Analysis
-
max time kernel
132s -
max time network
152s -
platform
macos_amd64 -
resource
macos-20220504-en -
resource tags
-
submitted
16/05/2023, 19:09
General
-
Target
sample.html
-
Size
235KB
-
MD5
8b4bd55509c4ce59046b8af45b56bb0d
-
SHA1
b6d3109f59a3585929ae1357b60855bffe2e12f0
-
SHA256
c5d9b56ce7faa84dc18e1747c772c6cf592f7ad51f68f1fe25c6863edc41322f
-
SHA512
285f8047320af0eee2d3a95ee7894b6277a7a987fdffabf37d1774904d046f671d65d77f884681f50daba7e1e0130f3fa3063218fab83fd4eb6cec464566374c
-
SSDEEP
3072:NkR6sHLiWxLzUcC6LHLiWxLzUcQRRDD0Qf+smddGugECoSssWk46kSJVtTm/xKYm:OHLiWxLoYHLiWxLo9NmdgbxbYC4Ed
Score
1/10
Malware Config
Signatures
Processes
-
/bin/shsh -c "sudo /bin/zsh -c \"/Users/run/sample.html\""1⤵
-
/bin/bashsh -c "sudo /bin/zsh -c \"/Users/run/sample.html\""1⤵
-
/bin/bashsh -c "sudo /bin/zsh -c \"/Users/run/sample.html\""1⤵
-
/usr/bin/sudosudo /bin/zsh -c /Users/run/sample.html1⤵
-
/usr/bin/sudosudo /bin/zsh -c /Users/run/sample.html1⤵
-
/bin/zsh/bin/zsh -c /Users/run/sample.html2⤵
-
-
/bin/zsh/bin/zsh -c /Users/run/sample.html2⤵
-
-
/Users/run/sample.html/Users/run/sample.html2⤵
-
-
/Users/run/sample.html/Users/run/sample.html2⤵
-
-
/bin/shsh /Users/run/sample.html2⤵
-
-
/bin/shsh /Users/run/sample.html2⤵
-
-
/bin/bashsh /Users/run/sample.html2⤵
-
-
/bin/bashsh /Users/run/sample.html2⤵
-
-
/usr/sbin/spctl/usr/sbin/spctl --status1⤵
-
/usr/sbin/spctl/usr/sbin/spctl --test-devid-status1⤵
-
/usr/bin/syslog/usr/bin/syslog -s -k com.apple.message.domain com.apple.security.assessment.current_state com.apple.message.signature "assessments enabled" com.apple.message.signature2 "devid enabled" Message "Gatekeeper state assessments enabled/devid enabled"1⤵