Overview

overview

1

Static

static

1

iMazing2forMac.dmg

macos-10.15-amd64

1

iMazing 2....Server

macos-10.15-amd64

1

iMazing 2.....dylib

macos-10.15-amd64

1

iMazing 2.....dylib

macos-10.15-amd64

1

iMazing 2.....dylib

macos-10.15-amd64

1

iMazing 2.....dylib

macos-10.15-amd64

1

iMazing 2.....dylib

macos-10.15-amd64

1

iMazing 2.....dylib

macos-10.15-amd64

1

iMazing 2.....dylib

macos-10.15-amd64

1

iMazing 2.....dylib

macos-10.15-amd64

1

iMazing 2.....dylib

macos-10.15-amd64

1

iMazing 2.....dylib

macos-10.15-amd64

1

iMazing 2.....dylib

macos-10.15-amd64

1

iMazing 2.....dylib

macos-10.15-amd64

1

iMazing 2.....dylib

macos-10.15-amd64

1

iMazing 2.....dylib

macos-10.15-amd64

1

iMazing 2.....dylib

macos-10.15-amd64

1

iMazing 2....estore

macos-10.15-amd64

1

iMazing 2....Mazing

macos-10.15-amd64

1

iMazing 2.....dylib

macos-10.15-amd64

1

iMazing 2.....dylib

macos-10.15-amd64

1

iMazing 2.....dylib

macos-10.15-amd64

1

iMazing 2....g Mini

macos-10.15-amd64

1

iMazing 2....uncher

macos-10.15-amd64

1

iMazing 2....ts.rtf

macos-10.15-amd64

1

iMazing 2....loader

macos-10.15-amd64

1

iMazing 2....ection

macos-10.15-amd64

1

iMazing 2....roject

macos-10.15-amd64

1

iMazing 2....roject

macos-10.15-amd64

1

iMazing 2....uncher

macos-10.15-amd64

1

iMazing 2....status

macos-10.15-amd64

1

iMazing 2....uncher

macos-10.15-amd64

1

Analysis

  • max time kernel
    111s
  • max time network
    308s
  • platform
    macos-10.15_amd64
  • resource
    macos-20230831-en
  • resource tags

    arch:amd64arch:i386image:macos-20230831-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    18-11-2023 15:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    iMazing2forMac.dmg

  • Size

    249.6MB

  • MD5

    0d68a158cc9d93e5207947885ec9eada

  • SHA1

    6521c91636e92de29c70e4a5d6501e6d643d949b

  • SHA256

    51d30ae41d6d9c4921e882af6f2efff540b29c2c58bde1ac3aa7a8802100ab8e

  • SHA512

    855b7ecfbec2561ed84c5a6b108c89758c00f98433bfba56095655a67023cfbb0ed48470103f353fa02e11fcc0f30b6611930caf62a9b4dd8996821e0b5eb30e

  • SSDEEP

    6291456:a83r/u9Z+VAOInM/sNJ6lB+8LVGiYTeuJ5mZBX9g91jpALldK:9m9nMqaB/LVuThJ5mZBX9gvp2

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"open /Volumes/iMazing\\ 2.17.14/iMazing.app\""
    1⤵
      PID:735
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"open /Volumes/iMazing\\ 2.17.14/iMazing.app\""
      1⤵
        PID:735
      • /bin/bash
        sh -c "sudo /bin/zsh -c \"open /Volumes/iMazing\\ 2.17.14/iMazing.app\""
        1⤵
          PID:735
        • /usr/bin/sudo
          sudo /bin/zsh -c "open /Volumes/iMazing\\ 2.17.14/iMazing.app"
          1⤵
            PID:735
          • /usr/bin/sudo
            sudo /bin/zsh -c "open /Volumes/iMazing\\ 2.17.14/iMazing.app"
            1⤵
              PID:735
              • /bin/zsh
                /bin/zsh -c "open /Volumes/iMazing\\ 2.17.14/iMazing.app"
                2⤵
                  PID:736
                • /bin/zsh
                  /bin/zsh -c "open /Volumes/iMazing\\ 2.17.14/iMazing.app"
                  2⤵
                    PID:736
                  • /usr/bin/open
                    open "/Volumes/iMazing 2.17.14/iMazing.app"
                    2⤵
                      PID:736
                    • /usr/bin/open
                      open "/Volumes/iMazing 2.17.14/iMazing.app"
                      2⤵
                        PID:736
                    • /usr/libexec/xpcproxy
                      xpcproxy com.DigiDNA.iMazing2Mac.2312
                      1⤵
                        PID:737
                      • /Volumes/iMazing 2.17.14/iMazing.app/Contents/MacOS/iMazing
                        "/Volumes/iMazing 2.17.14/iMazing.app/Contents/MacOS/iMazing"
                        1⤵
                          PID:737
                        • /usr/libexec/xpcproxy
                          xpcproxy com.apple.StreamingUnzipService 190
                          1⤵
                            PID:738
                          • /sbin/mount_msdos
                            /sbin/mount_msdos -o perm -o nobrowse /dev/disk1s1 /Volumes/firmwaresyncd.uqw6uF
                            1⤵
                              PID:740
                            • /sbin/kextload
                              /sbin/kextload /System/Library/Extensions/msdosfs.kext
                              1⤵
                                PID:741
                              • /System/Library/PrivateFrameworks/StreamingZip.framework/Versions/A/XPCServices/com.apple.StreamingUnzipService.xpc/Contents/MacOS/com.apple.StreamingUnzipService
                                /System/Library/PrivateFrameworks/StreamingZip.framework/Versions/A/XPCServices/com.apple.StreamingUnzipService.xpc/Contents/MacOS/com.apple.StreamingUnzipService
                                1⤵
                                  PID:738

                                Network

                                MITRE ATT&CK Matrix

                                Replay Monitor

                                Loading Replay Monitor...

                                Downloads

                                • /private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/mds/mdsDirectory.db
                                  Filesize

                                  47KB

                                  MD5

                                  0e4a0d1ceb2af6f0f8d0167ce77be2d3

                                  SHA1

                                  414ba4c1dc5fc8bf53d550e296fd6f5ad669918c

                                  SHA256

                                  cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030

                                  SHA512

                                  1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

                                  Download Submit

                                • /private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/mds/mdsDirectory.db
                                  Filesize

                                  47KB

                                  MD5

                                  0e4a0d1ceb2af6f0f8d0167ce77be2d3

                                  SHA1

                                  414ba4c1dc5fc8bf53d550e296fd6f5ad669918c

                                  SHA256

                                  cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030

                                  SHA512

                                  1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

                                  Download Submit

                                • /private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/mds/mdsDirectory.db_
                                  Filesize

                                  47KB

                                  MD5

                                  0e4a0d1ceb2af6f0f8d0167ce77be2d3

                                  SHA1

                                  414ba4c1dc5fc8bf53d550e296fd6f5ad669918c

                                  SHA256

                                  cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030

                                  SHA512

                                  1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

                                  Download Submit

                                • /private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/mds/mdsObject.db
                                  Filesize

                                  4KB

                                  MD5

                                  d3a1859e6ec593505cc882e6def48fc8

                                  SHA1

                                  f8e6728e3e9de477a75706faa95cead9ce13cb32

                                  SHA256

                                  3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c

                                  SHA512

                                  ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818

                                  Download Submit

                                • /private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/mds/mdsObject.db_
                                  Filesize

                                  4KB

                                  MD5

                                  d3a1859e6ec593505cc882e6def48fc8

                                  SHA1

                                  f8e6728e3e9de477a75706faa95cead9ce13cb32

                                  SHA256

                                  3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c

                                  SHA512

                                  ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818

                                  Download Submit

                                • /private/var/folders/zz/zyxvpxvq6csfxvn_n00000y800007k/T/CFNetworkDownload_HLLBEl.tmp/AssetData/DafsaData.bin
                                  Filesize

                                  52KB

                                  MD5

                                  9ad8ac1d25900c11c302fdf62a555081

                                  SHA1

                                  efafba31f333f909e5f51ae7384a673ea359ba86

                                  SHA256

                                  a50504c168b23f9394760000c2a60b9fbef8aa90bf64d78e256aa9af9487827c

                                  SHA512

                                  d3e8d1b5d87ea22628d765a9ebd611c9b3c1e586e59d767b52fac1c34435266eac50e9bd78204902749aa0918136bba51b95de686b0d429cd59f1d5844eac440

                                  Download Submit

                                • /private/var/folders/zz/zyxvpxvq6csfxvn_n00000y800007k/T/CFNetworkDownload_HLLBEl.tmp/Info.plist
                                  Filesize

                                  1KB

                                  MD5

                                  f12f380b8a6efe5a3443c4992d96b6ed

                                  SHA1

                                  2e76a4588718e255ac7139035890545a1425a002

                                  SHA256

                                  ec1e8f1ea858e762ffb38a047f2527e8ac0d20e7a12bfc4f14608416f6097a1c

                                  SHA512

                                  0af30e40558f64c58fde1d2cd7e4d87f3d9766a83f4ef091f4f7a7234531c71ff3869a700c3ead57eab337c8aa89faac009e8771bd71d9027382521e11d989d4

                                  Download Submit