Overview

overview

7

Static

static

3

BazzISM_Mac_2.5.3.zip

macos-10.15-amd64

1

R2R/ISM_KeyGen.exe

windows7-x64

7

R2R/ISM_KeyGen.exe

windows10-2004-x64

7

Resubmissions

22/10/2023, 21:32

231022-1dvy9scg9s 7

22/10/2023, 21:29

231022-1b69hscg8v 7

Analysis

  • max time kernel
    74s
  • max time network
    80s
  • platform
    macos_amd64
  • resource
    macos-20220504-en
  • resource tags

    arch:amd64arch:i386image:macos-20220504-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    22/10/2023, 21:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    BazzISM_Mac_2.5.3.zip

  • Size

    6.8MB

  • MD5

    5599772fc41f4502119e8ab063c83d55

  • SHA1

    de2afda9f284d3f272598c0bb715f38405448b30

  • SHA256

    88bf48e48ce3c550a8cab0109d64cda5243edf99ee0214800417ebd191a9e750

  • SHA512

    c1c08b05427f2c34a97a60392b8226bcde9e90062f67412ae73faf2d7a79a39eb5164f4fd769f82cc4c5c059abbc9476728421e7acec5d06106003478f3eb262

  • SSDEEP

    196608:6/3mq5ucvgsbTNuu+oN1HnUQbf0bUoZnxQnkHi/k+71mN:6/Wq5ZvgsXM+N7D0PZxYr/kGYN

Score
1/10

Malware Config

Signatures

Processes

  • /usr/sbin/spctl
    /usr/sbin/spctl --test-devid-status
    1⤵
      PID:489
    • /usr/bin/syslog
      /usr/bin/syslog -s -k com.apple.message.domain com.apple.security.assessment.current_state com.apple.message.signature "assessments enabled" com.apple.message.signature2 "devid enabled" Message "Gatekeeper state assessments enabled/devid enabled"
      1⤵
        PID:490
      • /bin/sh
        sh -c "sudo /bin/zsh -c \"/Users/run/BazzISM_Mac_2.5.3.zip\""
        1⤵
          PID:492
        • /bin/bash
          sh -c "sudo /bin/zsh -c \"/Users/run/BazzISM_Mac_2.5.3.zip\""
          1⤵
            PID:492
          • /bin/bash
            sh -c "sudo /bin/zsh -c \"/Users/run/BazzISM_Mac_2.5.3.zip\""
            1⤵
              PID:492
            • /usr/bin/sudo
              sudo /bin/zsh -c /Users/run/BazzISM_Mac_2.5.3.zip
              1⤵
                PID:492
              • /usr/bin/sudo
                sudo /bin/zsh -c /Users/run/BazzISM_Mac_2.5.3.zip
                1⤵
                  PID:492
                  • /bin/zsh
                    /bin/zsh -c /Users/run/BazzISM_Mac_2.5.3.zip
                    2⤵
                      PID:504
                    • /bin/zsh
                      /bin/zsh -c /Users/run/BazzISM_Mac_2.5.3.zip
                      2⤵
                        PID:504
                      • /Users/run/BazzISM_Mac_2.5.3.zip
                        /Users/run/BazzISM_Mac_2.5.3.zip
                        2⤵
                          PID:504
                        • /Users/run/BazzISM_Mac_2.5.3.zip
                          /Users/run/BazzISM_Mac_2.5.3.zip
                          2⤵
                            PID:504

                        Network

                        MITRE ATT&CK Matrix

                        Replay Monitor

                        Loading Replay Monitor...

                        Downloads