Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

.appodeal2

windows7-x64

3

.appodeal2

windows10-1703-x64

3

.appodeal2

windows10-2004-x64

3

.appodeal2

android-9-x86

.appodeal2

android-10-x64

.appodeal2

android-11-x64

.appodeal2

macos-10.15-amd64

1

Analysis

  • max time kernel
    118s
  • max time network
    151s
  • platform
    macos_amd64
  • resource
    macos-20220504-en
  • resource tags

    arch:amd64arch:i386image:macos-20220504-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    19/04/2023, 14:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    .appodeal2

  • Size

    61B

  • MD5

    48742fdde3c2dc53140013e20cb98005

  • SHA1

    a2b00f933245cee3ea6ea434ebbbe4d284d6c21e

  • SHA256

    66bfc31be4cbd656d62a2bebe38c6ffdf9095eb87e69fe81e797cedcba9d159a

  • SHA512

    03ffdc64ff6c5d7c455d25771f8ab9c70dbd8a60478512775679d1f37d41b1f47927466b4f06f6f9487d2523ba8128f75a6c6780c46946f0e99dc605d0f21436

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/.appodeal2\""
    1⤵
      PID:506
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/.appodeal2\""
      1⤵
        PID:506
      • /bin/bash
        sh -c "sudo /bin/zsh -c \"/Users/run/.appodeal2\""
        1⤵
          PID:506
        • /usr/bin/sudo
          sudo /bin/zsh -c /Users/run/.appodeal2
          1⤵
            PID:506
          • /usr/bin/sudo
            sudo /bin/zsh -c /Users/run/.appodeal2
            1⤵
              PID:506
              • /bin/zsh
                /bin/zsh -c /Users/run/.appodeal2
                2⤵
                  PID:512
                • /bin/zsh
                  /bin/zsh -c /Users/run/.appodeal2
                  2⤵
                    PID:512
                  • /Users/run/.appodeal2
                    /Users/run/.appodeal2
                    2⤵
                      PID:512
                    • /Users/run/.appodeal2
                      /Users/run/.appodeal2
                      2⤵
                        PID:512
                      • /bin/sh
                        sh /Users/run/.appodeal2
                        2⤵
                          PID:512
                        • /bin/sh
                          sh /Users/run/.appodeal2
                          2⤵
                            PID:512
                          • /bin/bash
                            sh /Users/run/.appodeal2
                            2⤵
                              PID:512
                            • /bin/bash
                              sh /Users/run/.appodeal2
                              2⤵
                                PID:512
                            • /usr/sbin/spctl
                              /usr/sbin/spctl --status
                              1⤵
                                PID:505
                              • /usr/sbin/spctl
                                /usr/sbin/spctl --test-devid-status
                                1⤵
                                  PID:514
                                • /usr/bin/syslog
                                  /usr/bin/syslog -s -k com.apple.message.domain com.apple.security.assessment.current_state com.apple.message.signature "assessments enabled" com.apple.message.signature2 "devid enabled" Message "Gatekeeper state assessments enabled/devid enabled"
                                  1⤵
                                    PID:515

                                  Network

                                  MITRE ATT&CK Matrix

                                  Replay Monitor

                                  Loading Replay Monitor...

                                  Downloads