71d4b153af014ac81576fb91bb97ef6c4640f0486f98c2e4c9bb15b87fb9df58

Resubmissions

22-10-2023 07:14

231022-h2ryeadh6y 4

22-10-2023 07:10

231022-hzjt1sff76 1

Analysis

max time kernel
149s
max time network
150s
platform
macos_amd64
resource
macos-20220504-en
resource tags

arch:amd64arch:i386image:macos-20220504-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
submitted
22-10-2023 07:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JavaSetup8u391.exe
Size

2.2MB
MD5

029ae246a9b5fd436a1b979e5f4aa54f
SHA1

4ab915f93bc2ea46eda2fcfbf037b956099ada45
SHA256

71d4b153af014ac81576fb91bb97ef6c4640f0486f98c2e4c9bb15b87fb9df58
SHA512

6c3140c1d8dca2be8ad8eb6360318a8cef78e4f31fbee635f0870e0d2bb0f1679948da3b98af1282fe8d586f9f7c3d3a82016f522a1d1447b1e59158146caf31
SSDEEP

49152:XKU/ESvdaU+c0/IVes7kJXBjYOMjUfkptVxOdxiyh:XKU/xvzg/IVeMjUu5C

Score

1^/10

Malware Config

Signatures

/bin/sh
sh -c "sudo /bin/zsh -c \"/Users/run/JavaSetup8u391.exe\""
1⤵
PID:505

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/JavaSetup8u391.exe\""
1⤵
PID:505

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/JavaSetup8u391.exe\""
1⤵
PID:505

/usr/bin/sudo
sudo /bin/zsh -c /Users/run/JavaSetup8u391.exe
1⤵
PID:505

/usr/bin/sudo
sudo /bin/zsh -c /Users/run/JavaSetup8u391.exe
1⤵
PID:505
- /bin/zsh
  /bin/zsh -c /Users/run/JavaSetup8u391.exe
  2⤵
  PID:507
- /bin/zsh
  /bin/zsh -c /Users/run/JavaSetup8u391.exe
  2⤵
  PID:507
- /Users/run/JavaSetup8u391.exe
  /Users/run/JavaSetup8u391.exe
  2⤵
  PID:507
- /Users/run/JavaSetup8u391.exe
  /Users/run/JavaSetup8u391.exe
  2⤵
  PID:507

/usr/libexec/xpcproxy
xpcproxy com.apple.spindump
1⤵
PID:520

/usr/sbin/spindump
/usr/sbin/spindump
1⤵
PID:520

/usr/libexec/xpcproxy
xpcproxy com.apple.tailspind
1⤵
PID:521

/usr/libexec/tailspind
/usr/libexec/tailspind
1⤵
PID:521

/usr/libexec/xpcproxy
xpcproxy com.apple.spindump_agent
1⤵
PID:522

/usr/libexec/spindump_agent
/usr/libexec/spindump_agent
1⤵
PID:522

/usr/libexec/xpcproxy
xpcproxy com.apple.systemprofiler
1⤵
PID:526

/System/Applications/Utilities/System Information.app/Contents/MacOS/System Information
"/System/Applications/Utilities/System Information.app/Contents/MacOS/System Information"
1⤵
PID:526

/usr/libexec/xpcproxy
xpcproxy com.apple.replayd
1⤵
PID:529

/usr/libexec/xpcproxy
xpcproxy com.apple.ReportMemoryException
1⤵
PID:531

/usr/libexec/xpcproxy
xpcproxy com.apple.storedownloadd
1⤵
PID:535

/usr/libexec/ReportMemoryException
/usr/libexec/ReportMemoryException
1⤵
PID:531

/usr/libexec/replayd
/usr/libexec/replayd
1⤵
PID:529

/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storedownloadd
/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storedownloadd
1⤵
PID:535

/usr/libexec/xpcproxy
xpcproxy com.apple.system_installd
1⤵
PID:536

/System/Library/PrivateFrameworks/PackageKit.framework/Resources/system_installd
/System/Library/PrivateFrameworks/PackageKit.framework/Resources/system_installd
1⤵
PID:536

/usr/libexec/xpcproxy
xpcproxy com.apple.installd
1⤵
PID:537

/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd
1⤵
PID:537

/usr/libexec/xpcproxy
xpcproxy com.apple.Safari.CacheDeleteExtension 527
1⤵
PID:538

/Applications/Safari.app/Contents/PlugIns/CacheDeleteExtension.appex/Contents/MacOS/CacheDeleteExtension
/Applications/Safari.app/Contents/PlugIns/CacheDeleteExtension.appex/Contents/MacOS/CacheDeleteExtension
1⤵
PID:538

/usr/libexec/xpcproxy
xpcproxy com.apple.AppStore.1900
1⤵
PID:544

/System/Applications/App Store.app/Contents/MacOS/App Store
"/System/Applications/App Store.app/Contents/MacOS/App Store"
1⤵
PID:544

/usr/libexec/xpcproxy
xpcproxy com.apple.storeuid
1⤵
PID:546

/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storeuid.app/Contents/MacOS/storeuid
/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storeuid.app/Contents/MacOS/storeuid
1⤵
PID:546

/usr/libexec/xpcproxy
xpcproxy com.apple.coremedia.videodecoder 544
1⤵
PID:548

/System/Library/Frameworks/VideoToolbox.framework/Versions/A/XPCServices/VTDecoderXPCService.xpc/Contents/MacOS/VTDecoderXPCService
/System/Library/Frameworks/VideoToolbox.framework/Versions/A/XPCServices/VTDecoderXPCService.xpc/Contents/MacOS/VTDecoderXPCService
1⤵
PID:548

/usr/libexec/xpcproxy
xpcproxy com.apple.ReportMemoryException
1⤵
PID:560

/usr/libexec/ReportMemoryException
/usr/libexec/ReportMemoryException
1⤵
PID:560

/usr/libexec/xpcproxy
xpcproxy com.apple.JarLauncher.2128
1⤵
PID:562

/System/Library/CoreServices/Jar Launcher.app/Contents/MacOS/Jar Launcher
"/System/Library/CoreServices/Jar Launcher.app/Contents/MacOS/Jar Launcher"
1⤵
PID:562
- /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/bin/java
  "/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/bin/java" -jar /Users/run/tmp/hello.jar
  2⤵
  PID:564
- /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/bin/java
  "/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/bin/java" -jar /Users/run/tmp/hello.jar
  2⤵
  PID:564

/usr/libexec/xpcproxy
xpcproxy com.apple.metadata.mdwrite
1⤵
PID:563

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/Users/run/.oracle_jre_usage/613bcfb3a06ef613.timestamp

Filesize
79B

MD5
3efebc4887667fcd702c85f1ec0d26d4

SHA1
4fe7a68677e134083733c3b8c5357eb5e32d4c02

SHA256
ee6bca43387774eeff79d2878047996cb64ed78931d0825dea41ca5f21ba85c7

SHA512
470e2fbef00b5289ab76f7cd8263eb79fa11f3b43019397e506ada1d83eef64961557117d02451da324d8aada326d7277d8b3a48d7e6c7f0e50b7c5ab7e82339

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.appstore/mds/mdsDirectory.db

Filesize
47KB

MD5
0e4a0d1ceb2af6f0f8d0167ce77be2d3

SHA1
414ba4c1dc5fc8bf53d550e296fd6f5ad669918c

SHA256
cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030

SHA512
1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.appstore/mds/mdsDirectory.db

Filesize
47KB

MD5
0e4a0d1ceb2af6f0f8d0167ce77be2d3

SHA1
414ba4c1dc5fc8bf53d550e296fd6f5ad669918c

SHA256
cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030

SHA512
1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.appstore/mds/mdsDirectory.db_

Filesize
47KB

MD5
0e4a0d1ceb2af6f0f8d0167ce77be2d3

SHA1
414ba4c1dc5fc8bf53d550e296fd6f5ad669918c

SHA256
cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030

SHA512
1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.appstore/mds/mdsObject.db

Filesize
4KB

MD5
d3a1859e6ec593505cc882e6def48fc8

SHA1
f8e6728e3e9de477a75706faa95cead9ce13cb32

SHA256
3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c

SHA512
ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.appstore/mds/mdsObject.db_

Filesize
4KB

MD5
d3a1859e6ec593505cc882e6def48fc8

SHA1
f8e6728e3e9de477a75706faa95cead9ce13cb32

SHA256
3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c

SHA512
ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/mds/mdsDirectory.db

Filesize
47KB

MD5
0e4a0d1ceb2af6f0f8d0167ce77be2d3

SHA1
414ba4c1dc5fc8bf53d550e296fd6f5ad669918c

SHA256
cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030

SHA512
1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/mds/mdsDirectory.db

Filesize
47KB

MD5
0e4a0d1ceb2af6f0f8d0167ce77be2d3

SHA1
414ba4c1dc5fc8bf53d550e296fd6f5ad669918c

SHA256
cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030

SHA512
1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/mds/mdsDirectory.db_

Filesize
47KB

MD5
0e4a0d1ceb2af6f0f8d0167ce77be2d3

SHA1
414ba4c1dc5fc8bf53d550e296fd6f5ad669918c

SHA256
cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030

SHA512
1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/mds/mdsObject.db

Filesize
4KB

MD5
d3a1859e6ec593505cc882e6def48fc8

SHA1
f8e6728e3e9de477a75706faa95cead9ce13cb32

SHA256
3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c

SHA512
ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/mds/mdsObject.db_

Filesize
4KB

MD5
d3a1859e6ec593505cc882e6def48fc8

SHA1
f8e6728e3e9de477a75706faa95cead9ce13cb32

SHA256
3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c

SHA512
ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/com.apple.AppStore/TemporaryItems/(A Document Being Saved By App Store)/sap-setup-cert.txt

Filesize
2KB

MD5
fc9f826f89b00b4f7fdce0bc9831370e

SHA1
357b3c8b4e30dd4927c1bba9200f1d0d0b54e3b6

SHA256
4d8deea49240223b7d6ef9d4dbdaacec8a20901f41131d72931860bd2dd0db73

SHA512
715521e288483783d33d3dd81f9768fdd707cbc9d588e3caf0b626fb0b113e06bd01f5d010188a62486cde2c5ca07c3aa3ee4421eb018a89c9ab1648b386f142

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/hsperfdata_run/564

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads