Overview

overview

1

Static

static

1

malilib-fa....0.jar

macos-10.15-amd64

1

Analysis

  • max time kernel
    20s
  • max time network
    23s
  • platform
    macos_amd64
  • resource
    macos-20220504-en
  • resource tags

    arch:amd64arch:i386image:macos-20220504-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    11/10/2023, 00:47

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    malilib-fabric-1.20.2-0.17.0.jar

  • Size

    728KB

  • MD5

    abccb28f65f0087682d3428cab547bf5

  • SHA1

    2b17cf879d747487d59a72f088dd68cc0e5dc526

  • SHA256

    224ec8a7780248d3d618ae7ecfd59b994a8e1fc9b79bc97211874dad663b0a98

  • SHA512

    900208a65b867e44a0b952f1a1694c0ade5a738d9e39d1bfe281ee137fe7e002e21ad21f88fdd88286c296c71657326e9d0601fd9dfdf3f259e0aba09b6ef44b

  • SSDEEP

    12288:yUD5JIcNbZitsEMt3EFi4SIKr3Xcy3zefQA8pdmJREXGJNnp0ypXRwiDbtOqKJ8u:30OZitsFUFQzh3zCQUnDxRpbt+rTQ19A

Score
1/10

Malware Config

Signatures

Processes

  • /usr/bin/syslog
    /usr/bin/syslog -s -k com.apple.message.domain com.apple.security.assessment.current_state com.apple.message.signature "assessments enabled" com.apple.message.signature2 "devid enabled" Message "Gatekeeper state assessments enabled/devid enabled"
    1⤵
      PID:503
    • /bin/sh
      sh -c "sudo /bin/zsh -c \"/usr/bin/java -jar /Users/run/malilib-fabric-1.20.2-0.17.0.jar\""
      1⤵
        PID:505
      • /bin/bash
        sh -c "sudo /bin/zsh -c \"/usr/bin/java -jar /Users/run/malilib-fabric-1.20.2-0.17.0.jar\""
        1⤵
          PID:505
        • /bin/bash
          sh -c "sudo /bin/zsh -c \"/usr/bin/java -jar /Users/run/malilib-fabric-1.20.2-0.17.0.jar\""
          1⤵
            PID:505
          • /usr/bin/sudo
            sudo /bin/zsh -c "/usr/bin/java -jar /Users/run/malilib-fabric-1.20.2-0.17.0.jar"
            1⤵
              PID:505
            • /usr/bin/sudo
              sudo /bin/zsh -c "/usr/bin/java -jar /Users/run/malilib-fabric-1.20.2-0.17.0.jar"
              1⤵
                PID:505
                • /bin/zsh
                  /bin/zsh -c "/usr/bin/java -jar /Users/run/malilib-fabric-1.20.2-0.17.0.jar"
                  2⤵
                    PID:506
                  • /bin/zsh
                    /bin/zsh -c "/usr/bin/java -jar /Users/run/malilib-fabric-1.20.2-0.17.0.jar"
                    2⤵
                      PID:506
                    • /usr/bin/java
                      /usr/bin/java -jar /Users/run/malilib-fabric-1.20.2-0.17.0.jar
                      2⤵
                        PID:506
                      • /usr/bin/java
                        /usr/bin/java -jar /Users/run/malilib-fabric-1.20.2-0.17.0.jar
                        2⤵
                          PID:506
                      • /usr/libexec/xpcproxy
                        xpcproxy com.apple.java.InstallOnDemand
                        1⤵
                          PID:509
                        • /System/Library/Java/Support/CoreDeploy.bundle/Contents/Download Java Components.app/Contents/MacOS/Download Java Components
                          "/System/Library/Java/Support/CoreDeploy.bundle/Contents/Download Java Components.app/Contents/MacOS/Download Java Components"
                          1⤵
                            PID:509
                          • /usr/bin/bzip2
                            /usr/bin/bzip2 -f /var/log/wifi.log.0
                            1⤵
                              PID:522

                            Network

                                  MITRE ATT&CK Matrix

                                  Replay Monitor

                                  Loading Replay Monitor...

                                  Downloads

                                  • /private/var/log/wifi.log.0.bz2
                                    Filesize

                                    641B

                                    MD5

                                    2a29e0770c4680184478e07c007cd3ab

                                    SHA1

                                    f4e867fa53e88a17c52586d3c8c8b0152f39ca6b

                                    SHA256

                                    fcf2edbd7e7ea5a04c17d5399fe8145f9d5526a5fcddf32b336262c65f3a8ec3

                                    SHA512

                                    7acfc76a0cc93be5a45b7b5121c56f095aa3cca2cd222dee670877bb1d0e7aed6ffcfbad38cd2d133a7191dfd76539c9716ef6ea260dc8092f5c3732459f2a3f

                                    Download Submit

                                  • /private/var/log/wifi.log.0.bz2
                                    Filesize

                                    641B

                                    MD5

                                    2a29e0770c4680184478e07c007cd3ab

                                    SHA1

                                    f4e867fa53e88a17c52586d3c8c8b0152f39ca6b

                                    SHA256

                                    fcf2edbd7e7ea5a04c17d5399fe8145f9d5526a5fcddf32b336262c65f3a8ec3

                                    SHA512

                                    7acfc76a0cc93be5a45b7b5121c56f095aa3cca2cd222dee670877bb1d0e7aed6ffcfbad38cd2d133a7191dfd76539c9716ef6ea260dc8092f5c3732459f2a3f

                                    Download Submit