Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

lovecraft

macos-10.15-amd64

1

Resubmissions

28/05/2023, 21:34 UTC

230528-1e88aage89 1

28/05/2023, 21:27 UTC

230528-1a9m9age85 1

Analysis

  • max time kernel
    100s
  • max time network
    87s
  • platform
    macos_amd64
  • resource
    macos-20220504-en
  • resource tags

    arch:amd64arch:i386image:macos-20220504-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    28/05/2023, 21:34 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    lovecraft

  • Size

    71.4MB

  • MD5

    339d0c1d6bb42d7fa1aece3e378fc8b6

  • SHA1

    8204e2f7002690406f6a71c036424e699843971a

  • SHA256

    953f8bd98d7e326ddf808dbc6272ca79044ec5a4f211e554021291f7e61b5495

  • SHA512

    67ae2038247efd34cc14021b7729fa586c33d2fcff0b083eb7d30a2d52307bb7d2cdbdaa1ad95945f5ce64459c922d246899c1d08744731f8dd7ac7d94be2584

  • SSDEEP

    786432:jDjoMhGfvyRIP0OwlYqqEiVxn1D/PbGYbJN+VAIw:HBGfvyRT/lcVXG

Score
1/10

Malware Config

Signatures

Processes

  • /usr/sbin/spctl
    /usr/sbin/spctl --test-devid-status
    1⤵
      PID:494
    • /bin/sh
      sh -c "sudo /bin/zsh -c \"/Users/run/lovecraft\""
      1⤵
        PID:495
      • /bin/bash
        sh -c "sudo /bin/zsh -c \"/Users/run/lovecraft\""
        1⤵
          PID:495
        • /bin/bash
          sh -c "sudo /bin/zsh -c \"/Users/run/lovecraft\""
          1⤵
            PID:495
          • /usr/bin/sudo
            sudo /bin/zsh -c /Users/run/lovecraft
            1⤵
              PID:495
            • /usr/bin/sudo
              sudo /bin/zsh -c /Users/run/lovecraft
              1⤵
                PID:495
                • /bin/zsh
                  /bin/zsh -c /Users/run/lovecraft
                  2⤵
                    PID:510
                  • /bin/zsh
                    /bin/zsh -c /Users/run/lovecraft
                    2⤵
                      PID:510
                    • /Users/run/lovecraft
                      /Users/run/lovecraft
                      2⤵
                        PID:510
                      • /Users/run/lovecraft
                        /Users/run/lovecraft
                        2⤵
                          PID:510
                      • /usr/bin/syslog
                        /usr/bin/syslog -s -k com.apple.message.domain com.apple.security.assessment.current_state com.apple.message.signature "assessments enabled" com.apple.message.signature2 "devid enabled" Message "Gatekeeper state assessments enabled/devid enabled"
                        1⤵
                          PID:509
                        • ./lovecraft
                          ./lovecraft
                          1⤵
                            PID:524
                          • ./lovecraft
                            ./lovecraft
                            1⤵
                              PID:524

                            Network

                            • flag-us
                              DNS
                              e673.dsce9.akamaiedge.net
                              Remote address:
                              8.8.8.8:53
                              Request
                              e673.dsce9.akamaiedge.net
                              IN A
                              Response
                              e673.dsce9.akamaiedge.net
                              IN A
                              173.223.112.22
                            • flag-us
                              DNS
                              itunes.apple.com
                              Remote address:
                              8.8.8.8:53
                              Request
                              itunes.apple.com
                              IN A
                              Response
                              itunes.apple.com
                              IN CNAME
                              itunes-cdn.itunes-apple.com.akadns.net
                              itunes-cdn.itunes-apple.com.akadns.net
                              IN CNAME
                              itunes.apple.com.edgekey.net
                              itunes.apple.com.edgekey.net
                              IN CNAME
                              e673.dsce9.akamaiedge.net
                              e673.dsce9.akamaiedge.net
                              IN A
                              173.223.112.22
                            • 2.16.118.172:443
                              64 B
                               1
                            • 17.253.79.201:80
                              valid.apple.com
                              104 B
                               52 B
                               2
                              1
                            • 8.8.8.8:53
                              e673.dsce9.akamaiedge.net
                              dns
                              71 B
                               87 B
                               1
                              1

                              DNS Request

                              e673.dsce9.akamaiedge.net

                              DNS Response

                              173.223.112.22

                            • 8.8.8.8:53
                              itunes.apple.com
                              dns
                              62 B
                               205 B
                               1
                              1

                              DNS Request

                              itunes.apple.com

                              DNS Response

                              173.223.112.22

                            MITRE ATT&CK Matrix

                            Replay Monitor

                            Loading Replay Monitor...

                            Downloads

                            We care about your privacy.

                            This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.