/spctl
/usr/sbin/spctl --status
1⤵
PID:488

/usr/sbin/spctl
/usr/sbin/spctl --test-devid-status
1⤵
PID:491

/bin/sh
sh -c "sudo /bin/zsh -c \"/Users/run/eicar_com.zip\""
1⤵
PID:490

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/eicar_com.zip\""
1⤵
PID:490

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/eicar_com.zip\""
1⤵
PID:490

/usr/bin/sudo
sudo /bin/zsh -c /Users/run/eicar_com.zip
1⤵
PID:490

/usr/bin/sudo
sudo /bin/zsh -c /Users/run/eicar_com.zip
1⤵
PID:490
- /bin/zsh
  /bin/zsh -c /Users/run/eicar_com.zip
  2⤵
  PID:494
- /bin/zsh
  /bin/zsh -c /Users/run/eicar_com.zip
  2⤵
  PID:494
- /Users/run/eicar_com.zip
  /Users/run/eicar_com.zip
  2⤵
  PID:494
- /Users/run/eicar_com.zip
  /Users/run/eicar_com.zip
  2⤵
  PID:494

/usr/bin/syslog
/usr/bin/syslog -s -k com.apple.message.domain com.apple.security.assessment.current_state com.apple.message.signature "assessments enabled" com.apple.message.signature2 "devid enabled" Message "Gatekeeper state assessments enabled/devid enabled"
1⤵
PID:492

/usr/libexec/xpcproxy
xpcproxy com.apple.tailspind
1⤵
PID:519

/usr/libexec/tailspind
/usr/libexec/tailspind
1⤵
PID:519

/usr/libexec/xpcproxy
xpcproxy com.apple.quicklook.ui.helper
1⤵
PID:523

/System/Library/Frameworks/Quartz.framework/Frameworks/QuickLookUI.framework/Resources/QuickLookUIHelper.app/Contents/MacOS/QuickLookUIHelper
/System/Library/Frameworks/Quartz.framework/Frameworks/QuickLookUI.framework/Resources/QuickLookUIHelper.app/Contents/MacOS/QuickLookUIHelper
1⤵
PID:523

/usr/libexec/xpcproxy
xpcproxy com.apple.JarLauncher.2128
1⤵
PID:524

/System/Library/CoreServices/Jar Launcher.app/Contents/MacOS/Jar Launcher
"/System/Library/CoreServices/Jar Launcher.app/Contents/MacOS/Jar Launcher"
1⤵
PID:524
- /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/bin/java
  "/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/bin/java" -jar /Users/run/tmp/hello.jar
  2⤵
  PID:526
- /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/bin/java
  "/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/bin/java" -jar /Users/run/tmp/hello.jar
  2⤵
  PID:526

/usr/libexec/xpcproxy
xpcproxy com.apple.metadata.mdwrite
1⤵
PID:525

/usr/libexec/xpcproxy
xpcproxy com.apple.PackageKit.InstallStatus
1⤵
PID:542

/usr/libexec/xpcproxy
xpcproxy com.apple.warmd_agent
1⤵
PID:543

/System/Library/CoreServices/Install in Progress.app/Contents/MacOS/Install in Progress
"/System/Library/CoreServices/Install in Progress.app/Contents/MacOS/Install in Progress"
1⤵
PID:542

/usr/libexec/warmd_agent
/usr/libexec/warmd_agent
1⤵
PID:543

/usr/libexec/xpcproxy
xpcproxy com.apple.coremedia.videodecoder 124
1⤵
PID:545

/System/Library/Frameworks/VideoToolbox.framework/Versions/A/XPCServices/VTDecoderXPCService.xpc/Contents/MacOS/VTDecoderXPCService
/System/Library/Frameworks/VideoToolbox.framework/Versions/A/XPCServices/VTDecoderXPCService.xpc/Contents/MacOS/VTDecoderXPCService
1⤵
PID:545

/usr/libexec/xpcproxy
xpcproxy com.apple.sessionlogoutd
1⤵
PID:546

/System/Library/CoreServices/sessionlogoutd
/System/Library/CoreServices/sessionlogoutd
1⤵
PID:546

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/Users/run/.oracle_jre_usage/613bcfb3a06ef613.timestamp

Filesize
79B

MD5
268b70e2f9a0aaf4b68cc98ff0cd1766

SHA1
2edf87a1cacf93c82b68985368ccf73cdc143ae9

SHA256
da5c4192c4da372aa7872023663c566269c25dccee4cbb6fb74c447bf49b583d

SHA512
033662a68c259844e03877da81fc2d14f2a83e5bcadff34660018cc478bf2f34edc1302f527ec5792840140b99f7c7e94ef842a8e53fe3c8b32bb63bcbde1bb9

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/hsperfdata_run/526

Filesize
32KB

MD5
f979b6f2df168860ccaa714567983583

SHA1
238605444cee1f8aa6b5045f8b813dfc4d07c99c

SHA256
dade033834c474f5d67e947d5e4d647cc6a4c0580b78e516581ae1aaeb5f3d1b

SHA512
48ff7de553d40642c81a50de3d215f597c0c248165cc4dd5889d65cd1f5c727bd10f23215e4800a516bc36371750d55a27a197df565ffc857e0cd26f264431f3

Download Submit
/private/var/run/utmpx

Filesize
3KB

MD5
71ae8ad6e428bae62ab7bbafab805736

SHA1
99ddde0bf6cd24bac01d601e2b08420d0ca48d9b

SHA256
eab4ca9bc4089b7fcbb02095432dce9d4027e6005b957bdfa191ef5d672570f3

SHA512
747d6b4e58f7721c108b3721c5536dea465b4af0ab1c2cfeee818778174c5dc79ec4a0269dda595ecfe78efa69b385094a586ab3b17b5e79984bb08fd0ccfd5b

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads