Overview

overview

6

Static

static

6

Payload/Yo...lderis

macos-10.15-amd64

1

Payload/Yo...strate

macos-10.15-amd64

1

Payload/Yo....dylib

macos-10.15-amd64

1

Payload/Yo...ts.pdf

windows7-x64

1

Payload/Yo...ts.pdf

windows10-2004-x64

1

Payload/Yo...elp.js

windows7-x64

1

Payload/Yo...elp.js

windows10-2004-x64

1

Payload/Yo...dge.js

windows7-x64

1

Payload/Yo...dge.js

windows10-2004-x64

1

Payload/Yo...dge.js

windows7-x64

1

Payload/Yo...dge.js

windows10-2004-x64

1

Payload/Yo...mework

macos-10.15-amd64

1

Payload/Yo...ler.js

windows7-x64

1

Payload/Yo...ler.js

windows10-2004-x64

1

Payload/Yo...t.html

windows7-x64

1

Payload/Yo...t.html

windows10-2004-x64

1

Payload/Yo...t.html

windows7-x64

1

Payload/Yo...t.html

windows10-2004-x64

1

Payload/Yo...ser.js

windows7-x64

1

Payload/Yo...ser.js

windows10-2004-x64

1

Payload/Yo...ser.js

windows7-x64

1

Payload/Yo...ser.js

windows10-2004-x64

1

Payload/Yo...ent.js

windows7-x64

1

Payload/Yo...ent.js

windows10-2004-x64

1

Payload/Yo....dylib

macos-10.15-amd64

1

Payload/Yo....dylib

macos-10.15-amd64

1

Payload/Yo....dylib

macos-10.15-amd64

1

Payload/Yo....dylib

macos-10.15-amd64

1

Payload/Yo....dylib

macos-10.15-amd64

1

Payload/Yo....dylib

macos-10.15-amd64

1

Payload/Yo....dylib

macos-10.15-amd64

1

Payload/Yo....dylib

macos-10.15-amd64

1

Analysis

  • max time kernel
    79s
  • max time network
    216s
  • platform
    macos-10.15_amd64
  • resource
    macos-20230831-en
  • resource tags

    arch:amd64arch:i386image:macos-20230831-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    04/10/2023, 01:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Payload/YouTube.app/Frameworks/DontEatMyContent.dylib

  • Size

    83KB

  • MD5

    7f252d10b18b807abb886906683b831f

  • SHA1

    0ba2dd256813b02d9413b18f8fdd1a1baca2f1f3

  • SHA256

    15676bf7451c09c2572eee620050af2567dabe9b0fa52ac4d87e9b2426cf1e08

  • SHA512

    c9756573ad988bfbf1414cd3991e8de21bfbaf8c6bf87f6525208c51af95a4df016fcf1f7bd2df063f13c78effbeec4757ec5af11b1306f6ecdda3047db527aa

  • SSDEEP

    384:LjZIJbEU8gnyp/kRvRQna+oL6bg2AOHfSlT6Um2huSW48dHr5ky8tFg:LjqJKA+/kpCna+06A3Dk48BD8tC

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/Payload/YouTube.app/Frameworks/DontEatMyContent.dylib\""
    1⤵
      PID:548
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/Payload/YouTube.app/Frameworks/DontEatMyContent.dylib\""
      1⤵
        PID:548
      • /bin/bash
        sh -c "sudo /bin/zsh -c \"/Users/run/Payload/YouTube.app/Frameworks/DontEatMyContent.dylib\""
        1⤵
          PID:548
        • /usr/bin/sudo
          sudo /bin/zsh -c /Users/run/Payload/YouTube.app/Frameworks/DontEatMyContent.dylib
          1⤵
            PID:548
          • /usr/bin/sudo
            sudo /bin/zsh -c /Users/run/Payload/YouTube.app/Frameworks/DontEatMyContent.dylib
            1⤵
              PID:548
              • /bin/zsh
                /bin/zsh -c /Users/run/Payload/YouTube.app/Frameworks/DontEatMyContent.dylib
                2⤵
                  PID:550
                • /bin/zsh
                  /bin/zsh -c /Users/run/Payload/YouTube.app/Frameworks/DontEatMyContent.dylib
                  2⤵
                    PID:550
                  • /Users/run/Payload/YouTube.app/Frameworks/DontEatMyContent.dylib
                    /Users/run/Payload/YouTube.app/Frameworks/DontEatMyContent.dylib
                    2⤵
                      PID:550
                    • /Users/run/Payload/YouTube.app/Frameworks/DontEatMyContent.dylib
                      /Users/run/Payload/YouTube.app/Frameworks/DontEatMyContent.dylib
                      2⤵
                        PID:550
                    • /usr/libexec/xpcproxy
                      xpcproxy com.apple.sysmond
                      1⤵
                        PID:552
                      • /usr/libexec/sysmond
                        /usr/libexec/sysmond
                        1⤵
                          PID:552
                        • /usr/libexec/xpcproxy
                          xpcproxy com.apple.audio.systemsoundserverd
                          1⤵
                            PID:559
                          • /usr/sbin/systemsoundserverd
                            /usr/sbin/systemsoundserverd
                            1⤵
                              PID:559
                            • /usr/libexec/xpcproxy
                              xpcproxy com.apple.pbs
                              1⤵
                                PID:560
                              • /System/Library/CoreServices/pbs
                                /System/Library/CoreServices/pbs
                                1⤵
                                  PID:560
                                • /usr/libexec/xpcproxy
                                  xpcproxy com.apple.audio.AudioComponentRegistrar
                                  1⤵
                                    PID:561
                                  • /System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar
                                    /System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar -daemon
                                    1⤵
                                      PID:561

                                    Network

                                    MITRE ATT&CK Matrix

                                    Replay Monitor

                                    Loading Replay Monitor...

                                    Downloads

                                    • /Users/run/Library/Caches/.dat.nosync0230.gZ5aYI
                                      Filesize

                                      12KB

                                      MD5

                                      e02e00602cc119d84075f1a0cfbdffb2

                                      SHA1

                                      ae04100ee9eb73879ca08563b4277225f4868d42

                                      SHA256

                                      7dc665980d11def6e415d8933916701ce185b0e30eab4aaa98e9a164fd3bce70

                                      SHA512

                                      b6ea4937660fdab5c5369ccaa448a8709632966805578aa995603aec285522d6607f4f0d5188bedcc4563bfaf7538027f248bcacdff557f524894afebcd37642

                                      Download Submit