Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

Beefeater.zip

macos-10.15-amd64

1

Beefeater/...Update

macos-10.15-amd64

1

Beefeater/...hO.txt

macos-10.15-amd64

1

Analysis

  • max time kernel
    147s
  • max time network
    153s
  • platform
    macos_amd64
  • resource
    macos-20220504-en
  • resource tags

    arch:amd64arch:i386image:macos-20220504-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    07/11/2023, 19:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Beefeater/GoogleSoftwareUpdate

  • Size

    2.7MB

  • MD5

    2462bab0fdd54fd2a2b8483297004e30

  • SHA1

    bb9643b443541320142e4049bf2e14810f442626

  • SHA256

    081804b491c70bfa63ecdbe9fd4618d3570706ad8b71dba13e234069648e5e48

  • SHA512

    4252c23090c89ab7bcf04f9f0dbe2572b86ff0eddef6155ec4da5f995fd3bb025d720f413141532eff750ae1d74d10acc078e87afbbec492c8d01ba2e202d14c

  • SSDEEP

    49152:208riA8OYGJGPoXvZXJoYccnNtIU6i1ZRulMxk/dNgt9szluRBYPRNiP8FX8Obiv:n9QXx5oYHE+7EMS/gtZBizFMN+WH

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/Beefeater/GoogleSoftwareUpdate\""
    1⤵
      PID:505
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/Beefeater/GoogleSoftwareUpdate\""
      1⤵
        PID:505
      • /bin/bash
        sh -c "sudo /bin/zsh -c \"/Users/run/Beefeater/GoogleSoftwareUpdate\""
        1⤵
          PID:505
        • /usr/bin/sudo
          sudo /bin/zsh -c /Users/run/Beefeater/GoogleSoftwareUpdate
          1⤵
            PID:505
          • /usr/bin/sudo
            sudo /bin/zsh -c /Users/run/Beefeater/GoogleSoftwareUpdate
            1⤵
              PID:505
              • /bin/zsh
                /bin/zsh -c /Users/run/Beefeater/GoogleSoftwareUpdate
                2⤵
                  PID:512
                • /bin/zsh
                  /bin/zsh -c /Users/run/Beefeater/GoogleSoftwareUpdate
                  2⤵
                    PID:512
                  • /Users/run/Beefeater/GoogleSoftwareUpdate
                    /Users/run/Beefeater/GoogleSoftwareUpdate
                    2⤵
                      PID:512
                    • /Users/run/Beefeater/GoogleSoftwareUpdate
                      /Users/run/Beefeater/GoogleSoftwareUpdate
                      2⤵
                        PID:512
                    • /usr/sbin/spctl
                      /usr/sbin/spctl --status
                      1⤵
                        PID:506
                      • /usr/sbin/spctl
                        /usr/sbin/spctl --test-devid-status
                        1⤵
                          PID:513
                        • /usr/bin/syslog
                          /usr/bin/syslog -s -k com.apple.message.domain com.apple.security.assessment.current_state com.apple.message.signature "assessments enabled" com.apple.message.signature2 "devid enabled" Message "Gatekeeper state assessments enabled/devid enabled"
                          1⤵
                            PID:516

                          Network

                          MITRE ATT&CK Matrix

                          Replay Monitor

                          Loading Replay Monitor...

                          Downloads