14414ab8e6da0b85e1b96ff8de15d01b34f052a97364b649e5ae5ace559c4dfb

Analysis

max time kernel
142s
max time network
120s
platform
macos_amd64
resource
macos-20220504-en
resource tags

arch:amd64arch:i386image:macos-20220504-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
submitted
30/08/2023, 02:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

anyfix-ios-system-recovery-en-mac.dmg
Size

7.4MB
MD5

d3bf3c98810942731ba26363abd3cda8
SHA1

252cddf3c1d926b01b264f66a554a0b1356f258d
SHA256

14414ab8e6da0b85e1b96ff8de15d01b34f052a97364b649e5ae5ace559c4dfb
SHA512

1c7092dc509de8096fbc7cb37c62e3bfa0bfa74d113548c0bce58944e3b5d7a33169099f0b3ad24c053dee8019a050b4829e53a50a054b442c90fdce2a89b798
SSDEEP

196608:cYYQt1WEyo3gEfodgXPqCJOrfXfLdfTT+VhFOm704epBc:cYYyqowEb7JO7XDdfTT+FOm7P0Bc

Score

1^/10

Malware Config

Signatures

/bin/sh
sh -c "sudo /bin/zsh -c \"open /Volumes/AnyFix\\ Installer/AnyFix\\ -\\ iOS\\ System\\ Recovery\\ Installer.app\""
1⤵
PID:533

/bin/bash
sh -c "sudo /bin/zsh -c \"open /Volumes/AnyFix\\ Installer/AnyFix\\ -\\ iOS\\ System\\ Recovery\\ Installer.app\""
1⤵
PID:533

/bin/bash
sh -c "sudo /bin/zsh -c \"open /Volumes/AnyFix\\ Installer/AnyFix\\ -\\ iOS\\ System\\ Recovery\\ Installer.app\""
1⤵
PID:533

/usr/bin/sudo
sudo /bin/zsh -c "open /Volumes/AnyFix\\ Installer/AnyFix\\ -\\ iOS\\ System\\ Recovery\\ Installer.app"
1⤵
PID:533

/usr/bin/sudo
sudo /bin/zsh -c "open /Volumes/AnyFix\\ Installer/AnyFix\\ -\\ iOS\\ System\\ Recovery\\ Installer.app"
1⤵
PID:533
- /bin/zsh
  /bin/zsh -c "open /Volumes/AnyFix\\ Installer/AnyFix\\ -\\ iOS\\ System\\ Recovery\\ Installer.app"
  2⤵
  PID:534
- /bin/zsh
  /bin/zsh -c "open /Volumes/AnyFix\\ Installer/AnyFix\\ -\\ iOS\\ System\\ Recovery\\ Installer.app"
  2⤵
  PID:534
- /usr/bin/open
  open "/Volumes/AnyFix Installer/AnyFix - iOS System Recovery Installer.app"
  2⤵
  PID:534
- /usr/bin/open
  open "/Volumes/AnyFix Installer/AnyFix - iOS System Recovery Installer.app"
  2⤵
  PID:534

/usr/libexec/xpcproxy
xpcproxy com.iMobie.AnyFix-Installer.2300
1⤵
PID:538

/Volumes/AnyFix Installer/AnyFix - iOS System Recovery Installer.app/Contents/MacOS/AnyFix - iOS System Recovery Installer
"/Volumes/AnyFix Installer/AnyFix - iOS System Recovery Installer.app/Contents/MacOS/AnyFix - iOS System Recovery Installer"
1⤵
PID:538

/usr/libexec/xpcproxy
xpcproxy com.apple.storeuid
1⤵
PID:541

/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storeuid.app/Contents/MacOS/storeuid
/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storeuid.app/Contents/MacOS/storeuid
1⤵
PID:541

/usr/libexec/xpcproxy
xpcproxy com.apple.storedownloadd
1⤵
PID:544

/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storedownloadd
/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storedownloadd
1⤵
PID:544

/usr/libexec/xpcproxy
xpcproxy com.apple.tailspind
1⤵
PID:548

/usr/libexec/tailspind
/usr/libexec/tailspind
1⤵
PID:548

/usr/libexec/xpcproxy
xpcproxy com.apple.installd
1⤵
PID:551

/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
1⤵
PID:551

/usr/libexec/xpcproxy
xpcproxy com.apple.system_installd
1⤵
PID:555

/System/Library/PrivateFrameworks/PackageKit.framework/Resources/system_installd
/System/Library/PrivateFrameworks/PackageKit.framework/Resources/system_installd
1⤵
PID:555

/usr/libexec/xpcproxy
xpcproxy com.apple.Safari.CacheDeleteExtension 526
1⤵
PID:558

/Applications/Safari.app/Contents/PlugIns/CacheDeleteExtension.appex/Contents/MacOS/CacheDeleteExtension
/Applications/Safari.app/Contents/PlugIns/CacheDeleteExtension.appex/Contents/MacOS/CacheDeleteExtension
1⤵
PID:558

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/Users/run/Library/Application Support/Google/FIRApp/.dat.nosync021a.72Qa0A

Filesize
376B

MD5
7e1abf309240583a476d9b8c651cdcb1

SHA1
bccbc9643f0b7409e4257290cfc08a0d8c20c0bd

SHA256
bc48fb449c27f0d1b0a66ae772ddf3a78b4d53705ea8351069b78d34baac9a1a

SHA512
88314b8f82a4578e3eecd7ef942cd0b9b6876dcc4d5f8156457a44d13b25e1add0f644b2df97b9cb1e441b6981b302a57f6adb7fb3c606a63209f746b441fc5d

Download Submit
/Users/run/Library/Application Support/com.iMobie.AnyFix-Installer/AnyFix - iOS System Recovery Installer/tmp/installer.plist

Filesize
500B

MD5
91010de7e56b8dad30a24848734eaec6

SHA1
1875f11c511adc2c2e1f03830b08b6efeb06f0e6

SHA256
c8c047855294e65b1831951005ca9bbdf19c4fa7fef64945722ebaca12a626f0

SHA512
03f36dd56729a919e5ef2cb9d94ace5301837914e7bbc14c041097e2bd18abed11a1b1fba119a2bb6cc19087b8db0cc515a009b2cf4392444702085b1b82a5f1

Download Submit
/Users/run/Library/Application Support/com.iMobie.AnyFix-Installer/AnyFix - iOS System Recovery Installer/tmp/installer.plist

Filesize
500B

MD5
91010de7e56b8dad30a24848734eaec6

SHA1
1875f11c511adc2c2e1f03830b08b6efeb06f0e6

SHA256
c8c047855294e65b1831951005ca9bbdf19c4fa7fef64945722ebaca12a626f0

SHA512
03f36dd56729a919e5ef2cb9d94ace5301837914e7bbc14c041097e2bd18abed11a1b1fba119a2bb6cc19087b8db0cc515a009b2cf4392444702085b1b82a5f1

Download Submit
/Users/run/Library/Application Support/google-heartbeat-storage/.dat.nosync021a.FmeuwF

Filesize
485B

MD5
6c05b38fe4897bff00f9176558c35de2

SHA1
586fe1ddbaa503bd3760a0cb83a2f881a0dc5ffe

SHA256
7a8f84df518e8c803d2778ed21ecef134b425c465207da28f99fd48f10a8311f

SHA512
2467a8a1004fa343e71c789dc070bec475a8e3c566d95ce4baa70e143ab51b65500cc896f5afcffdc431f84366be2bd772cc19464cfb2d0a83a91b4b764a32d6

Download Submit
/Users/run/Library/Caches/google-sdks-events/GDTCORFlatFileStorage/gdt_event_data/1001/.dat.nosync021a.gD317d

Filesize
1KB

MD5
479258bed3d8567bbb33c4450a41c5e7

SHA1
a830320788f80660e31c40434a7462efbce56ba5

SHA256
e1432b4d3238fb1ec059fc2c07d95963d9a5b5772d970393a08e2a41df227bac

SHA512
995faaa0ac65601255ec28683259aa7ff100c077b3ad56c75dc06e3173da24eddfcc59d8474e7e4164d95f190e4139e2495201063cc5a8af00fa2b0f332f1453

Download Submit
/Users/run/Library/Caches/google-sdks-events/GDTCORFlatFileStorage/gdt_event_data/1001/8C11C62CAB184EECA70AFBBEC90C3A86-1-1693991312-137

Filesize
1KB

MD5
479258bed3d8567bbb33c4450a41c5e7

SHA1
a830320788f80660e31c40434a7462efbce56ba5

SHA256
e1432b4d3238fb1ec059fc2c07d95963d9a5b5772d970393a08e2a41df227bac

SHA512
995faaa0ac65601255ec28683259aa7ff100c077b3ad56c75dc06e3173da24eddfcc59d8474e7e4164d95f190e4139e2495201063cc5a8af00fa2b0f332f1453

Download Submit
/Users/run/Library/Caches/google-sdks-events/GDTCORFlatFileStorage/gdt_library_data/.dat.nosync021a.VAYP8N

Filesize
4B

MD5
4352d88a78aa39750bf70cd6f27bcaa5

SHA1
3c585604e87f855973731fea83e21fab9392d2fc

SHA256
67abdd721024f0ff4e0b3f4c2fc13bc5bad42d0b7851d456d88d203d15aaa450

SHA512
edf92e3d4f80fc47d948ea2f17b9bfc742d34e2e785a7a4927f3e261e8bd9d400b648bff2123b8396d24fb28f5869979e08d58b4b5d156e640344a2c0a54675d

Download Submit
/Users/run/Library/Caches/google-sdks-events/GDTCORFlatFileStorage/gdt_library_data/.dat.nosync021a.oyJldr

Filesize
567B

MD5
7e45ca107685b11302e27d4fdf4dd78f

SHA1
c004cc332a82803893d6abb635ae91224f7639f0

SHA256
a9c439eaa88b20b8ee962dccb443a21bfd724d1bebee64fcab9d64755d411a1c

SHA512
c7732db7694ae1998c3362c776106f3d1b4407fddff099d9ad68272bee0531eddcc58df838e54b56fb2bfa3549d6ec62f1c5e21f18fc7bc279ba28e5064d5c27

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/mds/mdsDirectory.db

Filesize
47KB

MD5
0e4a0d1ceb2af6f0f8d0167ce77be2d3

SHA1
414ba4c1dc5fc8bf53d550e296fd6f5ad669918c

SHA256
cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030

SHA512
1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/mds/mdsDirectory.db

Filesize
47KB

MD5
0e4a0d1ceb2af6f0f8d0167ce77be2d3

SHA1
414ba4c1dc5fc8bf53d550e296fd6f5ad669918c

SHA256
cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030

SHA512
1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/mds/mdsDirectory.db_

Filesize
47KB

MD5
0e4a0d1ceb2af6f0f8d0167ce77be2d3

SHA1
414ba4c1dc5fc8bf53d550e296fd6f5ad669918c

SHA256
cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030

SHA512
1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/mds/mdsObject.db

Filesize
4KB

MD5
d3a1859e6ec593505cc882e6def48fc8

SHA1
f8e6728e3e9de477a75706faa95cead9ce13cb32

SHA256
3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c

SHA512
ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/mds/mdsObject.db_

Filesize
4KB

MD5
d3a1859e6ec593505cc882e6def48fc8

SHA1
f8e6728e3e9de477a75706faa95cead9ce13cb32

SHA256
3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c

SHA512
ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/CFNetworkDownload_5GsRwS.tmp

Filesize
632B

MD5
7e4fc8d0da6f48b8429c175cd0b91c06

SHA1
dde7c23b47a390daf62132546a1ba25bd092fac4

SHA256
498c8bd415aea31ffe98c991927426898c457680983a08998750ab167550bda9

SHA512
dbdddbc412b559a5288f6850f333e684ee9326c8ee9b144b663b6aabd503356fdf59d722c6f1641f8e16d2743a19ba0929eec930ed4f20be11e309bb4aa69125

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/CFNetworkDownload_5GsRwS.tmp

Filesize
632B

MD5
7e4fc8d0da6f48b8429c175cd0b91c06

SHA1
dde7c23b47a390daf62132546a1ba25bd092fac4

SHA256
498c8bd415aea31ffe98c991927426898c457680983a08998750ab167550bda9

SHA512
dbdddbc412b559a5288f6850f333e684ee9326c8ee9b144b663b6aabd503356fdf59d722c6f1641f8e16d2743a19ba0929eec930ed4f20be11e309bb4aa69125

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads