5abf121b7f1ac178154bd966aab93d51697c6b7e7f5b23bf86945c2fdd81d3db | Triage

Submit
Reports

Overview

overview

1

Static

static

1

TL_mcl.dmg

macos-10.15-amd64

1

Analysis

max time kernel
149s
max time network
135s
platform
macos_amd64
resource
macos-20220504-en
resource tags

arch:amd64arch:i386image:macos-20220504-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
submitted
19-03-2023 01:59

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

TL_mcl.dmg

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Report Analysis Logs

General

Target

TL_mcl.dmg
Size

84.6MB
MD5

bf196ee9798908ac206b029b4a66c0d0
SHA1

346eabda54ddbf603b67e6a4d5a5be0c601d82a6
SHA256

5abf121b7f1ac178154bd966aab93d51697c6b7e7f5b23bf86945c2fdd81d3db
SHA512

da166794d2a338b8e62f4fb7b5f770bd605494c55173a6dfdefd341a3d2b76ad4ed899c6f96018e69d5d9d6b368cdbe2573d8e1ee6738174f35b5bd3f94374a8
SSDEEP

1572864:f205yDEgRFEi1wGg/NjpU5MnpWpZinQaE9Vzz+yi6bDz:u05yDEgw0d2NjpUenpoQn1E9typ6fz

Score

1^/10

Malware Config

Signatures

Processes

/bin/sh
sh -c "sudo /bin/zsh -c \"open /Volumes/TL\\ for\\ Mc-launcher.com/TL\\ for\\ Mc-launcher.com.app\""
1⤵
PID:527

/bin/bash
sh -c "sudo /bin/zsh -c \"open /Volumes/TL\\ for\\ Mc-launcher.com/TL\\ for\\ Mc-launcher.com.app\""
1⤵
PID:527

/bin/bash
sh -c "sudo /bin/zsh -c \"open /Volumes/TL\\ for\\ Mc-launcher.com/TL\\ for\\ Mc-launcher.com.app\""
1⤵
PID:527

/usr/bin/sudo
sudo /bin/zsh -c "open /Volumes/TL\\ for\\ Mc-launcher.com/TL\\ for\\ Mc-launcher.com.app"
1⤵
PID:527

/usr/bin/sudo
sudo /bin/zsh -c "open /Volumes/TL\\ for\\ Mc-launcher.com/TL\\ for\\ Mc-launcher.com.app"
1⤵
PID:527

/bin/zsh
/bin/zsh -c "open /Volumes/TL\\ for\\ Mc-launcher.com/TL\\ for\\ Mc-launcher.com.app"
2⤵
PID:528

/bin/zsh
/bin/zsh -c "open /Volumes/TL\\ for\\ Mc-launcher.com/TL\\ for\\ Mc-launcher.com.app"
2⤵
PID:528

/usr/bin/open
open "/Volumes/TL for Mc-launcher.com/TL for Mc-launcher.com.app"
2⤵
PID:528

/usr/bin/open
open "/Volumes/TL for Mc-launcher.com/TL for Mc-launcher.com.app"
2⤵
PID:528

/usr/libexec/xpcproxy
xpcproxy ru.turikhay.tlauncher.mcl.2300
1⤵
PID:531

/Volumes/TL for Mc-launcher.com/TL for Mc-launcher.com.app/Contents/MacOS/TL
"/Volumes/TL for Mc-launcher.com/TL for Mc-launcher.com.app/Contents/MacOS/TL"
1⤵
PID:531

/usr/libexec/xpcproxy
xpcproxy com.apple.tailspind
1⤵
PID:539

/usr/libexec/tailspind
/usr/libexec/tailspind
1⤵
PID:539

/usr/libexec/xpcproxy
xpcproxy com.apple.spindump
1⤵
PID:542

/usr/sbin/spindump
/usr/sbin/spindump
1⤵
PID:542

/usr/libexec/xpcproxy
xpcproxy com.apple.spindump_agent
1⤵
PID:543

/usr/libexec/spindump_agent
/usr/libexec/spindump_agent
1⤵
PID:543

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/hsperfdata_run/531
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit

© 2018-2024

Terms | Privacy