Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
124s -
max time network
125s -
platform
macos_amd64 -
resource
macos-20220504-en -
resource tags
-
submitted
05/02/2023, 10:43
General
-
Target
hello.exe
-
Size
952KB
-
MD5
bfcf6557c5a4b86b90e13bedd6a42087
-
SHA1
a0512191b5f18f0ab794b448f4866250c326d2c6
-
SHA256
236d5b0ad50c58a4c23b0080bc555c543b90afdef239ddec1ce2f4fa34849c09
-
SHA512
99a90eee3176a561dcb99533d509e98f522e1fa3fca0f1d5df4d33675038c1d5a4ddf80e664fc282a33fa53f02583aea1bd598584a024d09cfc5c6ca21d42288
-
SSDEEP
24576:jRa8fXfwkros1tJ8QD0RywEiE1g5sIgihnL08n:9ZXos3JFoTEiFgiG8
Score
1/10
Malware Config
Signatures
Processes
-
/usr/sbin/spctl/usr/sbin/spctl --status1⤵
-
/bin/shsh -c "sudo /bin/zsh -c \"/Users/run/hello.exe\""1⤵
-
/bin/bashsh -c "sudo /bin/zsh -c \"/Users/run/hello.exe\""1⤵
-
/bin/bashsh -c "sudo /bin/zsh -c \"/Users/run/hello.exe\""1⤵
-
/usr/bin/sudosudo /bin/zsh -c /Users/run/hello.exe1⤵
-
/usr/bin/sudosudo /bin/zsh -c /Users/run/hello.exe1⤵
-
/bin/zsh/bin/zsh -c /Users/run/hello.exe2⤵
-
-
/bin/zsh/bin/zsh -c /Users/run/hello.exe2⤵
-
-
/Users/run/hello.exe/Users/run/hello.exe2⤵
-
-
/Users/run/hello.exe/Users/run/hello.exe2⤵
-
-
/usr/sbin/spctl/usr/sbin/spctl --test-devid-status1⤵
-
/usr/bin/syslog/usr/bin/syslog -s -k com.apple.message.domain com.apple.security.assessment.current_state com.apple.message.signature "assessments enabled" com.apple.message.signature2 "devid enabled" Message "Gatekeeper state assessments enabled/devid enabled"1⤵
-
/bin/lsls1⤵
-
/bin/lsls1⤵
-
./hello.exe./hello.exe1⤵
-
./hello.exe./hello.exe1⤵
-
/bin/bashbash hello.exe1⤵
-
/bin/bashbash hello.exe1⤵
-
/usr/bin/unameuname -m2⤵
-
-
/usr/bin/unameuname -m2⤵
-
-
/bin/mkdirmkdir -p /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/2⤵
-
-
/bin/mkdirmkdir -p /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/2⤵
-
-
/bin/dddd "if=" "of=/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T//.ape.525" "skip=146" "count=128" "bs=64"2⤵
-
-
/bin/dddd "if=" "of=/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T//.ape.525" "skip=146" "count=128" "bs=64"2⤵
-
-
/bin/dddd "if=/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T//.ape.525" "of=/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T//.ape.525" "skip=6" "count=10" "bs=64" "conv=notrunc"2⤵
-
-
/bin/dddd "if=/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T//.ape.525" "of=/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T//.ape.525" "skip=6" "count=10" "bs=64" "conv=notrunc"2⤵
-
-
/bin/chmodchmod 755 /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T//.ape.5252⤵
-
-
/bin/chmodchmod 755 /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T//.ape.5252⤵
-
-
/bin/mvmv -f /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T//.ape.525 /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T//.ape2⤵
-
-
/bin/mvmv -f /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T//.ape.525 /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T//.ape2⤵
-
-
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T//.ape/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T//.ape1⤵
-
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T//.ape/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T//.ape1⤵
-
/bin/shsh hello.exe1⤵
-
/bin/shsh hello.exe1⤵
-
/bin/bashsh hello.exe1⤵
-
/bin/bashsh hello.exe1⤵
-
/usr/bin/unameuname -m2⤵
-
-
/usr/bin/unameuname -m2⤵
-
-
/bin/mkdirmkdir -p /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/2⤵
-
-
/bin/mkdirmkdir -p /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/2⤵
-
-
/bin/dddd "if=" "of=/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T//.ape.533" "skip=146" "count=128" "bs=64"2⤵
-
-
/bin/dddd "if=" "of=/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T//.ape.533" "skip=146" "count=128" "bs=64"2⤵
-
-
/bin/dddd "if=/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T//.ape.533" "of=/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T//.ape.533" "skip=6" "count=10" "bs=64" "conv=notrunc"2⤵
-
-
/bin/dddd "if=/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T//.ape.533" "of=/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T//.ape.533" "skip=6" "count=10" "bs=64" "conv=notrunc"2⤵
-
-
/bin/chmodchmod 755 /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T//.ape.5332⤵
-
-
/bin/chmodchmod 755 /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T//.ape.5332⤵
-
-
/bin/mvmv -f /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T//.ape.533 /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T//.ape2⤵
-
-
/bin/mvmv -f /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T//.ape.533 /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T//.ape2⤵
-
-
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T//.ape/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T//.ape1⤵
-
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T//.ape/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T//.ape1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
357B
MD5661f0550ce9a193ecf52d30816560e1c
SHA1a236914b26f6b3c217be1ae9e35b4c7a2f342925
SHA256eecd6d04d645742efa80244b0ee058738c1da011ee8fa7a16f158936a7418daf
SHA51264515e66fe064904437bfc8d1b0cfca2ca4cd0b583f019c9fe562113bb80d475e8f82bc41ec4970f41bb2e4e36ad64f5cdf8bf4ba88fcb1522136f2d0ec4f111
-
Filesize
357B
MD5661f0550ce9a193ecf52d30816560e1c
SHA1a236914b26f6b3c217be1ae9e35b4c7a2f342925
SHA256eecd6d04d645742efa80244b0ee058738c1da011ee8fa7a16f158936a7418daf
SHA51264515e66fe064904437bfc8d1b0cfca2ca4cd0b583f019c9fe562113bb80d475e8f82bc41ec4970f41bb2e4e36ad64f5cdf8bf4ba88fcb1522136f2d0ec4f111