Overview

overview

1

Static

static

1

34d0ea390e...e3.zip

macos-10.15-amd64

1

Info.xml

macos-10.15-amd64

1

Analysis

  • max time kernel
    34s
  • max time network
    34s
  • platform
    macos_amd64
  • resource
    macos-20220504-en
  • resource tags

    arch:amd64arch:i386image:macos-20220504-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    19-06-2023 15:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    34d0ea390efe3db38ae4203c11ceaf0b4fe58de3.zip

  • Size

    205KB

  • MD5

    0786341c62798ac73f41bae0b5950479

  • SHA1

    5c33c1e4df8878dfd6adbe1d212a4a8acc3fc7f1

  • SHA256

    a71a710c08c275276a9492a0a86d5adaf3d63cbf208c11210602bf8328030bbd

  • SHA512

    dae347aa8713d9581e9eb0a1eb88240b8d65e80d71617a6435f549105c0391ac24e4b3d3db39e8bdd0fea02624b5e38fdd3cc27332aa64dd4c8eb4544434e3b7

  • SSDEEP

    3072:fhFAlJBcpEohqP8sjVsJ/Y2M1qdTIc9KAHCA3twUzqcRZdbDwtX8ysjZ7SgEtq1P:fhFF1J/41qdUc5HT4kZdnwGHjUBq1zr

Score
1/10

Malware Config

Signatures

Processes

  • /usr/sbin/spctl
    /usr/sbin/spctl --test-devid-status
    1⤵
      PID:495
    • /usr/bin/syslog
      /usr/bin/syslog -s -k com.apple.message.domain com.apple.security.assessment.current_state com.apple.message.signature "assessments enabled" com.apple.message.signature2 "devid enabled" Message "Gatekeeper state assessments enabled/devid enabled"
      1⤵
        PID:496
      • /bin/sh
        sh -c "sudo /bin/zsh -c \"/Users/run/34d0ea390efe3db38ae4203c11ceaf0b4fe58de3.zip\""
        1⤵
          PID:497
        • /bin/bash
          sh -c "sudo /bin/zsh -c \"/Users/run/34d0ea390efe3db38ae4203c11ceaf0b4fe58de3.zip\""
          1⤵
            PID:497
          • /bin/bash
            sh -c "sudo /bin/zsh -c \"/Users/run/34d0ea390efe3db38ae4203c11ceaf0b4fe58de3.zip\""
            1⤵
              PID:497
            • /usr/bin/sudo
              sudo /bin/zsh -c /Users/run/34d0ea390efe3db38ae4203c11ceaf0b4fe58de3.zip
              1⤵
                PID:497
              • /usr/bin/sudo
                sudo /bin/zsh -c /Users/run/34d0ea390efe3db38ae4203c11ceaf0b4fe58de3.zip
                1⤵
                  PID:497
                  • /bin/zsh
                    /bin/zsh -c /Users/run/34d0ea390efe3db38ae4203c11ceaf0b4fe58de3.zip
                    2⤵
                      PID:499
                    • /bin/zsh
                      /bin/zsh -c /Users/run/34d0ea390efe3db38ae4203c11ceaf0b4fe58de3.zip
                      2⤵
                        PID:499
                      • /Users/run/34d0ea390efe3db38ae4203c11ceaf0b4fe58de3.zip
                        /Users/run/34d0ea390efe3db38ae4203c11ceaf0b4fe58de3.zip
                        2⤵
                          PID:499
                        • /Users/run/34d0ea390efe3db38ae4203c11ceaf0b4fe58de3.zip
                          /Users/run/34d0ea390efe3db38ae4203c11ceaf0b4fe58de3.zip
                          2⤵
                            PID:499

                        Network

                        MITRE ATT&CK Matrix

                        Replay Monitor

                        Loading Replay Monitor...

                        Downloads