Overview

overview

1

Static

static

1

Payload/Ge...ryJump

macos-10.15-amd64

1

Payload/Ge....dylib

macos-10.15-amd64

1

Payload/Ge...ep.ps1

windows7-x64

1

Payload/Ge...ep.ps1

windows10-2004-x64

1

Analysis

  • max time kernel
    145s
  • max time network
    154s
  • platform
    macos_amd64
  • resource
    macos-20220504-en
  • resource tags

    arch:amd64arch:i386image:macos-20220504-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    11-10-2023 11:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Payload/GeometryJump.app/GeometryJump

  • Size

    8.6MB

  • MD5

    49c49c40a5cc1eb9f4344cdc36110447

  • SHA1

    fb1440d0bdb160a912350368a4460e5fe425f95b

  • SHA256

    8e5c5796ac420de3257c1a65a1519853c41ddc58079f8dd7f193838eeb2b33eb

  • SHA512

    07daf87dc98bfe512f802464b3baafde5bca87768130d18520a85737575c6359aaf8a3698146f74c3525042f8333b2cd52333c2205e56dc7aeceb0882435f17f

  • SSDEEP

    98304:XEZZJdbnUSruB5FAGGFCCN9+VMFmacjr7Whf:XAnUCMHAGGFCCj+8c

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/Payload/GeometryJump.app/GeometryJump\""
    1⤵
      PID:518
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/Payload/GeometryJump.app/GeometryJump\""
      1⤵
        PID:518
      • /bin/bash
        sh -c "sudo /bin/zsh -c \"/Users/run/Payload/GeometryJump.app/GeometryJump\""
        1⤵
          PID:518
        • /usr/bin/sudo
          sudo /bin/zsh -c /Users/run/Payload/GeometryJump.app/GeometryJump
          1⤵
            PID:518
          • /usr/bin/sudo
            sudo /bin/zsh -c /Users/run/Payload/GeometryJump.app/GeometryJump
            1⤵
              PID:518
              • /bin/zsh
                /bin/zsh -c /Users/run/Payload/GeometryJump.app/GeometryJump
                2⤵
                  PID:519
                • /bin/zsh
                  /bin/zsh -c /Users/run/Payload/GeometryJump.app/GeometryJump
                  2⤵
                    PID:519
                  • /Users/run/Payload/GeometryJump.app/GeometryJump
                    /Users/run/Payload/GeometryJump.app/GeometryJump
                    2⤵
                      PID:519
                    • /Users/run/Payload/GeometryJump.app/GeometryJump
                      /Users/run/Payload/GeometryJump.app/GeometryJump
                      2⤵
                        PID:519

                    Network

                    MITRE ATT&CK Matrix

                    Replay Monitor

                    Loading Replay Monitor...

                    Downloads