06bb353dd505b2f35171313758edce42c6b292d8a15e3872d32e5b64669f516e

Resubmissions

16-05-2023 05:49

230516-ghzngaaa8y 1

16-05-2023 05:41

230516-gdlk2sbe95 1

Analysis

max time kernel
150s
max time network
145s
platform
macos_amd64
resource
macos-20220504-en
resource tags

arch:amd64arch:i386image:macos-20220504-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
submitted
16-05-2023 05:49

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Adobe_XD_v50_0_12_ARM-only_sice.dmg
Size

267.2MB
MD5

13141dc775ea81862a4aefdf78fa129d
SHA1

a6466f198f8e134777661cd714be7905fb434a7d
SHA256

06bb353dd505b2f35171313758edce42c6b292d8a15e3872d32e5b64669f516e
SHA512

1f36405c6033aa3233e113dbdbc2d41b20abbb32dc19503b182509a91dd2c9410fcf368d3c83abcc500ed24c469a52fb2e43c41c2b35b773ffe61f54cf71d585
SSDEEP

6291456:C1rsbn3ChtBbxr4zplmtB3Xgzf7pS+ALjR2d+lB4iKOgQZ3LF9037xl2dMecrtnc:PbnShIliBHgzfV7dJ63Lc3jppnc

Score

1^/10

Malware Config

Signatures

/bin/sh
sh -c "sudo /bin/zsh -c \"open /Volumes/Adobe\\ XD\\ v50.0.12\\ ARM-only\\ [sice]/Install\\ SPRK_50.0.12-en_US-macarm64.app\""
1⤵
PID:533

/bin/bash
sh -c "sudo /bin/zsh -c \"open /Volumes/Adobe\\ XD\\ v50.0.12\\ ARM-only\\ [sice]/Install\\ SPRK_50.0.12-en_US-macarm64.app\""
1⤵
PID:533

/bin/bash
sh -c "sudo /bin/zsh -c \"open /Volumes/Adobe\\ XD\\ v50.0.12\\ ARM-only\\ [sice]/Install\\ SPRK_50.0.12-en_US-macarm64.app\""
1⤵
PID:533

/usr/bin/sudo
sudo /bin/zsh -c "open /Volumes/Adobe\\ XD\\ v50.0.12\\ ARM-only\\ [sice]/Install\\ SPRK_50.0.12-en_US-macarm64.app"
1⤵
PID:533

/usr/bin/sudo
sudo /bin/zsh -c "open /Volumes/Adobe\\ XD\\ v50.0.12\\ ARM-only\\ [sice]/Install\\ SPRK_50.0.12-en_US-macarm64.app"
1⤵
PID:533
- /bin/zsh
  /bin/zsh -c "open /Volumes/Adobe\\ XD\\ v50.0.12\\ ARM-only\\ [sice]/Install\\ SPRK_50.0.12-en_US-macarm64.app"
  2⤵
  PID:534
- /bin/zsh
  /bin/zsh -c "open /Volumes/Adobe\\ XD\\ v50.0.12\\ ARM-only\\ [sice]/Install\\ SPRK_50.0.12-en_US-macarm64.app"
  2⤵
  PID:534

/usr/libexec/xpcproxy
xpcproxy com.apple.replayd
1⤵
PID:536

/usr/libexec/xpcproxy
xpcproxy com.apple.ReportMemoryException
1⤵
PID:537

/usr/libexec/ReportMemoryException
/usr/libexec/ReportMemoryException
1⤵
PID:537

/usr/libexec/replayd
/usr/libexec/replayd
1⤵
PID:536

/usr/libexec/xpcproxy
xpcproxy com.apple.installd
1⤵
PID:540

/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
1⤵
PID:540

/usr/libexec/xpcproxy
xpcproxy com.apple.storedownloadd
1⤵
PID:541

/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storedownloadd
/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storedownloadd
1⤵
PID:541

/usr/libexec/xpcproxy
xpcproxy com.apple.system_installd
1⤵
PID:543

/System/Library/PrivateFrameworks/PackageKit.framework/Resources/system_installd
/System/Library/PrivateFrameworks/PackageKit.framework/Resources/system_installd
1⤵
PID:543

/usr/libexec/xpcproxy
xpcproxy com.apple.Safari.CacheDeleteExtension 529
1⤵
PID:546

/Applications/Safari.app/Contents/PlugIns/CacheDeleteExtension.appex/Contents/MacOS/CacheDeleteExtension
/Applications/Safari.app/Contents/PlugIns/CacheDeleteExtension.appex/Contents/MacOS/CacheDeleteExtension
1⤵
PID:546

/usr/bin/sudo
sudo -i
1⤵
PID:567

/usr/bin/sudo
sudo -i
1⤵
PID:567

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/private/var/db/sudo/ts/run

Filesize
80B

MD5
10e073b3cd8b87be89c23483a1b5944b

SHA1
8925788ae1c433d681e9f5f5626391e333413da2

SHA256
6b5822e186b5c5a996d4ed45f08610ef807f4d668e2b05031a3160cfa22aebfa

SHA512
764021ea83e11ded589d3582455c56b4559cd4071acab8eef29fd666bdf944054b1e21ceb561316833965a6f2aac2738db8f7c0958d62684286a161c86be829b

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads