Overview

overview

1

Static

static

1

a665cd40ef...36.zip

macos-10.15-amd64

1

Payload/XA...2x.png

macos-10.15-amd64

1

Payload/XA...lt.png

macos-10.15-amd64

1

Payload/XA...2x.png

macos-10.15-amd64

1

Payload/XA....plist

macos-10.15-amd64

1

Payload/XA...kgInfo

macos-10.15-amd64

1

Payload/XA....plist

macos-10.15-amd64

1

Payload/XA...gs.png

macos-10.15-amd64

1

Payload/XA...XAgent

macos-10.15-amd64

1

Payload/XA....xcent

macos-10.15-amd64

1

Payload/XA...es.xml

macos-10.15-amd64

1

Payload/XA...trings

macos-10.15-amd64

1

Payload/XA...-3.nib

macos-10.15-amd64

1

Payload/XA....plist

macos-10.15-amd64

1

Payload/XA...-2.nib

macos-10.15-amd64

1

Analysis

  • max time kernel
    144s
  • max time network
    154s
  • platform
    macos_amd64
  • resource
    macos-20220504-en
  • resource tags

    arch:amd64arch:i386image:macos-20220504-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    17-03-2023 11:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Payload/XAgent.app/Settings.png

  • Size

    10KB

  • MD5

    7ef82239427e594cdbf64b83c6deefd1

  • SHA1

    a7b37fa3b1ed9db74f2d9c6bcfe2901a76a1ea20

  • SHA256

    bcfe4d6733d4a37ab827eff9b9992b5772b9c4875926d07247810de1e38dc0b7

  • SHA512

    10c29ff4dd0c17106c493f482489a95d8e5f4e56dfeedba51e671a3efe5b394169aae31a28f2e48f6410657c5967e9cb21002e739a8a48ccb58d03aeded10ec3

  • SSDEEP

    192:66Vxu1Z142EUcmAOfaE4qH8GgHXmdqqttt+:66Voz1Km0EbHdMWtt+

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/Payload/XAgent.app/Settings.png\""
    1⤵
      PID:505
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/Payload/XAgent.app/Settings.png\""
      1⤵
        PID:505
      • /bin/bash
        sh -c "sudo /bin/zsh -c \"/Users/run/Payload/XAgent.app/Settings.png\""
        1⤵
          PID:505
        • /usr/bin/sudo
          sudo /bin/zsh -c /Users/run/Payload/XAgent.app/Settings.png
          1⤵
            PID:505
          • /usr/bin/sudo
            sudo /bin/zsh -c /Users/run/Payload/XAgent.app/Settings.png
            1⤵
              PID:505
              • /bin/zsh
                /bin/zsh -c /Users/run/Payload/XAgent.app/Settings.png
                2⤵
                  PID:515
                • /bin/zsh
                  /bin/zsh -c /Users/run/Payload/XAgent.app/Settings.png
                  2⤵
                    PID:515
                  • /Users/run/Payload/XAgent.app/Settings.png
                    /Users/run/Payload/XAgent.app/Settings.png
                    2⤵
                      PID:515
                    • /Users/run/Payload/XAgent.app/Settings.png
                      /Users/run/Payload/XAgent.app/Settings.png
                      2⤵
                        PID:515

                    Network

                    MITRE ATT&CK Matrix

                    Replay Monitor

                    Loading Replay Monitor...

                    Downloads