Analysis
-
max time kernel
88s -
max time network
150s -
platform
macos-10.15_amd64 -
resource
macos-20230831-en -
resource tags
arch:amd64arch:i386image:macos-20230831-enkernel:19b77alocale:en-usos:macos-10.15-amd64system -
submitted
14/09/2023, 14:51
Static task
static1
Behavioral task
behavioral1
Sample
AutoClicker.zip
Resource
macos-20230831-en
General
-
Target
AutoClicker.zip
-
Size
685KB
-
MD5
56f475fefc4cc320b2ab0c73b349c254
-
SHA1
9929bdc606be5f937c0484209807716d6a437916
-
SHA256
68efbec2ffafa8f09cd7fc2481245ab5b483d4d23194095fda0bff2e781d06fa
-
SHA512
04054df9f7e63cf60f8cc24689966fc21cedf5c8ad55469485b7c79dbc59e5ea0c29bb03ef87da81543965a7e1ae6ca3366dc6cf54592360cb5401542fbea679
-
SSDEEP
12288:H5GZNeXZIZiyfZxMFFXvewYqhzY+3ZwDGBdyGFmiaoJM+8:HYHKZ6RxMFFX2wYqhzY++DGBkPoS+8
Malware Config
Signatures
Processes
-
/usr/libexec/xpcproxyxpcproxy com.apple.pluginkit.pkd1⤵PID:527
-
/usr/libexec/pkd/usr/libexec/pkd1⤵PID:527
-
/usr/sbin/spctl/usr/sbin/spctl --test-devid-status1⤵PID:526
-
/bin/shsh -c "sudo /bin/zsh -c \"/Users/run/AutoClicker.zip\""1⤵PID:529
-
/usr/bin/syslog/usr/bin/syslog -s -k com.apple.message.domain com.apple.security.assessment.current_state com.apple.message.signature "assessments enabled" com.apple.message.signature2 "devid enabled" Message "Gatekeeper state assessments enabled/devid enabled"1⤵PID:528
-
/bin/bashsh -c "sudo /bin/zsh -c \"/Users/run/AutoClicker.zip\""1⤵PID:529
-
/bin/bashsh -c "sudo /bin/zsh -c \"/Users/run/AutoClicker.zip\""1⤵PID:529
-
/usr/bin/sudosudo /bin/zsh -c /Users/run/AutoClicker.zip1⤵PID:529
-
/usr/bin/sudosudo /bin/zsh -c /Users/run/AutoClicker.zip1⤵PID:529
-
/bin/zsh/bin/zsh -c /Users/run/AutoClicker.zip2⤵PID:536
-
-
/bin/zsh/bin/zsh -c /Users/run/AutoClicker.zip2⤵PID:536
-
-
/Users/run/AutoClicker.zip/Users/run/AutoClicker.zip2⤵PID:536
-
-
/Users/run/AutoClicker.zip/Users/run/AutoClicker.zip2⤵PID:536
-
-
/usr/libexec/xpcproxyxpcproxy com.apple.secinitd1⤵PID:546
-
/usr/libexec/secinitd/usr/libexec/secinitd1⤵PID:546
-
/usr/libexec/xpcproxyxpcproxy com.apple.sysmond1⤵PID:547
-
/usr/libexec/sysmond/usr/libexec/sysmond1⤵PID:547
-
/usr/libexec/xpcproxyxpcproxy com.apple.audio.systemsoundserverd1⤵PID:548
-
/usr/sbin/systemsoundserverd/usr/sbin/systemsoundserverd1⤵PID:548
-
/usr/libexec/xpcproxyxpcproxy com.apple.pbs1⤵PID:549
-
/System/Library/CoreServices/pbs/System/Library/CoreServices/pbs1⤵PID:549
-
/usr/libexec/xpcproxyxpcproxy com.apple.audio.AudioComponentRegistrar1⤵PID:550
-
/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar -daemon1⤵PID:550
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
12KB
MD5de3787d34ec985bdee0725716d9c3392
SHA15f0e1086d9b9071b68f8832ff5c8cd177f994421
SHA2561ddc242ba2d509fb3541094f3d9ae9fadcf31c0358286d34b520bd16ba85a2ec
SHA51270f470147ae527e1c619794103c8eb175ec0a1ecc9083a9640e460bd6b78a0b5878adf8c18fe3dced934f6a527082907ed3cc52be1bbeb039641cc80af204bf6
-
Filesize
47KB
MD50e4a0d1ceb2af6f0f8d0167ce77be2d3
SHA1414ba4c1dc5fc8bf53d550e296fd6f5ad669918c
SHA256cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030
SHA5121dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20
-
Filesize
47KB
MD50e4a0d1ceb2af6f0f8d0167ce77be2d3
SHA1414ba4c1dc5fc8bf53d550e296fd6f5ad669918c
SHA256cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030
SHA5121dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20
-
Filesize
47KB
MD50e4a0d1ceb2af6f0f8d0167ce77be2d3
SHA1414ba4c1dc5fc8bf53d550e296fd6f5ad669918c
SHA256cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030
SHA5121dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20
-
Filesize
4KB
MD5d3a1859e6ec593505cc882e6def48fc8
SHA1f8e6728e3e9de477a75706faa95cead9ce13cb32
SHA2563ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c
SHA512ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818
-
Filesize
4KB
MD5d3a1859e6ec593505cc882e6def48fc8
SHA1f8e6728e3e9de477a75706faa95cead9ce13cb32
SHA2563ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c
SHA512ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818