Overview

overview

1

Static

static

1

Payload/Ge...ryJump

macos-10.15-amd64

1

Payload/Ge....dylib

macos-10.15-amd64

1

Payload/Ge...ep.ps1

windows7-x64

1

Payload/Ge...ep.ps1

windows10-2004-x64

1

Analysis

  • max time kernel
    142s
  • max time network
    153s
  • platform
    macos_amd64
  • resource
    macos-20220504-en
  • resource tags

    arch:amd64arch:i386image:macos-20220504-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    11-10-2023 11:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Payload/GeometryJump.app/hook.dylib

  • Size

    1.3MB

  • MD5

    8ad42d667c749b23a7a5694914071ff1

  • SHA1

    5a94f73de3a956f0736ff4a4ac055720489110f5

  • SHA256

    619d93b2e68aaf0f76663d1dc5bb9cd86bef8ff553ef8821d3372617d38ede92

  • SHA512

    706419c10a85df9f73c4439b3c52d2fda2a74cef577a14257c65fae8f21d6146d1ec719d7e3b694f04c4bb3b3eb5ae6e9f2156d92d9bbc70dbfc8309d03842c3

  • SSDEEP

    24576:OFTmSHFXZc8S7tdRKmHsule8LD0xtdNGp/gSLch2:OJHFpOd+ge80xtdNGp/7Lch2

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/Payload/GeometryJump.app/hook.dylib\""
    1⤵
      PID:515
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/Payload/GeometryJump.app/hook.dylib\""
      1⤵
        PID:515
      • /bin/bash
        sh -c "sudo /bin/zsh -c \"/Users/run/Payload/GeometryJump.app/hook.dylib\""
        1⤵
          PID:515
        • /usr/bin/sudo
          sudo /bin/zsh -c /Users/run/Payload/GeometryJump.app/hook.dylib
          1⤵
            PID:515
          • /usr/bin/sudo
            sudo /bin/zsh -c /Users/run/Payload/GeometryJump.app/hook.dylib
            1⤵
              PID:515
              • /bin/zsh
                /bin/zsh -c /Users/run/Payload/GeometryJump.app/hook.dylib
                2⤵
                  PID:516
                • /bin/zsh
                  /bin/zsh -c /Users/run/Payload/GeometryJump.app/hook.dylib
                  2⤵
                    PID:516
                  • /Users/run/Payload/GeometryJump.app/hook.dylib
                    /Users/run/Payload/GeometryJump.app/hook.dylib
                    2⤵
                      PID:516
                    • /Users/run/Payload/GeometryJump.app/hook.dylib
                      /Users/run/Payload/GeometryJump.app/hook.dylib
                      2⤵
                        PID:516

                    Network

                    MITRE ATT&CK Matrix

                    Replay Monitor

                    Loading Replay Monitor...

                    Downloads