983852aa78f3e7d52aa652eab80f80665617e2a80db0968660306220d408c19d

Resubmissions

03/02/2023, 20:35

230203-zc33taee2x 1

03/02/2023, 20:34

03/02/2023, 20:33

03/02/2023, 20:27

03/02/2023, 20:24

Analysis

max time kernel
1785s
max time network
1803s
platform
macos_amd64
resource
macos-20220504-en
resource tags

arch:amd64arch:i386image:macos-20220504-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
submitted
03/02/2023, 20:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

TLauncher-2.841-Installer-0.9.5.2.exe
Size

21.0MB
MD5

8652b28eb7ac27b0882377ad94f47aef
SHA1

d1c12a5402fbbd62d75e71c6fd2b8243c4ba2161
SHA256

983852aa78f3e7d52aa652eab80f80665617e2a80db0968660306220d408c19d
SHA512

0bb181feb4bad90b1e526b61b462472762a979a57086499190e340e9978ebfae861b7451411f1205b6385d9fb9fb2cc8e1ac0707536a77aaabe6e307360c50d3
SSDEEP

393216:UXN19opNQ9X0fs/dQETVlOBbpFEj9GZdqV56HpkV3sZH3oegny:UdcE6HExiTTqqHp8aH2y

Score

1^/10

Malware Config

Signatures

/bin/sh
sh -c "sudo /bin/zsh -c \"/Users/run/TLauncher-2.841-Installer-0.9.5.2.exe\""
1⤵
PID:505

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/TLauncher-2.841-Installer-0.9.5.2.exe\""
1⤵
PID:505

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/TLauncher-2.841-Installer-0.9.5.2.exe\""
1⤵
PID:505

/usr/bin/sudo
sudo /bin/zsh -c /Users/run/TLauncher-2.841-Installer-0.9.5.2.exe
1⤵
PID:505

/usr/bin/sudo
sudo /bin/zsh -c /Users/run/TLauncher-2.841-Installer-0.9.5.2.exe
1⤵
PID:505
- /bin/zsh
  /bin/zsh -c /Users/run/TLauncher-2.841-Installer-0.9.5.2.exe
  2⤵
  PID:515
- /bin/zsh
  /bin/zsh -c /Users/run/TLauncher-2.841-Installer-0.9.5.2.exe
  2⤵
  PID:515
- /Users/run/TLauncher-2.841-Installer-0.9.5.2.exe
  /Users/run/TLauncher-2.841-Installer-0.9.5.2.exe
  2⤵
  PID:515
- /Users/run/TLauncher-2.841-Installer-0.9.5.2.exe
  /Users/run/TLauncher-2.841-Installer-0.9.5.2.exe
  2⤵
  PID:515

/usr/sbin/spctl
/usr/sbin/spctl --status
1⤵
PID:507

/usr/sbin/spctl
/usr/sbin/spctl --test-devid-status
1⤵
PID:516

/usr/bin/syslog
/usr/bin/syslog -s -k com.apple.message.domain com.apple.security.assessment.current_state com.apple.message.signature "assessments enabled" com.apple.message.signature2 "devid enabled" Message "Gatekeeper state assessments enabled/devid enabled"
1⤵
PID:517

/usr/libexec/xpcproxy
xpcproxy com.apple.systempreferences.2140
1⤵
PID:529

/System/Applications/System Preferences.app/Contents/MacOS/System Preferences
"/System/Applications/System Preferences.app/Contents/MacOS/System Preferences"
1⤵
PID:529

/usr/libexec/xpcproxy
xpcproxy com.apple.AccountProfileRemoteViewService 529
1⤵
PID:530

/System/Library/PrivateFrameworks/AOSUI.framework/Versions/A/XPCServices/AccountProfileRemoteViewService.xpc/Contents/MacOS/AccountProfileRemoteViewService
/System/Library/PrivateFrameworks/AOSUI.framework/Versions/A/XPCServices/AccountProfileRemoteViewService.xpc/Contents/MacOS/AccountProfileRemoteViewService
1⤵
PID:530

/System/Library/PreferencePanes/ClassroomSettings.prefPane/Contents/Resources/ClassroomSettingsVisibilityCheckTool
/System/Library/PreferencePanes/ClassroomSettings.prefPane/Contents/Resources/ClassroomSettingsVisibilityCheckTool
1⤵
PID:532

/System/Library/PreferencePanes/Profiles.prefPane/Contents/Resources/CPPrefPaneEnabledTool
/System/Library/PreferencePanes/Profiles.prefPane/Contents/Resources/CPPrefPaneEnabledTool
1⤵
PID:533

/System/Library/PreferencePanes/Sidecar.prefPane/Contents/Resources/sidecarPrefCheck
/System/Library/PreferencePanes/Sidecar.prefPane/Contents/Resources/sidecarPrefCheck
1⤵
PID:534

/System/Library/PreferencePanes/TouchID.prefPane/Contents/Resources/AllowPasswordPref
/System/Library/PreferencePanes/TouchID.prefPane/Contents/Resources/AllowPasswordPref
1⤵
PID:535

/System/Library/PreferencePanes/Wallet.prefPane/Contents/Resources/walletAvailabilityCheckTool
/System/Library/PreferencePanes/Wallet.prefPane/Contents/Resources/walletAvailabilityCheckTool
1⤵
PID:536

/usr/libexec/xpcproxy
xpcproxy com.apple.studentd
1⤵
PID:537

/usr/libexec/studentd
/usr/libexec/studentd
1⤵
PID:537

/System/Applications/TV.app/Contents/MacOS/TV
/System/Applications/TV.app/Contents/MacOS/TV
1⤵
PID:542

/usr/libexec/xpcproxy
xpcproxy com.apple.accessibility.mediaaccessibilityd
1⤵
PID:544

/System/Library/Frameworks/MediaAccessibility.framework/Versions/A/XPCServices/com.apple.accessibility.mediaaccessibilityd.xpc/Contents/MacOS/com.apple.accessibility.mediaaccessibilityd
/System/Library/Frameworks/MediaAccessibility.framework/Versions/A/XPCServices/com.apple.accessibility.mediaaccessibilityd.xpc/Contents/MacOS/com.apple.accessibility.mediaaccessibilityd
1⤵
PID:544

/usr/libexec/xpcproxy
xpcproxy com.apple.WebKit.WebContent.88719B62-2DF3-48E9-8934-5059EA5CAB1A 542
1⤵
PID:547

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
1⤵
PID:547

/usr/libexec/xpcproxy
xpcproxy com.apple.Safari.SafeBrowsing.Service
1⤵
PID:549

/System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service
/System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service
1⤵
PID:549

/usr/libexec/xpcproxy
xpcproxy com.apple.WebKit.WebContent.8C9D743E-9940-4468-BD48-DA86452507FA 542
1⤵
PID:553

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
1⤵
PID:553

/usr/libexec/xpcproxy
xpcproxy com.apple.ReportMemoryException
1⤵
PID:555

/usr/libexec/ReportMemoryException
/usr/libexec/ReportMemoryException
1⤵
PID:555

/usr/libexec/xpcproxy
xpcproxy com.apple.diagnosticd
1⤵
PID:572

/usr/libexec/diagnosticd
/usr/libexec/diagnosticd
1⤵
PID:572

/usr/libexec/xpcproxy
xpcproxy com.apple.parsec-fbf
1⤵
PID:573

/System/Library/PrivateFrameworks/CoreParsec.framework/parsec-fbf
/System/Library/PrivateFrameworks/CoreParsec.framework/parsec-fbf
1⤵
PID:573

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/Users/run/Library/Caches/.dat.nosync0211.lldic5

Filesize
294KB

MD5
54a6415f0ccd912e6ef418df31566b14

SHA1
4b00b5adc45cf789c2d3464c184c1f782a73b2dd

SHA256
5703d526d31fb16982bafaab18e698b2bc9c10f5bdb690ad216ea0e09db16633

SHA512
0672d0c9a787f76fedb254202c669cb0553a9f7f99ba9b2e2511005d883a308db5850822fefc4b4dde4e24b0337aae5b215a34c9bb1fa7a0934199fce86613af

Download Submit
/Users/run/Library/Caches/com.apple.parsecd/session.323.15048444-E8FB-4451-B1B0-A6080DFA5AED.processing.pb.uploadPending

Filesize
847B

MD5
8e2e027cf0b1f2250cd54fcd939b2683

SHA1
43e4351c387a4c66f79a09f4a3d84bfd368a40f0

SHA256
95bfe72b1abbb423518134083caca95a6960652ac4a075907f4f098a5a258f76

SHA512
27538cd4571e6291eac34ca8eb459190160aa50b36de36dbb4b8042767a1ba02c6ad4fc33ea40fad7e3b3a2501895adaa1872cf67d732754821f190376e5320a

Download Submit
/Users/run/Library/Caches/com.apple.parsecd/session.323.15048444-E8FB-4451-B1B0-A6080DFA5AED.processing.pb.uploadPending

Filesize
847B

MD5
8e2e027cf0b1f2250cd54fcd939b2683

SHA1
43e4351c387a4c66f79a09f4a3d84bfd368a40f0

SHA256
95bfe72b1abbb423518134083caca95a6960652ac4a075907f4f098a5a258f76

SHA512
27538cd4571e6291eac34ca8eb459190160aa50b36de36dbb4b8042767a1ba02c6ad4fc33ea40fad7e3b3a2501895adaa1872cf67d732754821f190376e5320a

Download Submit
/Users/run/Library/Caches/com.apple.parsecd/session.323.15048444-E8FB-4451-B1B0-A6080DFA5AED.processing.pb.uploadPending

Filesize
847B

MD5
8e2e027cf0b1f2250cd54fcd939b2683

SHA1
43e4351c387a4c66f79a09f4a3d84bfd368a40f0

SHA256
95bfe72b1abbb423518134083caca95a6960652ac4a075907f4f098a5a258f76

SHA512
27538cd4571e6291eac34ca8eb459190160aa50b36de36dbb4b8042767a1ba02c6ad4fc33ea40fad7e3b3a2501895adaa1872cf67d732754821f190376e5320a

Download Submit
/Users/run/Library/Caches/com.apple.parsecd/session.323.15048444-E8FB-4451-B1B0-A6080DFA5AED.processing.pb.uploadPending

Filesize
847B

MD5
8e2e027cf0b1f2250cd54fcd939b2683

SHA1
43e4351c387a4c66f79a09f4a3d84bfd368a40f0

SHA256
95bfe72b1abbb423518134083caca95a6960652ac4a075907f4f098a5a258f76

SHA512
27538cd4571e6291eac34ca8eb459190160aa50b36de36dbb4b8042767a1ba02c6ad4fc33ea40fad7e3b3a2501895adaa1872cf67d732754821f190376e5320a

Download Submit
/Users/run/Library/Caches/com.apple.parsecd/session.323.15048444-E8FB-4451-B1B0-A6080DFA5AED.processing.pb.uploadPending

Filesize
847B

MD5
8e2e027cf0b1f2250cd54fcd939b2683

SHA1
43e4351c387a4c66f79a09f4a3d84bfd368a40f0

SHA256
95bfe72b1abbb423518134083caca95a6960652ac4a075907f4f098a5a258f76

SHA512
27538cd4571e6291eac34ca8eb459190160aa50b36de36dbb4b8042767a1ba02c6ad4fc33ea40fad7e3b3a2501895adaa1872cf67d732754821f190376e5320a

Download Submit
/Users/run/Movies/TV/TV Library.tvlibrary/Temp File.tmp

Filesize
250B

MD5
f223937fdaef2d2be05f3f0cc8efaeb4

SHA1
b45b3a21a26e1e6ccc1ba3add1c2914f64d57664

SHA256
d37ec1e3ee80f4b35449abcdff37bae157b19f8589cdc6c022dee80aa92642b3

SHA512
b10a32d88d2b11ead6711adeb8cfbc45087f52897f70bedf176c614073d3fba164949fa9dfb0680b360f076ea09d5435d91ae1a8d1ddb7677a4aeb82b6d218ec

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/malware,osx,url_expression

Filesize
321KB

MD5
9302576f95f2b3451cf6e76933ddd3a9

SHA1
05114d98257f23ba0c5d58a197f4d352904c12db

SHA256
28d2f45f31164e515da0c73b456b3d613ae1d2b5223c6b0ba1b0c22f9b209612

SHA512
2de183a02e5138851e1642e72801988763cee17825f5905d98fa397dfbdf3379a0faddc58aa5846fe33dc3fd91c939f87bf50f9316ebabaa6495f34c9e82a2dd

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/malware,osx,url_expression.tmp

Filesize
321KB

MD5
9302576f95f2b3451cf6e76933ddd3a9

SHA1
05114d98257f23ba0c5d58a197f4d352904c12db

SHA256
28d2f45f31164e515da0c73b456b3d613ae1d2b5223c6b0ba1b0c22f9b209612

SHA512
2de183a02e5138851e1642e72801988763cee17825f5905d98fa397dfbdf3379a0faddc58aa5846fe33dc3fd91c939f87bf50f9316ebabaa6495f34c9e82a2dd

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/social_engineering,osx,url_expression

Filesize
26.3MB

MD5
f707322a699f777c5ed6fc8cff75aae1

SHA1
bca688703ad6d59fba0c4bc57fa258ea353d9cb3

SHA256
e246687ed8862c0dacdd85f0b5703ac982d54419e6f798ad02e8f6c14249d16a

SHA512
1eab0566bf2b09c5255ea6cea3fea9a2b8bd6a8fcf9544b92b5fa19e707461b03c566d6e83367ab917bb8d9e3ac8020d34b852281c162e39f5e6c9786b08c4d9

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/social_engineering,osx,url_expression.tmp

Filesize
26.3MB

MD5
f707322a699f777c5ed6fc8cff75aae1

SHA1
bca688703ad6d59fba0c4bc57fa258ea353d9cb3

SHA256
e246687ed8862c0dacdd85f0b5703ac982d54419e6f798ad02e8f6c14249d16a

SHA512
1eab0566bf2b09c5255ea6cea3fea9a2b8bd6a8fcf9544b92b5fa19e707461b03c566d6e83367ab917bb8d9e3ac8020d34b852281c162e39f5e6c9786b08c4d9

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/unwanted_software,osx,url_expression

Filesize
114KB

MD5
f0a30cc6f87701425fb4c518a208de15

SHA1
35b69b18fd5620fb946119069d685103379becb2

SHA256
56c7b5043780d8214763c65dd5471672aa9d9dbe030e71dab52c57c704840a59

SHA512
5db3aee1a9e983c84130961ddb6620ec9ee8cc6b4f98c808880ca030675a3b156b5530f0b4105c8060269f7234005c572797c9c148aeaf7396f12e929503577b

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/unwanted_software,osx,url_expression.tmp

Filesize
114KB

MD5
f0a30cc6f87701425fb4c518a208de15

SHA1
35b69b18fd5620fb946119069d685103379becb2

SHA256
56c7b5043780d8214763c65dd5471672aa9d9dbe030e71dab52c57c704840a59

SHA512
5db3aee1a9e983c84130961ddb6620ec9ee8cc6b4f98c808880ca030675a3b156b5530f0b4105c8060269f7234005c572797c9c148aeaf7396f12e929503577b

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.WebKit.WebContent.Sandbox/CompiledSandbox+_1YYzncKIoXjhjWCwKl267SpBYLvsZewldQMq9uV4SU

Filesize
48KB

MD5
220cf5e933e977986eb1004743b55d27

SHA1
b54cc29602d39247c7595cab725f678ec6de79cc

SHA256
3dca99f87ab1858ed50e3b63aac64b90347492c50a53b3d4835a4609b1600f7c

SHA512
379453af4dbc7f6b2082d04ba1c217f64448bf9ceaf602a4784f69a2e97641e39e28d2b6e21e47b0ee9af39fc918eeaad2aebab59ae2eb9456fb172e85d28bfe

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.WebKit.WebContent.Sandbox/CompiledSandbox+_1YYzncKIoXjhjWCwKl267SpBYLvsZewldQMq9uV4SU

Filesize
48KB

MD5
220cf5e933e977986eb1004743b55d27

SHA1
b54cc29602d39247c7595cab725f678ec6de79cc

SHA256
3dca99f87ab1858ed50e3b63aac64b90347492c50a53b3d4835a4609b1600f7c

SHA512
379453af4dbc7f6b2082d04ba1c217f64448bf9ceaf602a4784f69a2e97641e39e28d2b6e21e47b0ee9af39fc918eeaad2aebab59ae2eb9456fb172e85d28bfe

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/mds/mdsDirectory.db

Filesize
47KB

MD5
0e4a0d1ceb2af6f0f8d0167ce77be2d3

SHA1
414ba4c1dc5fc8bf53d550e296fd6f5ad669918c

SHA256
cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030

SHA512
1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/mds/mdsDirectory.db

Filesize
47KB

MD5
0e4a0d1ceb2af6f0f8d0167ce77be2d3

SHA1
414ba4c1dc5fc8bf53d550e296fd6f5ad669918c

SHA256
cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030

SHA512
1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/mds/mdsDirectory.db_

Filesize
47KB

MD5
0e4a0d1ceb2af6f0f8d0167ce77be2d3

SHA1
414ba4c1dc5fc8bf53d550e296fd6f5ad669918c

SHA256
cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030

SHA512
1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/mds/mdsObject.db

Filesize
4KB

MD5
d3a1859e6ec593505cc882e6def48fc8

SHA1
f8e6728e3e9de477a75706faa95cead9ce13cb32

SHA256
3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c

SHA512
ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/mds/mdsObject.db_

Filesize
4KB

MD5
d3a1859e6ec593505cc882e6def48fc8

SHA1
f8e6728e3e9de477a75706faa95cead9ce13cb32

SHA256
3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c

SHA512
ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/com.apple.studentd/TemporaryItems/(A Document Being Saved By studentd)/isConnected

Filesize
9B

MD5
2ec0d16e4ca169baedb9b2d50ec5c6d7

SHA1
c2f9b7b4897f03f94abf92294c9ca46fea62360b

SHA256
22965568d22a14ee17af055d2870b50afcfe9fd94a83eec3196e266932297bb2

SHA512
22f8e80d23c6110fb42017d8f48db768acb5ed4c1a9153bdfc50f8fb0561dd4dc9267efcb9b88bf772200d7fb46c4c19bd86aec41432c12b52ba286729339334

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads