Overview

overview

6

Static

static

1

tu-madre-t...od.mp3

windows10-1703-x64

1

tu-madre-t...od.mp3

windows7-x64

1

tu-madre-t...od.mp3

windows10-2004-x64

6

tu-madre-t...od.mp3

android-10-x64

tu-madre-t...od.mp3

android-11-x64

tu-madre-t...od.mp3

android-9-x86

tu-madre-t...od.mp3

macos-10.15-amd64

1

tu-madre-t...od.mp3

debian-9-armhf

tu-madre-t...od.mp3

debian-9-mips

tu-madre-t...od.mp3

debian-9-mipsel

tu-madre-t...od.mp3

ubuntu-18.04-amd64

Analysis

  • max time kernel
    147s
  • max time network
    150s
  • platform
    macos_amd64
  • resource
    macos-20220504-en
  • resource tags

    arch:amd64arch:i386image:macos-20220504-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    06-06-2023 15:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    tu-madre-tiene-una-p-lla-que-ya-la-quisiera-yo-by-voicemod.mp3

  • Size

    303KB

  • MD5

    66851caa5218ecfe658073c888e7a235

  • SHA1

    a60dc679151a7b9db5cc86604a6a7f844f16db2f

  • SHA256

    a5b67d1afaec7548b1113625e4b5c3101c452aa0b295dbcc341722556341fb11

  • SHA512

    8e2dee6d2a110c09203b4b63c3516e554e2b2bc0ccedd1ecf89b93231937befc498e42f81ca6d90f6e46bc237f40cf59280aef598b07a97b66abe3de102a9eb7

  • SSDEEP

    6144:DFe/ep2Ll0GOnp8JXIDiP/FeOK+pfyLvapckLTEav/kIrkhWHjTKnb:DFe2pmjQYIsO+pfiaptEav/kSkhWPUb

Score
1/10

Malware Config

Signatures

Processes

  • /usr/libexec/xpcproxy
    xpcproxy com.apple.DiagnosticReportCleanup.plist
    1⤵
      PID:488
    • /System/Library/CoreServices/loginwindow.app/Contents/Resources/LWWeeklyMessageTracer
      /System/Library/CoreServices/loginwindow.app/Contents/Resources/LWWeeklyMessageTracer
      1⤵
        PID:483
      • /usr/libexec/xpcproxy
        xpcproxy com.apple.appleseed.seedusaged
        1⤵
          PID:489
        • /System/Library/CoreServices/Applications/Feedback Assistant.app/Contents/Library/LaunchServices/seedusaged
          "/System/Library/CoreServices/Applications/Feedback Assistant.app/Contents/Library/LaunchServices/seedusaged"
          1⤵
            PID:489
          • /bin/sh
            sh -c "sudo /bin/zsh -c \"/Users/run/tu-madre-tiene-una-p-lla-que-ya-la-quisiera-yo-by-voicemod.mp3\""
            1⤵
              PID:490
            • /bin/bash
              sh -c "sudo /bin/zsh -c \"/Users/run/tu-madre-tiene-una-p-lla-que-ya-la-quisiera-yo-by-voicemod.mp3\""
              1⤵
                PID:490
              • /bin/bash
                sh -c "sudo /bin/zsh -c \"/Users/run/tu-madre-tiene-una-p-lla-que-ya-la-quisiera-yo-by-voicemod.mp3\""
                1⤵
                  PID:490
                • /usr/bin/sudo
                  sudo /bin/zsh -c /Users/run/tu-madre-tiene-una-p-lla-que-ya-la-quisiera-yo-by-voicemod.mp3
                  1⤵
                    PID:490
                  • /usr/bin/sudo
                    sudo /bin/zsh -c /Users/run/tu-madre-tiene-una-p-lla-que-ya-la-quisiera-yo-by-voicemod.mp3
                    1⤵
                      PID:490
                      • /bin/zsh
                        /bin/zsh -c /Users/run/tu-madre-tiene-una-p-lla-que-ya-la-quisiera-yo-by-voicemod.mp3
                        2⤵
                          PID:497
                        • /bin/zsh
                          /bin/zsh -c /Users/run/tu-madre-tiene-una-p-lla-que-ya-la-quisiera-yo-by-voicemod.mp3
                          2⤵
                            PID:497
                          • /Users/run/tu-madre-tiene-una-p-lla-que-ya-la-quisiera-yo-by-voicemod.mp3
                            /Users/run/tu-madre-tiene-una-p-lla-que-ya-la-quisiera-yo-by-voicemod.mp3
                            2⤵
                              PID:497
                            • /Users/run/tu-madre-tiene-una-p-lla-que-ya-la-quisiera-yo-by-voicemod.mp3
                              /Users/run/tu-madre-tiene-una-p-lla-que-ya-la-quisiera-yo-by-voicemod.mp3
                              2⤵
                                PID:497
                            • /usr/sbin/spctl
                              /usr/sbin/spctl --test-devid-status
                              1⤵
                                PID:493
                              • /usr/bin/syslog
                                /usr/bin/syslog -s -k com.apple.message.domain com.apple.security.assessment.current_state com.apple.message.signature "assessments enabled" com.apple.message.signature2 "devid enabled" Message "Gatekeeper state assessments enabled/devid enabled"
                                1⤵
                                  PID:496
                                • /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Java Updater.app/Contents/MacOS/Java Updater
                                  "/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Java Updater.app/Contents/MacOS/Java Updater" -bgcheck
                                  1⤵
                                    PID:486

                                  Network

                                  MITRE ATT&CK Matrix

                                  Replay Monitor

                                  Loading Replay Monitor...

                                  Downloads