c17be491efdb15b4a7073bc69b41372e07a1e75b4c7fd4d3749d92920171e616

Analysis

max time kernel
156s
max time network
169s
platform
macos_amd64
resource
macos-20220504-en
resource tags

arch:amd64arch:i386image:macos-20220504-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
submitted
31-01-2023 20:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

jre-8u361-macosx-x64.dmg
Size

86.4MB
MD5

3609229d2b27a5259d09870c0e185c93
SHA1

156559c9166f7b8a7938c70e4a8e34edf0143443
SHA256

c17be491efdb15b4a7073bc69b41372e07a1e75b4c7fd4d3749d92920171e616
SHA512

62ed181f5366c96e3e570b8c05b27a15792aebe3fa4b0b62172343f9d889b3647be37d00be9520947aaa4930cefdcac96d6b8adc996b812bced695636ec37ed0
SSDEEP

1572864:9qQcf9Vp6T5HwNUf1cb10L6EFB5lz5DBfGCFaO8vVOwGJ33YCmBUJkZuX6lyCxcH:QdIT5nf1cb89B3NDdZaO8vSJ44kZuXE

Score

1^/10

Malware Config

Signatures

/bin/sh
sh -c "sudo /bin/zsh -c \"open /Volumes/Java\\ 8\\ Update\\ 361/Java\\ 8\\ Update\\ 361.app\""
1⤵
PID:532

/bin/bash
sh -c "sudo /bin/zsh -c \"open /Volumes/Java\\ 8\\ Update\\ 361/Java\\ 8\\ Update\\ 361.app\""
1⤵
PID:532

/bin/bash
sh -c "sudo /bin/zsh -c \"open /Volumes/Java\\ 8\\ Update\\ 361/Java\\ 8\\ Update\\ 361.app\""
1⤵
PID:532

/usr/bin/sudo
sudo /bin/zsh -c "open /Volumes/Java\\ 8\\ Update\\ 361/Java\\ 8\\ Update\\ 361.app"
1⤵
PID:532

/usr/bin/sudo
sudo /bin/zsh -c "open /Volumes/Java\\ 8\\ Update\\ 361/Java\\ 8\\ Update\\ 361.app"
1⤵
PID:532
- /bin/zsh
  /bin/zsh -c "open /Volumes/Java\\ 8\\ Update\\ 361/Java\\ 8\\ Update\\ 361.app"
  2⤵
  PID:533
- /bin/zsh
  /bin/zsh -c "open /Volumes/Java\\ 8\\ Update\\ 361/Java\\ 8\\ Update\\ 361.app"
  2⤵
  PID:533
- /usr/bin/open
  open "/Volumes/Java 8 Update 361/Java 8 Update 361.app"
  2⤵
  PID:533
- /usr/bin/open
  open "/Volumes/Java 8 Update 361/Java 8 Update 361.app"
  2⤵
  PID:533

/usr/libexec/xpcproxy
xpcproxy Oracle.MacJREInstaller.2300
1⤵
PID:536

/Volumes/Java 8 Update 361/Java 8 Update 361.app/Contents/MacOS/MacJREInstaller
"/Volumes/Java 8 Update 361/Java 8 Update 361.app/Contents/MacOS/MacJREInstaller"
1⤵
PID:536

/usr/bin/codesign
/usr/bin/codesign --verify "/Volumes/Java 8 Update 361/Java 8 Update 361.app"
1⤵
PID:538

/usr/libexec/xpcproxy
xpcproxy com.apple.spindump
1⤵
PID:549

/usr/sbin/spindump
/usr/sbin/spindump
1⤵
PID:549

/usr/libexec/xpcproxy
xpcproxy com.apple.spindump_agent
1⤵
PID:550

/usr/libexec/spindump_agent
/usr/libexec/spindump_agent
1⤵
PID:550

/usr/libexec/xpcproxy
xpcproxy com.apple.ReportMemoryException
1⤵
PID:551

/usr/libexec/ReportMemoryException
/usr/libexec/ReportMemoryException
1⤵
PID:551

/bin/sh
sh -c /usr/sbin/kextstat
1⤵
PID:563

/bin/bash
sh -c /usr/sbin/kextstat
1⤵
PID:563

/bin/bash
sh -c /usr/sbin/kextstat
1⤵
PID:563

/usr/sbin/kextstat
/usr/sbin/kextstat
1⤵
PID:563

/usr/sbin/kextstat
/usr/sbin/kextstat
1⤵
PID:563

/usr/libexec/xpcproxy
xpcproxy com.apple.security.agent
1⤵
PID:565

/System/Library/Frameworks/Security.framework/Versions/A/MachServices/SecurityAgent.bundle/Contents/MacOS/SecurityAgent
/System/Library/Frameworks/Security.framework/Versions/A/MachServices/SecurityAgent.bundle/Contents/MacOS/SecurityAgent
1⤵
PID:565

/usr/libexec/xpcproxy
xpcproxy com.apple.security.authhost.00000000-0000-0000-0000-0000000186A6
1⤵
PID:567

/System/Library/Frameworks/Security.framework/Versions/A/MachServices/authorizationhost.bundle/Contents/MacOS/authorizationhost
/System/Library/Frameworks/Security.framework/Versions/A/MachServices/authorizationhost.bundle/Contents/MacOS/authorizationhost
1⤵
PID:567

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/Library/Logs/DiagnosticReports/Finder_2023-01-31-212411_tests-iMac.spin

Filesize
2.3MB

MD5
ab93eb3f048cdd81ba08c71f534248dc

SHA1
274f2a7fce3f3edb6ced55ea34145d4488b0be2c

SHA256
d8c70ece1d45f807f223e4586821bfe4e69379ab1aa4083cbcb4b053bc9260c0

SHA512
56ac1bfec617debb3d3bbb40c0130b10409493f099d30c4ff68053f23119c75b70c7c04f11f8ca39c29f86e701e0ec07a2e02bc20f4abeaf50e7066d4bee53e7

Download Submit
/Users/run/Library/Application Support/JREInstaller/JREInstallLog.txt

Filesize
4KB

MD5
bfc71e899b764d41a2bb418b33c65c83

SHA1
799802fc19e3b93119fdaa226cd55a1f9b8716a7

SHA256
d40e38acc541d942cfacd68b4e8ec78115e2109e1803c7ab61bb18bb31396546

SHA512
0629f696a99750b1bd6a6a221f52be1419d6de2c7a6da9f2e977a4d7fb06b3e851f33f1fd8272eb494254cd77edac30269f70251c5ecab041a1f5eccd5aebda6

Download Submit
/Users/run/Library/Application Support/JREInstaller/JREInstallLog.txt

Filesize
4KB

MD5
a12e6d81f4e7b36f65e641c8c1a7257c

SHA1
297d6d5969d0dfd3bfdd84e9ec20a40596775d9f

SHA256
08bd93ed1d92fe9adcf3dece2283b734e6d817f22098337b95058c814676e454

SHA512
604b108815b96d5e8cfb88881bd732f2912734d7160e3a4105801a5b28d07fda93634cf1564aa850a1e970187584a4240db55a2e71e5e75cb9e69b6b3fd08329

Download Submit
/Users/run/Library/Application Support/JREInstaller/JREInstallLog.txt

Filesize
4KB

MD5
8bf3e79d92ef98a16edad93256ce6189

SHA1
2ac01794ad1056a85bbb024fe242482a6053fd18

SHA256
a4653cf21f0b2bbf0b8b2b8f5ce46990da7fb281403b4ba4ee42709b85d5cf5b

SHA512
0645cc20f31978b8a0e5196c530ff1d5dd456d76a771010384484ad25a0f0f5b3f1e401291d6889f22e004b820fc018bf1e1b64dc3ca5e1d8903c60d9690ff8c

Download Submit
/Users/run/Library/Application Support/JREInstaller/JREInstallLog.txt

Filesize
4KB

MD5
8e9a70cf81b3476aef979f0859dba61c

SHA1
e0000c94c75f7f2aff9a6e757706a6323743a58a

SHA256
3f5cac4e24fd491c663f17c9d4896f45e75a8bfeb54d7c85f10c71fab065382e

SHA512
1758321bf34cf93bed9b93facbf32a580ab1f9d7072f1a8e7d50f8031da008d319a32cd158e8b0647f1f8fd3975d071a8e953f6010d2ff534856b939949246e6

Download Submit
/Users/run/Library/Application Support/JREInstaller/JREInstallLog.txt

Filesize
4KB

MD5
12a5699446a699fcdbf64faccbea922b

SHA1
86eb963b4155493814a299eb77466ddb68de6805

SHA256
cdeb644cfeadaf1dcbffde5661f610c9b9509fe3351a8a2e8f5763cbbc2e5d19

SHA512
a4b08db94c6d3ba5f33104462eaf2ac3bc9e423fe4a70536f4d6a0f251013a9c18c82bfbed18f92e4644537188dcd6e4a229480bad745549d053b91287be0da8

Download Submit
/Users/run/Library/Application Support/JREInstaller/JREInstallLog.txt

Filesize
4KB

MD5
af4a183cd198c6f2f8a7fc515bf02e93

SHA1
636c14e46d9bc933f0bdb651f98c5e2958d01f82

SHA256
714e7f33804c6e59b6e018a23de7a884ee5efc9e2f47064298390fe6d06600fa

SHA512
10919eb72a02f4e1aa7365d6e323981d1af9810893e6fa96a0379357a71dbefd8ec4cac9f9606a07a2fff628e92aa85b27b55cfe97187e337f619c4a5a4630d1

Download Submit
/Users/run/Library/Application Support/JREInstaller/JREInstallLog.txt

Filesize
4KB

MD5
677a3b5a6e91d9ad9722352ff8104e5c

SHA1
f3b32f11e38261b845f16a441c122dd457b7db43

SHA256
eaa49ff25bddc3c541486bffc3302973797da8d2ba69a0e0c6d073463832b93b

SHA512
b441916b5fde869cad3173e71512092bbbbef3bba4ef10153ed3873cc63fd30fe504290f4075f0f5e6cc559a53a246784570c8f9fcfa6847461c3955d67fde9d

Download Submit
/Users/run/Library/Application Support/JREInstaller/JREInstallLog.txt

Filesize
4KB

MD5
b6598699480dc214b87452195cf5d222

SHA1
1c52f2d6af80db1e69b980a4de38e6b66792fb27

SHA256
de6c065c56535db3c227e3f5a8a54892e87304640318034be30074ba17e6ab94

SHA512
3403500986a55fcecd0c2f4f89579cd6b40097ab953c1928e50ac4b0479eaf3488616f942d2afe4f481880b114f683f19de40015cdf37cde8e344878d7301394

Download Submit
/Users/run/Library/Application Support/JREInstaller/JREInstallLog.txt

Filesize
4KB

MD5
9d24c15b9eaa9140fb9d1ccd2277c2f2

SHA1
1f5c53ad57fb911cc3fce8433d2f4ef653de005a

SHA256
9d9769f573a945803b6796b15153be7170420596af225cfaba8e6fde73a65770

SHA512
2a0674563a3c2e7c09a223b4e8baf8ca0f1a83886074b39bd708b5a7bba44c540cecba1f2c34fb3661e0b0b283356b25c91a803d933bfaacdefc47bcd4241497

Download Submit
/Users/run/Library/Application Support/JREInstaller/JREInstallLog.txt

Filesize
4KB

MD5
850f44c91368b16716b4f78af0bc8a1a

SHA1
186933ab1f047237b1ba103ce82772dbae93e7d6

SHA256
81ed3ccadd0640046b27e4bedc1636c5518b1f743cb1d9e662406ee2f644b3fb

SHA512
44d540963e4a8239680161bd26faac7ececd7f662d6eec075b1aed1deb1a15d8f4d66f27f9e18c9c33bab1fff4c3453a1dc1709e88d2ac19981fdb464489b9cd

Download Submit
/Users/run/Library/Application Support/JREInstaller/JREInstallLog.txt

Filesize
4KB

MD5
f063f1993463efa577ce11e7efae13e5

SHA1
e62668a6f1f7735b70d2b54cee0f67f35d8efb5a

SHA256
8abc29595734de8f3e289537feb51816e56862a9b850a2eef7e1158213b8b149

SHA512
47651ec36d3503ad8e0743048d151ab45056f18d525701d32916fc7e571d6ec9f60b97207d0641988b2194ead443b99562d3a97ff0b921292a0400baddba2ff2

Download Submit
/Users/run/Library/Application Support/JREInstaller/JREInstallLog.txt

Filesize
5KB

MD5
edca1e4e27213f4fca671877d62428e1

SHA1
7710a2e9878973262b47febb451beb76ca02c10e

SHA256
d13557d9b4426fed3fec5a2bd1bd7ba5f8573975e6176cf8b7ca3578b259ee35

SHA512
7122c712785fcd05b673897bfa4628b934a9f95ef6dd8a238858528f487f3f5125b4c1a5c2adfc02400171478d2f146432c42d8d0b1f9fd8fe4491ed594456f0

Download Submit
/Users/run/Library/Application Support/JREInstaller/JREInstallLog.txt

Filesize
5KB

MD5
5bfd96497f0fd5cb2f33b501e1e9bb7a

SHA1
9eee8fc0c132511698043ad5890ddf286c476848

SHA256
2ad0a778f223ce3ea47a7c66d0195510ff90602817a1b1aaf70682287973e1a9

SHA512
767be66b5d69424f0cd624da3805c6e2e064f641c582425a9c9ba0096bc9870b11909d98a9a3c4932c06235a3d49ef05dabae032400ab128c98c29195154bfa8

Download Submit
/private/var/db/spindump/.dat.nosync0225.GZ8MJL

Filesize
83KB

MD5
390fcd6728d5f1866e03024c64ef6c14

SHA1
0d65e006f701932df30df472988c01a0393894dd

SHA256
f22c05f91dbe5eee53f5665acfedbbc9b28a4dac143578b549492068175abc1f

SHA512
cef37dfaeddcdf8d1ca3ecd8e74650092e0781d005643824373e3d62a412f7db6753524e800ef86151f15d105a80ba006723ec2fe268925b7674e4b7d3711a92

Download Submit
/private/var/db/spindump/tailspin-trace.2023-01-31_21-23-18.tailspin

Filesize
16.3MB

MD5
4ae2f71c3df01fd4de4fbf5e15ca3f72

SHA1
2193c4b9696dc6e4755cd95045b058dda35d4ea8

SHA256
707ce573b8c3d3e436dafb6445b5257a931f135020cb941d68037272f42695da

SHA512
2460b561cd9c16276da0852b023e6c29b7cb0e0c297ef6ecc0e6dde36681cd64aece6ca248f5a31e511fb3d529703baedc9372f3eb17d6d15c5fad3cef009676

Download Submit
/private/var/db/spindump/tailspin-trace.2023-01-31_21-23-18.tailspin

Filesize
16.3MB

MD5
4ae2f71c3df01fd4de4fbf5e15ca3f72

SHA1
2193c4b9696dc6e4755cd95045b058dda35d4ea8

SHA256
707ce573b8c3d3e436dafb6445b5257a931f135020cb941d68037272f42695da

SHA512
2460b561cd9c16276da0852b023e6c29b7cb0e0c297ef6ecc0e6dde36681cd64aece6ca248f5a31e511fb3d529703baedc9372f3eb17d6d15c5fad3cef009676

Download Submit
/private/var/db/spindump/tailspin-trace.2023-01-31_21-23-18.tailspin

Filesize
16.3MB

MD5
4ae2f71c3df01fd4de4fbf5e15ca3f72

SHA1
2193c4b9696dc6e4755cd95045b058dda35d4ea8

SHA256
707ce573b8c3d3e436dafb6445b5257a931f135020cb941d68037272f42695da

SHA512
2460b561cd9c16276da0852b023e6c29b7cb0e0c297ef6ecc0e6dde36681cd64aece6ca248f5a31e511fb3d529703baedc9372f3eb17d6d15c5fad3cef009676

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/mds/mdsDirectory.db

Filesize
47KB

MD5
0e4a0d1ceb2af6f0f8d0167ce77be2d3

SHA1
414ba4c1dc5fc8bf53d550e296fd6f5ad669918c

SHA256
cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030

SHA512
1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/mds/mdsDirectory.db

Filesize
47KB

MD5
0e4a0d1ceb2af6f0f8d0167ce77be2d3

SHA1
414ba4c1dc5fc8bf53d550e296fd6f5ad669918c

SHA256
cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030

SHA512
1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/mds/mdsDirectory.db

Filesize
47KB

MD5
0e4a0d1ceb2af6f0f8d0167ce77be2d3

SHA1
414ba4c1dc5fc8bf53d550e296fd6f5ad669918c

SHA256
cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030

SHA512
1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/mds/mdsDirectory.db

Filesize
47KB

MD5
0e4a0d1ceb2af6f0f8d0167ce77be2d3

SHA1
414ba4c1dc5fc8bf53d550e296fd6f5ad669918c

SHA256
cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030

SHA512
1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/mds/mdsDirectory.db_

Filesize
47KB

MD5
0e4a0d1ceb2af6f0f8d0167ce77be2d3

SHA1
414ba4c1dc5fc8bf53d550e296fd6f5ad669918c

SHA256
cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030

SHA512
1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/mds/mdsDirectory.db_

Filesize
47KB

MD5
0e4a0d1ceb2af6f0f8d0167ce77be2d3

SHA1
414ba4c1dc5fc8bf53d550e296fd6f5ad669918c

SHA256
cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030

SHA512
1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/mds/mdsObject.db

Filesize
4KB

MD5
d3a1859e6ec593505cc882e6def48fc8

SHA1
f8e6728e3e9de477a75706faa95cead9ce13cb32

SHA256
3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c

SHA512
ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/mds/mdsObject.db

Filesize
4KB

MD5
d3a1859e6ec593505cc882e6def48fc8

SHA1
f8e6728e3e9de477a75706faa95cead9ce13cb32

SHA256
3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c

SHA512
ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/mds/mdsObject.db_

Filesize
4KB

MD5
d3a1859e6ec593505cc882e6def48fc8

SHA1
f8e6728e3e9de477a75706faa95cead9ce13cb32

SHA256
3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c

SHA512
ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/mds/mdsObject.db_

Filesize
4KB

MD5
d3a1859e6ec593505cc882e6def48fc8

SHA1
f8e6728e3e9de477a75706faa95cead9ce13cb32

SHA256
3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c

SHA512
ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818

Download Submit
/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/spindump.txt

Filesize
244KB

MD5
e0dc8b7c411f57aa015280cdf378d4b7

SHA1
39787799b8f68bad5d7ff75e7685c5eff7df73a9

SHA256
a3f17faf56cedeb191d4905822fc343c356a506729362f89e6ae2e589660facf

SHA512
4062e3197c5751e2af3c3052b38dd451155064776dac74b4a4e30e965a8d8f857fdde05318a011a17b1ba161cd0812304890c8a1139f1a95fad899c5383c11cd

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads