845ef90acc34abfce89e3e630265f23c03581918d30256c9e3c3d65250464933

Resubmissions

21/03/2024, 09:23

240321-lcmtyahf8z 4

04/03/2023, 13:00

03/03/2023, 08:16

03/03/2023, 08:05

03/03/2023, 05:14

03/03/2023, 05:05

Analysis

max time kernel
355s
max time network
367s
platform
macos_amd64
resource
macos-20220504-en
resource tags

arch:amd64arch:i386image:macos-20220504-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
submitted
03/03/2023, 05:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

PureLand Launcher.pkg
Size

236KB
MD5

c977b2cf2ac615586b9f53342f70b0ec
SHA1

59219512ddf4fb388a23b20e679af8567fb81cdc
SHA256

845ef90acc34abfce89e3e630265f23c03581918d30256c9e3c3d65250464933
SHA512

192adf43b9211dbbafd73097300aa597f5627cb2c1a15d9f14b08c5ed5d4dee559c5e386ee7e2c09131fd137c197b7f38b0c86b9cea3c7dd0aad762e7cdfd692
SSDEEP

6144:1yIZ7zBzswTzzO3Kt6wfJ01iZLM3ZsNLH1lQ5jL+oWhF:1179zO3GfJ04ZLg2m8F

Score

1^/10

Malware Config

Signatures

/bin/sh
sh -c "sudo /bin/zsh -c \"installer -pkg /Users/run/setup.pkg -target /\""
1⤵
PID:500

/bin/bash
sh -c "sudo /bin/zsh -c \"installer -pkg /Users/run/setup.pkg -target /\""
1⤵
PID:500

/bin/bash
sh -c "sudo /bin/zsh -c \"installer -pkg /Users/run/setup.pkg -target /\""
1⤵
PID:500

/usr/bin/sudo
sudo /bin/zsh -c "installer -pkg /Users/run/setup.pkg -target /"
1⤵
PID:500

/usr/bin/sudo
sudo /bin/zsh -c "installer -pkg /Users/run/setup.pkg -target /"
1⤵
PID:500
- /bin/zsh
  /bin/zsh -c "installer -pkg /Users/run/setup.pkg -target /"
  2⤵
  PID:501
- /bin/zsh
  /bin/zsh -c "installer -pkg /Users/run/setup.pkg -target /"
  2⤵
  PID:501
- /usr/sbin/installer
  installer -pkg /Users/run/setup.pkg -target /
  2⤵
  PID:501
- /usr/sbin/installer
  installer -pkg /Users/run/setup.pkg -target /
  2⤵
  PID:501

/usr/libexec/xpcproxy
xpcproxy com.apple.installd
1⤵
PID:503

/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
1⤵
PID:503

/System/Library/PrivateFrameworks/PackageKit.framework/Resources/efw_cache_update
/System/Library/PrivateFrameworks/PackageKit.framework/Resources/efw_cache_update /Library/InstallerSandboxes/.PKInstallSandboxManager/EC6337C2-D406-44E2-B945-95EA2E12D1B4.activeSandbox/Root/Applications/Installer.app
1⤵
PID:504

/System/Library/PrivateFrameworks/PackageKit.framework/Resources/install_monitor
/System/Library/PrivateFrameworks/PackageKit.framework/Resources/install_monitor -t /private/var/run/installd.commit.pid
1⤵
PID:505

/System/Library/PrivateFrameworks/PackageKit.framework/Resources/shove
/System/Library/PrivateFrameworks/PackageKit.framework/Resources/shove -f -s /Library/InstallerSandboxes/.PKInstallSandboxManager/EC6337C2-D406-44E2-B945-95EA2E12D1B4.activeSandbox/Root /
1⤵
PID:526

/System/Library/PrivateFrameworks/PackageKit.framework/Resources/efw_cache_update
/System/Library/PrivateFrameworks/PackageKit.framework/Resources/efw_cache_update -c
1⤵
PID:527

/usr/libexec/xpcproxy
xpcproxy com.apple.spindump
1⤵
PID:538

/usr/sbin/spindump
/usr/sbin/spindump
1⤵
PID:538

/usr/libexec/xpcproxy
xpcproxy com.apple.tailspind
1⤵
PID:539

/usr/libexec/tailspind
/usr/libexec/tailspind
1⤵
PID:539

/usr/libexec/xpcproxy
xpcproxy com.apple.spindump_agent
1⤵
PID:540

/usr/libexec/spindump_agent
/usr/libexec/spindump_agent
1⤵
PID:540

/usr/libexec/xpcproxy
xpcproxy com.apple.corespotlightservice.725FD30A-6064-6C02-CC51-5DDB8891B57E
1⤵
PID:555

/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
1⤵
PID:555

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/Library/InstallerSandboxes/.PKInstallSandboxManager/EC6337C2-D406-44E2-B945-95EA2E12D1B4.activeSandbox/Boms/com.example.www.bom

Filesize
35KB

MD5
5e0e3a35209eead35a7c195a81d5953d

SHA1
78325415e59ad2e490db847a2317e4fc58206fcd

SHA256
345900eb08785ba73f46d074bf2c55439f1c74f3e75f4fd759a72af61efd0453

SHA512
2a285e0820d8f8e36f940feef5497bce171b8e7ca0012d7866edceb91aaac00d6ca3dae1a778c68e909771e0cd8e8e4e2392e4ba47f45d3fa4e57bec4b098a51

Download Submit
/Library/InstallerSandboxes/.PKInstallSandboxManager/EC6337C2-D406-44E2-B945-95EA2E12D1B4.activeSandbox/Boms/com.example.www.bom

Filesize
35KB

MD5
5e0e3a35209eead35a7c195a81d5953d

SHA1
78325415e59ad2e490db847a2317e4fc58206fcd

SHA256
345900eb08785ba73f46d074bf2c55439f1c74f3e75f4fd759a72af61efd0453

SHA512
2a285e0820d8f8e36f940feef5497bce171b8e7ca0012d7866edceb91aaac00d6ca3dae1a778c68e909771e0cd8e8e4e2392e4ba47f45d3fa4e57bec4b098a51

Download Submit
/Library/InstallerSandboxes/.PKInstallSandboxManager/EC6337C2-D406-44E2-B945-95EA2E12D1B4.activeSandbox/Root/Applications/.BC.T_OI7T1o

Filesize
220B

MD5
5b4d806d060f9371c39eacdc43dd9307

SHA1
442068bb85ebea9c73f7774aa5e96d9575f5a4a6

SHA256
e86c36f224b065e1dec162a2e350a641477b6e655119f12808b514cceac71443

SHA512
55763e4281aaace635d5c2ac2ccc92247b3973ec7e170c49ced4d62f5ad7769bbd091d54744789ba784147cd336f41eb670a3b68b4826fb585ebc6110021cbc8

Download Submit
/Library/InstallerSandboxes/.PKInstallSandboxManager/EC6337C2-D406-44E2-B945-95EA2E12D1B4.activeSandbox/Root/Applications/._Installer.app__

Filesize
220B

MD5
5b4d806d060f9371c39eacdc43dd9307

SHA1
442068bb85ebea9c73f7774aa5e96d9575f5a4a6

SHA256
e86c36f224b065e1dec162a2e350a641477b6e655119f12808b514cceac71443

SHA512
55763e4281aaace635d5c2ac2ccc92247b3973ec7e170c49ced4d62f5ad7769bbd091d54744789ba784147cd336f41eb670a3b68b4826fb585ebc6110021cbc8

Download Submit
/Library/InstallerSandboxes/.PKInstallSandboxManager/EC6337C2-D406-44E2-B945-95EA2E12D1B4.activeSandbox/Root/Applications/Installer.app/Contents/.BC.T_zE7GtZ

Filesize
893B

MD5
9971094a989829c3117cf9f49c8f3838

SHA1
a9ffa3e9ce78a6e62454e39b1782084440cf6bb4

SHA256
cfdbc506f6900444d628892bc98f65f678fb68ac64c65b798fb42dde30e2d367

SHA512
463a3152962bcb39161b0bd9db13fce2f8935d4b2c0314135e878dab78c3462b32389d905447a4f769c48ac478cfceb43a17b43ae5ea3205ddaaac518ccfd090

Download Submit
/Library/InstallerSandboxes/.PKInstallSandboxManager/EC6337C2-D406-44E2-B945-95EA2E12D1B4.activeSandbox/Root/Applications/Installer.app/Contents/Info.plist

Filesize
893B

MD5
9971094a989829c3117cf9f49c8f3838

SHA1
a9ffa3e9ce78a6e62454e39b1782084440cf6bb4

SHA256
cfdbc506f6900444d628892bc98f65f678fb68ac64c65b798fb42dde30e2d367

SHA512
463a3152962bcb39161b0bd9db13fce2f8935d4b2c0314135e878dab78c3462b32389d905447a4f769c48ac478cfceb43a17b43ae5ea3205ddaaac518ccfd090

Download Submit
/Library/InstallerSandboxes/.PKInstallSandboxManager/EC6337C2-D406-44E2-B945-95EA2E12D1B4.activeSandbox/Root/Applications/Installer.app/Contents/MacOS/.BC.T_F6f13K

Filesize
448KB

MD5
4c5b0e5ef61c699c1522ce45eb0171e2

SHA1
aa033e9f102bc8d98360e6079da3c8b4d7e2d3c8

SHA256
82633f6fec78560d657f6eda76d11a57c5747030847b3bc14766cec7d33d42be

SHA512
f39309bfb3181aa602215307b02f449250ff290c677e2e9b810441842987087876acdbcfc2066f6143f41310adc70c1e1a447d7ed7cb2ef05f234e1ea93971b7

Download Submit
/Library/InstallerSandboxes/.PKInstallSandboxManager/EC6337C2-D406-44E2-B945-95EA2E12D1B4.activeSandbox/Root/Applications/Installer.app/Contents/Resources/.BC.T_Xj41Pq

Filesize
184KB

MD5
ddc657eea2315b4cbd5d449e4b960f03

SHA1
fa915f46fa636a0ee29b98d941c4a2d4576b5168

SHA256
c948aa3e048497e6ef57c42df90e9f906d35aeca991c46d9e07cf3e83fe5e5ca

SHA512
505661f9b0709d9b525a6dbb0de6c83d6cd5645e3ba7f685d651e611c8a460a87330943829fb054acfe3b3ac9d5d1785ff37f17e0060fadf17838a1c77d9464f

Download Submit
/Library/InstallerSandboxes/.PKInstallSandboxManager/EC6337C2-D406-44E2-B945-95EA2E12D1B4.activeSandbox/Root/Applications/Installer.app/Contents/_CodeSignature/.BC.T_gUfInV

Filesize
2KB

MD5
ede0dcbf9ab1e1db3c00543f58d6a411

SHA1
07791da8b46425cf5cdec2a1838537e46d0f1080

SHA256
71b361a232a401ebb8697d9c9d30645d4230d9baf8e1f644328fc42ef64fccc9

SHA512
47276573abb0a2eaff25a87cd8abe2eebc22307e7952df4c24479f49952ecb5025fb2e85fe6f18133a863719204d73a1d9d4e8e1eb0cb062266436548ac9ea90

Download Submit
/Library/InstallerSandboxes/.PKInstallSandboxManager/EC6337C2-D406-44E2-B945-95EA2E12D1B4.sandbox/.dat.nosync01f7.QGqdYR

Filesize
36B

MD5
cd4388f089c09cfe991527126a87945e

SHA1
0427b2ef4c26f59abcffd8f69b06919cf44951f2

SHA256
c488894575b14a6fda3d539c7c878dc0e2d135eacd3646db36dfe7c4c1814c38

SHA512
581f3fc5ad8e292dcf4204a7465c3e58a681413630994131afdb0de50b8118b5a581fa56683a3ecc76d2346ded2c9be7715f01189eefc2dfd61ba4be213989e7

Download Submit
/Library/Receipts/InstallHistory.plist

Filesize
7KB

MD5
10e488ec5875eba0d5af7c303f88ea88

SHA1
531e23c7fb21beae1098e9409c7d996bb3a20232

SHA256
af2b7b0a61a339392deaaa163d1a04896491341e99d4a108d4cbbdcafd5c8eb4

SHA512
bd16b23717f16893116588a12aabb59ee91d9db0f55f5c159d13194ea13127f15f1f89c7a00466e9065e48911508b601de06de5d2a6d6ac21cd2cfdace46097c

Download Submit
/private/var/db/.dat.nosync01f9.nUpHPX

Filesize
372B

MD5
1759fc0756a06f64fb0a04eeb5a15c55

SHA1
f7efd9d46f441cbfab640428f50f99fa4412049c

SHA256
97ecce72e2d582806bb7852ff846dbf7b881112870c9b9ea43f8c31cd16529a8

SHA512
7552d8995140727c6c20cc691735ef5271dbbbb3e2cad295ae500d5acc9e60d0237601f89ab4843dd287a2bc0848a665cb0b6ae2ac002569ec40d59464365180

Download Submit
/private/var/db/receipts/com.example.www.bom

Filesize
35KB

MD5
5e0e3a35209eead35a7c195a81d5953d

SHA1
78325415e59ad2e490db847a2317e4fc58206fcd

SHA256
345900eb08785ba73f46d074bf2c55439f1c74f3e75f4fd759a72af61efd0453

SHA512
2a285e0820d8f8e36f940feef5497bce171b8e7ca0012d7866edceb91aaac00d6ca3dae1a778c68e909771e0cd8e8e4e2392e4ba47f45d3fa4e57bec4b098a51

Download Submit
/private/var/db/receipts/com.example.www.plist

Filesize
250B

MD5
b0dd38ee2391c2bdd33a018138a7e166

SHA1
dc01ce9776c927e10d881dc97499e0a7696f33ea

SHA256
cbf1f724021cb1fc112b8b80e48fde37e8aeee64d98ea08270adfd5c8fa5913c

SHA512
ca7b3f2d19a4b22f22a6699dc35032356e6d2aad5214e90ef27b6cbf116e1eef22a41c2098935d43129b85e6a2d7c57d4d45cf30be3137b2c8443ce7b9ad0eac

Download Submit
/private/var/run/.dat.nosync01f7.bAqfwS

Filesize
3B

MD5
285e19f20beded7d215102b49d5c09a0

SHA1
7110e0d3f236986f20f4297a48a536d8fac5c411

SHA256
7182dd431b5c8833ed3c8a02c8615780df8dca7d83ed4166962b207f45a656b5

SHA512
c4ba27cd87e9bfc2fa237f72cdb54853df16bbbb7502a35e7c9019af301291968409550ac328810020f14f8756988a4ed1f926afb422e5505a8fb74f2652ad3a

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads