f06a155a03de5f1f0b535fbb4c762b164ce27f51abb53539d52fb3734546393a

Analysis

max time kernel
753s
max time network
1039s
platform
macos_amd64
resource
macos-20220504-en
resource tags

arch:amd64arch:i386image:macos-20220504-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
submitted
22-04-2023 00:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

R (1).jpg
Size

45KB
MD5

39b82bb4683774a7c6dcb4064143358f
SHA1

75038fc9ee8516a75159804cec3481a293ca73dc
SHA256

f06a155a03de5f1f0b535fbb4c762b164ce27f51abb53539d52fb3734546393a
SHA512

383df651808941a2c524ff27dceb8abcaf3b3ce3c455c3b5b6415dba2dffbfe76bfef84d43370adb0c3d3b296b388ee240e41b1b7c18d6d9d0c447f13b526dfb
SSDEEP

768:M49u78rDR35fJZWgt8q6Vem1viLNC5CCEzVChv+/MwbEXepZydDW6P:M442dpDP8q6Vem13tEzMx+Ew9pZydiO

Score

1^/10

Malware Config

Signatures

/bin/sh
sh -c "sudo /bin/zsh -c \"/Users/run/R (1).jpg\""
1⤵
PID:505

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/R (1).jpg\""
1⤵
PID:505

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/R (1).jpg\""
1⤵
PID:505

/usr/bin/sudo
sudo /bin/zsh -c "/Users/run/R (1).jpg"
1⤵
PID:505

/usr/bin/sudo
sudo /bin/zsh -c "/Users/run/R (1).jpg"
1⤵
PID:505
- /bin/zsh
  /bin/zsh -c "/Users/run/R (1).jpg"
  2⤵
  PID:511
- /bin/zsh
  /bin/zsh -c "/Users/run/R (1).jpg"
  2⤵
  PID:511

/usr/sbin/spctl
/usr/sbin/spctl --test-devid-status
1⤵
PID:512

/usr/bin/syslog
/usr/bin/syslog -s -k com.apple.message.domain com.apple.security.assessment.current_state com.apple.message.signature "assessments enabled" com.apple.message.signature2 "devid enabled" Message "Gatekeeper state assessments enabled/devid enabled"
1⤵
PID:514

/usr/local/bin/youareanidiot
youareanidiot
1⤵
PID:532

/usr/local/bin/youareanidiot
youareanidiot
1⤵
PID:532

/usr/bin/youareanidiot
youareanidiot
1⤵
PID:532

/usr/bin/youareanidiot
youareanidiot
1⤵
PID:532

/bin/youareanidiot
youareanidiot
1⤵
PID:532

/bin/youareanidiot
youareanidiot
1⤵
PID:532

/usr/sbin/youareanidiot
youareanidiot
1⤵
PID:532

/usr/sbin/youareanidiot
youareanidiot
1⤵
PID:532

/sbin/youareanidiot
youareanidiot
1⤵
PID:532

/sbin/youareanidiot
youareanidiot
1⤵
PID:532

/usr/libexec/xpcproxy
xpcproxy com.apple.Safari.2028
1⤵
PID:542

/Applications/Safari.app/Contents/MacOS/Safari
/Applications/Safari.app/Contents/MacOS/Safari
1⤵
PID:542

/usr/libexec/xpcproxy
xpcproxy com.apple.Safari.History
1⤵
PID:543

/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History
/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History
1⤵
PID:543

/usr/libexec/xpcproxy
xpcproxy com.apple.WebKit.WebContent.EE0B5C41-59C9-4796-B8A8-12E52FCE1DAB 542
1⤵
PID:544

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
1⤵
PID:544

/usr/libexec/xpcproxy
xpcproxy com.apple.parsec-fbf
1⤵
PID:548

/usr/libexec/xpcproxy
xpcproxy com.apple.SafariLaunchAgent
1⤵
PID:550

/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent
/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent
1⤵
PID:550

/usr/libexec/xpcproxy
xpcproxy com.apple.WebKit.WebContent.9DB30849-4ECE-492C-A857-277F496A35B5 542
1⤵
PID:551

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
1⤵
PID:551

/System/Library/PrivateFrameworks/CoreParsec.framework/parsec-fbf
/System/Library/PrivateFrameworks/CoreParsec.framework/parsec-fbf
1⤵
PID:548

/usr/libexec/xpcproxy
xpcproxy com.apple.spindump
1⤵
PID:554

/usr/sbin/spindump
/usr/sbin/spindump
1⤵
PID:554

/usr/libexec/xpcproxy
xpcproxy com.apple.diagnosticd
1⤵
PID:555

/usr/libexec/diagnosticd
/usr/libexec/diagnosticd
1⤵
PID:555

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari/mds/mdsDirectory.db

Filesize
47KB

MD5
0e4a0d1ceb2af6f0f8d0167ce77be2d3

SHA1
414ba4c1dc5fc8bf53d550e296fd6f5ad669918c

SHA256
cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030

SHA512
1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari/mds/mdsDirectory.db

Filesize
47KB

MD5
0e4a0d1ceb2af6f0f8d0167ce77be2d3

SHA1
414ba4c1dc5fc8bf53d550e296fd6f5ad669918c

SHA256
cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030

SHA512
1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari/mds/mdsDirectory.db_

Filesize
47KB

MD5
0e4a0d1ceb2af6f0f8d0167ce77be2d3

SHA1
414ba4c1dc5fc8bf53d550e296fd6f5ad669918c

SHA256
cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030

SHA512
1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari/mds/mdsObject.db

Filesize
4KB

MD5
d3a1859e6ec593505cc882e6def48fc8

SHA1
f8e6728e3e9de477a75706faa95cead9ce13cb32

SHA256
3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c

SHA512
ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari/mds/mdsObject.db_

Filesize
4KB

MD5
d3a1859e6ec593505cc882e6def48fc8

SHA1
f8e6728e3e9de477a75706faa95cead9ce13cb32

SHA256
3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c

SHA512
ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/com.apple.Safari/TemporaryItems/(A Document Being Saved By Safari 2)/LastSession.plist

Filesize
1KB

MD5
63181dcb23f0644b4f5a62b4bbf5e1ef

SHA1
c0842cbfb2078c24964db8d49b0e69dfd8d77d7e

SHA256
b9da71218f08e597e15be0440ffdb34a00dac39d15fb3eafc9e39d373d7b6753

SHA512
7de6d79abcfa36bc67244f19c43324456a471075b25386c619ecc3c29a3fc27c6c5a571fa4768434a1e14397cfd7e51a4ceda667fb0761a760c356cb0109002a

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/com.apple.Safari/TemporaryItems/(A Document Being Saved By Safari)/AutoFillQuirks.plist

Filesize
52KB

MD5
66c58114c4d62b5b272454c3a7007747

SHA1
a788e3eba776db4f9d27f50e6c705d2de42c83e0

SHA256
60cc77176e244cb4c21160d65724f08e713893348274a222739234c294bf594b

SHA512
9558dab8733762b379a1da6db745ef3c98bdcc6383b14b7b0667001fbebaee16f678d77cfa8b29665b5a74d12c0788cdea6ab2ba23febc67945e0dcc01454cc5

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/com.apple.Safari/TemporaryItems/(A Document Being Saved By Safari)/CacheSettings.plist

Filesize
75B

MD5
be1622b61c025fd5124b52f166d2bda0

SHA1
09b1695369600fc87fa46b8f1894ada7b1671cd2

SHA256
e0e5f38a3d586bc7208b107a169cac8ff0aa511132ff8c0d143ee3ab5b098eb1

SHA512
1aa42ad9a2465a6d7856d529df0f6ec616a8c7131e51e2f7001a5c01bec47b880b762e9938fc84230887f552ec94b1408b0e1fadf9d887b6266451f733f46928

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/com.apple.Safari/TemporaryItems/(A Document Being Saved By Safari)/CloudHistoryRemoteConfiguration.plist

Filesize
1012B

MD5
0c29425555c7ff0ca114b1fd0dc39c50

SHA1
d7d808e8be92462f4c3ceba66734f0e9bb26acdd

SHA256
52826afeec974bb7bacb85bdc01dc4f23bf917d65e04773d7cad393f7866f3fd

SHA512
d9c8364a85f4b4a96caac1409f32f9d6b2f8ae19201e0abd2d449a3eedadd471e99e44bc92deb5d8fb60287da64a88e61b45f759e7b9a383a9bbe5f5fd242f95

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/com.apple.Safari/TemporaryItems/(A Document Being Saved By Safari)/KnownExtensions.plist

Filesize
2KB

MD5
99707b6e8b1daa434de2a176a458f85c

SHA1
96324f62483dd7ac8683d1850d694bb900eb3419

SHA256
f282d8a52bfdcd208792a47c074e59a1e16d627d53094e11fc73e595aec7ddad

SHA512
e8018018f91a5ce5c418f5c6445dc11a44b40aa6f619958d496b18507b3fe309415bf9ab293e9c7c0b3e4ba109213d0216d39c0304a7bc3cce301db0a729430c

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/com.apple.Safari/TemporaryItems/(A Document Being Saved By Safari)/LastSession.plist

Filesize
1KB

MD5
f1580f592ac730fa7d380af57acea52e

SHA1
4e32f10e87d6337150bbba11533ca5a37ba8f23d

SHA256
13e12de2c00a6fa421e4a75c01572e749516e685ad15e66fc0a3d774ff6108e9

SHA512
e1973a63bfc6e7dcf9a4f435cb36047fb480873e46fb4df3d27f412c45084b3c60bca372727748c76314c60eb430cda9c87f96376a1a6f84c7d465e2b45f535b

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/com.apple.Safari/TemporaryItems/(A Document Being Saved By Safari)/PerSiteZoomPreferences.plist

Filesize
111B

MD5
a52ea796c85c81502845c14bbf6a934c

SHA1
2188e8aa5c6f49df71545ae776286fb50398f2ec

SHA256
f2904d42e87c5b100913976c76e123252c8889996a561b5bff32aaf49e3b4b1d

SHA512
edd17ba654e59d5eeab2534bc93c9a065fbb177ecc490c3554a9c2a2341dc7c9f275cd3567e6e46e10f53caff86fcfe8e9240f431b19e91f9083fd7621ee595d

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/com.apple.Safari/TemporaryItems/(A Document Being Saved By Safari)/Preferences.plist

Filesize
76B

MD5
cdc65b5f112547eafae0f16f9c149426

SHA1
aeaf9908a5b6ff3e2f7b738abf5fe9e79108ba01

SHA256
1c6d085d871a855ce4a3902bab4b9b92631b8ee8f0b7f6536768a2aaf427b45c

SHA512
e8b0e4ce6a760a718a19976d3cfe9063f04fb4bf179947aeca84e94c83f21459fb9dc0ffabea8f633bd2d0ba94fe1e15d8c97e9604fde8bd0dea961eb83bddb7

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/com.apple.Safari/TemporaryItems/(A Document Being Saved By Safari)/RecentlyClosedTabs.plist

Filesize
1KB

MD5
781c0e5e876c067adf5fc857b7ed643c

SHA1
a29a6a1601d122fb80e02cef8e6bcb8513641b26

SHA256
779ddc441349a62e64af2a596e1e3cee9ab8cd84ea7de3c460e197b4e37aa45a

SHA512
31a628c85d6e3b05feb96529f4e6210b9804c8eb32348c88460ddfabbf776f40de9a01edb3702bd42ec2e54acc6c7fd10b3bf152f96e7c20cc31976ec38056c2

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/com.apple.Safari/TemporaryItems/(A Document Being Saved By Safari)/TopSites.plist

Filesize
860B

MD5
d7c1bec0407fb4c28a58a05a335189fa

SHA1
bc8a4db70d3400355d1bf4ad7e7a53a2a8b1acd9

SHA256
cf54265f08432c28696ba6debaf282138c7e982142e341d8890aa22885e947e6

SHA512
5eb55477ede942c9c66a1318e5eea3281b22bc9bbc8e8ad8a3e4d3040b5eb381847ac86a72f81e1105fc056661016db92abff1ac87ead8f89be344f93330203b

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads