Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

91bfa2445d...ac.zip

macos-10.15-amd64

1

91bfa2445d...ac.exe

macos-10.15-amd64

1

Analysis

  • max time kernel
    342s
  • max time network
    1801s
  • platform
    macos_amd64
  • resource
    macos-20220504-en
  • resource tags

    arch:amd64arch:i386image:macos-20220504-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    02/04/2023, 13:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    91bfa2445d998425c81f30d293235429ca6a8c6c8f326536478952a2a6754aac.exe

  • Size

    420KB

  • MD5

    1517814c4d44cc632abb52d2d6307f15

  • SHA1

    9ee0404b76fe5bda2692f049bb9fc78e17240708

  • SHA256

    91bfa2445d998425c81f30d293235429ca6a8c6c8f326536478952a2a6754aac

  • SHA512

    34e0804548803b4ece092061dc287078f5853b9d73d7759b403fdc5bbc4141ddad2b146c06edf8dbaa5ce055c62e1106e91df05a7866402f47be6f28acddaf7a

  • SSDEEP

    6144:QjbeiyDBJNEeHfZEW6GH5W288L5ABAYRb+m112Mppeaibjz90645wZUS+:Qu1PzgGH5W28oANn112tLOE+

Score
1/10

Malware Config

Signatures

Processes

  • /usr/sbin/spctl
    /usr/sbin/spctl --status
    1⤵
      PID:491
    • /usr/sbin/spctl
      /usr/sbin/spctl --test-devid-status
      1⤵
        PID:493
      • /usr/bin/syslog
        /usr/bin/syslog -s -k com.apple.message.domain com.apple.security.assessment.current_state com.apple.message.signature "assessments enabled" com.apple.message.signature2 "devid enabled" Message "Gatekeeper state assessments enabled/devid enabled"
        1⤵
          PID:495
        • /bin/sh
          sh -c "sudo /bin/zsh -c \"/Users/run/91bfa2445d998425c81f30d293235429ca6a8c6c8f326536478952a2a6754aac.exe\""
          1⤵
            PID:494
          • /bin/bash
            sh -c "sudo /bin/zsh -c \"/Users/run/91bfa2445d998425c81f30d293235429ca6a8c6c8f326536478952a2a6754aac.exe\""
            1⤵
              PID:494
            • /bin/bash
              sh -c "sudo /bin/zsh -c \"/Users/run/91bfa2445d998425c81f30d293235429ca6a8c6c8f326536478952a2a6754aac.exe\""
              1⤵
                PID:494
              • /usr/bin/sudo
                sudo /bin/zsh -c /Users/run/91bfa2445d998425c81f30d293235429ca6a8c6c8f326536478952a2a6754aac.exe
                1⤵
                  PID:494
                • /usr/bin/sudo
                  sudo /bin/zsh -c /Users/run/91bfa2445d998425c81f30d293235429ca6a8c6c8f326536478952a2a6754aac.exe
                  1⤵
                    PID:494
                    • /bin/zsh
                      /bin/zsh -c /Users/run/91bfa2445d998425c81f30d293235429ca6a8c6c8f326536478952a2a6754aac.exe
                      2⤵
                        PID:511
                      • /bin/zsh
                        /bin/zsh -c /Users/run/91bfa2445d998425c81f30d293235429ca6a8c6c8f326536478952a2a6754aac.exe
                        2⤵
                          PID:511
                        • /Users/run/91bfa2445d998425c81f30d293235429ca6a8c6c8f326536478952a2a6754aac.exe
                          /Users/run/91bfa2445d998425c81f30d293235429ca6a8c6c8f326536478952a2a6754aac.exe
                          2⤵
                            PID:511
                          • /Users/run/91bfa2445d998425c81f30d293235429ca6a8c6c8f326536478952a2a6754aac.exe
                            /Users/run/91bfa2445d998425c81f30d293235429ca6a8c6c8f326536478952a2a6754aac.exe
                            2⤵
                              PID:511
                          • /usr/bin/bzip2
                            /usr/bin/bzip2 -f /var/log/wifi.log.0
                            1⤵
                              PID:521
                            • /usr/libexec/xpcproxy
                              xpcproxy com.apple.spindump
                              1⤵
                                PID:544
                              • /usr/sbin/spindump
                                /usr/sbin/spindump
                                1⤵
                                  PID:544
                                • /usr/libexec/xpcproxy
                                  xpcproxy com.apple.diagnosticd
                                  1⤵
                                    PID:545
                                  • /usr/libexec/diagnosticd
                                    /usr/libexec/diagnosticd
                                    1⤵
                                      PID:545

                                    Network

                                    MITRE ATT&CK Matrix

                                    Replay Monitor

                                    Loading Replay Monitor...

                                    Downloads

                                    • /private/var/log/wifi.log.0.bz2
                                      Filesize

                                      638B

                                      MD5

                                      aa4b96b839b29576a9e5ef9155e0d43c

                                      SHA1

                                      bf3e7495a2adbb4af4678fe3d3bdf49b5a723996

                                      SHA256

                                      85f4b4efe845887ca0e9ad2803b49bc3f91163f1df9b664ebe1d13b6605b3f99

                                      SHA512

                                      2acfede773713bef409ecf8e2910c47cf0b97065fc3f08e79ac3ab4571cb23a75cb81f3ea4200d2ade71e8eb948a452a3202cf90efaf71b95a23bdc43c820bf7

                                      Download Submit

                                    • /private/var/log/wifi.log.0.bz2
                                      Filesize

                                      638B

                                      MD5

                                      aa4b96b839b29576a9e5ef9155e0d43c

                                      SHA1

                                      bf3e7495a2adbb4af4678fe3d3bdf49b5a723996

                                      SHA256

                                      85f4b4efe845887ca0e9ad2803b49bc3f91163f1df9b664ebe1d13b6605b3f99

                                      SHA512

                                      2acfede773713bef409ecf8e2910c47cf0b97065fc3f08e79ac3ab4571cb23a75cb81f3ea4200d2ade71e8eb948a452a3202cf90efaf71b95a23bdc43c820bf7

                                      Download Submit