Overview

overview

1

Static

static

1

Dropzone 4...R].dmg

macos-10.15-amd64

Dropzone 4...T].dmg

macos-10.15-amd64

1

Dropzone 4...ion.py

macos-10.15-amd64

Dropzone 4...ve.ps1

macos-10.15-amd64

Dropzone 4...ur.ps1

macos-10.15-amd64

Dropzone 4...hua.py

macos-10.15-amd64

1

Dropzone 4...one.py

macos-10.15-amd64

1

Dropzone 4...one.rb

macos-10.15-amd64

1

Dropzone 4....dylib

macos-10.15-amd64

1

Dropzone 4...cOS/fc

macos-10.15-amd64

1

Dropzone 4...opy.rb

macos-10.15-amd64

1

Dropzone 4...api.rb

macos-10.15-amd64

1

Dropzone 4...ner.py

macos-10.15-amd64

1

Dropzone 4...ner.rb

macos-10.15-amd64

1

Dropzone 4...ash.rb

macos-10.15-amd64

1

Dropzone 4...ser.rb

macos-10.15-amd64

1

Dropzone 4...les.rb

macos-10.15-amd64

1

Dropzone 4...tLogin

macos-10.15-amd64

1

Dropzone 4...zone 4

macos-10.15-amd64

1

Dropzone 4...opzone

macos-10.15-amd64

1

Dropzone 4...ts.rtf

macos-10.15-amd64

1

Dropzone 4...ing.js

macos-10.15-amd64

Dropzone 4...min.js

macos-10.15-amd64

Dropzone 4...min.js

macos-10.15-amd64

Dropzone 4...h.html

macos-10.15-amd64

1

Dropzone 4....dylib

macos-10.15-amd64

1

Dropzone 4.../rhash

macos-10.15-amd64

1

Dropzone 4...iendly

macos-10.15-amd64

1

Analysis

  • max time kernel
    139s
  • max time network
    152s
  • platform
    macos-10.15_amd64
  • resource
    macos-20231201-en
  • resource tags

    arch:amd64arch:i386image:macos-20231201-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    10-12-2023 17:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Dropzone 4 4.80.4/Dropzone 4.app/Contents/Library/LoginItems/LaunchAtLogin.app/Contents/MacOS/LaunchAtLogin

  • Size

    148KB

  • MD5

    b92c02bc8562c5e00a6b4f7be36ee31e

  • SHA1

    29246919ed6077cf77537f15b480149e236ec9e3

  • SHA256

    545bfdbe8f20fc9e310404ccee576e5bf7c24b2a89d7c1e62094c5a8532df9c0

  • SHA512

    b9a70f494b9865e73f35e66a9ee12d874d083e246e5b3dbd8560ef9507c23a6ebbc98ccc0e6da1aa487f2f2cc06eb5d414f1905e55a437902a328417595b8969

  • SSDEEP

    384:UfieeFpptc5tXuHbr+Q8drgryrLIrNab8erIIrner6v8wCURI0fDr+Q8drgrerzo:KtU76t+d8kab8+C0jCURdd82Tab8

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/Dropzone 4 4.80.4/Dropzone 4.app/Contents/Library/LoginItems/LaunchAtLogin.app/Contents/MacOS/LaunchAtLogin\""
    1⤵
      PID:516
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/Dropzone 4 4.80.4/Dropzone 4.app/Contents/Library/LoginItems/LaunchAtLogin.app/Contents/MacOS/LaunchAtLogin\""
      1⤵
        PID:516
      • /bin/bash
        sh -c "sudo /bin/zsh -c \"/Users/run/Dropzone 4 4.80.4/Dropzone 4.app/Contents/Library/LoginItems/LaunchAtLogin.app/Contents/MacOS/LaunchAtLogin\""
        1⤵
          PID:516
        • /usr/bin/sudo
          sudo /bin/zsh -c "/Users/run/Dropzone 4 4.80.4/Dropzone 4.app/Contents/Library/LoginItems/LaunchAtLogin.app/Contents/MacOS/LaunchAtLogin"
          1⤵
            PID:516
          • /usr/bin/sudo
            sudo /bin/zsh -c "/Users/run/Dropzone 4 4.80.4/Dropzone 4.app/Contents/Library/LoginItems/LaunchAtLogin.app/Contents/MacOS/LaunchAtLogin"
            1⤵
              PID:516
              • /bin/zsh
                /bin/zsh -c "/Users/run/Dropzone 4 4.80.4/Dropzone 4.app/Contents/Library/LoginItems/LaunchAtLogin.app/Contents/MacOS/LaunchAtLogin"
                2⤵
                  PID:518
                • /bin/zsh
                  /bin/zsh -c "/Users/run/Dropzone 4 4.80.4/Dropzone 4.app/Contents/Library/LoginItems/LaunchAtLogin.app/Contents/MacOS/LaunchAtLogin"
                  2⤵
                    PID:518
                  • /Users/run/Dropzone
                    /Users/run/Dropzone 4 4.80.4/Dropzone 4.app/Contents/Library/LoginItems/LaunchAtLogin.app/Contents/MacOS/LaunchAtLogin
                    2⤵
                      PID:518
                    • /Users/run/Dropzone
                      /Users/run/Dropzone 4 4.80.4/Dropzone 4.app/Contents/Library/LoginItems/LaunchAtLogin.app/Contents/MacOS/LaunchAtLogin
                      2⤵
                        PID:518
                    • /usr/libexec/xpcproxy
                      xpcproxy com.apple.corespotlightservice.725FD30A-6064-6C02-CC51-5DDB8891B57E
                      1⤵
                        PID:558
                      • /System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
                        /System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
                        1⤵
                          PID:558

                        Network

                        MITRE ATT&CK Matrix

                        Replay Monitor

                        Loading Replay Monitor...

                        Downloads