Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

BadWin.zip

macos-10.15-amd64

1

BadWin.xfl

macos-10.15-amd64

1

DOMDocument.xml

macos-10.15-amd64

1

LIBRARY/Symbol 1.xml

macos-10.15-amd64

1

LIBRARY/Symbol 2.xml

macos-10.15-amd64

1

LIBRARY/Symbol 3.xml

macos-10.15-amd64

1

LIBRARY/Symbol 4.xml

macos-10.15-amd64

1

LIBRARY/Symbol 5.xml

macos-10.15-amd64

1

LIBRARY/Symbol 6.xml

macos-10.15-amd64

1

LIBRARY/Symbol 7.xml

macos-10.15-amd64

1

LIBRARY/Symbol 8.xml

macos-10.15-amd64

1

LIBRARY/Symbol 9.xml

macos-10.15-amd64

1

PublishSettings.xml

macos-10.15-amd64

1

bin/SymDepend.cache

macos-10.15-amd64

mimetype

macos-10.15-amd64

1

Analysis

  • max time kernel
    144s
  • max time network
    130s
  • platform
    macos_amd64
  • resource
    macos-20220504-en
  • resource tags

    arch:amd64arch:i386image:macos-20220504-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    15/08/2023, 22:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LIBRARY/Symbol 5.xml

  • Size

    4KB

  • MD5

    116fb4749f6bfdbc63b6fbc73ca0411c

  • SHA1

    60ebe03f0b5cd7e1cd2ab4c13072cc7938bb8566

  • SHA256

    21c6bc096da5a538f96b0f67a3e08a2037608daf8c5d54392a7fec2127ee076d

  • SHA512

    e00f3db3b401214989d13d5769d97777e34401a81ecf2b338021ba7938352caa2d401813a6a3b41636aeb877a2209f8dc009c4b389e8078b8617d9a93256408c

  • SSDEEP

    96:5cIQPwKcRiLXUrbmU/wK7myoyRRyS0ytgytyQyTyUymzymySFyHycybyNdyhyhdg:/TKKiDUH2K7myoyRRyPytgytyQyTyUy8

Score
1/10

Malware Config

Signatures

Processes

  • /usr/sbin/spctl
    /usr/sbin/spctl --status
    1⤵
      PID:488
    • /usr/sbin/spctl
      /usr/sbin/spctl --test-devid-status
      1⤵
        PID:489
      • /usr/bin/syslog
        /usr/bin/syslog -s -k com.apple.message.domain com.apple.security.assessment.current_state com.apple.message.signature "assessments enabled" com.apple.message.signature2 "devid enabled" Message "Gatekeeper state assessments enabled/devid enabled"
        1⤵
          PID:491
        • /bin/sh
          sh -c "sudo /bin/zsh -c \"/Users/run/LIBRARY/Symbol 5.xml\""
          1⤵
            PID:492
          • /bin/bash
            sh -c "sudo /bin/zsh -c \"/Users/run/LIBRARY/Symbol 5.xml\""
            1⤵
              PID:492
            • /bin/bash
              sh -c "sudo /bin/zsh -c \"/Users/run/LIBRARY/Symbol 5.xml\""
              1⤵
                PID:492
              • /usr/bin/sudo
                sudo /bin/zsh -c "/Users/run/LIBRARY/Symbol 5.xml"
                1⤵
                  PID:492
                • /usr/bin/sudo
                  sudo /bin/zsh -c "/Users/run/LIBRARY/Symbol 5.xml"
                  1⤵
                    PID:492
                    • /bin/zsh
                      /bin/zsh -c "/Users/run/LIBRARY/Symbol 5.xml"
                      2⤵
                        PID:510
                      • /bin/zsh
                        /bin/zsh -c "/Users/run/LIBRARY/Symbol 5.xml"
                        2⤵
                          PID:510
                        • /Users/run/LIBRARY/Symbol
                          /Users/run/LIBRARY/Symbol 5.xml
                          2⤵
                            PID:510
                          • /Users/run/LIBRARY/Symbol
                            /Users/run/LIBRARY/Symbol 5.xml
                            2⤵
                              PID:510

                          Network

                          MITRE ATT&CK Matrix

                          Replay Monitor

                          Loading Replay Monitor...

                          Downloads