c74949bbb924552249e1d2cb7a3ef45017e6004414930a0811538ae02cc3dece

Analysis

max time kernel
131s
max time network
137s
platform
macos-10.15_amd64
resource
macos-20231201-en
resource tags

arch:amd64arch:i386image:macos-20231201-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
submitted
22/12/2023, 08:50 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

三星root工具SuperOneClickv1.7-ShortFuse/adbmac
Size

167KB
MD5

959bf85533c2e8135985513f711b05d6
SHA1

80e65cc8ee68d16ee0f8ea6eec99d3699c2d6ed5
SHA256

c1508edcdf64d7c910528a01dd2b699eb6b6a6624375d0bd944b95536907c9bb
SHA512

3d0a6dcf42d5db4ce638a3a4e741c41da268530d18ba784fc4d9c069a5dc95c0d3bf7c37c2c26f5e7ae17b5b6a504190652f7b8329d703c9527a47f75e217b8d
SSDEEP

3072:w44L/Jubf+oNQokZUrW+kCan4KxDspTBftf+uoTV7sFTTDuCN7sF29w:EYT+oQokZUrPKxDyTB1fnoZ7sFPDl7sh

Score

1^/10

Malware Config

Signatures

/bin/sh
sh -c "sudo /bin/zsh -c \"/Users/run/三星root工具SuperOneClickv1.7-ShortFuse/adbmac\""
1⤵
PID:510

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/三星root工具SuperOneClickv1.7-ShortFuse/adbmac\""
1⤵
PID:510

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/三星root工具SuperOneClickv1.7-ShortFuse/adbmac\""
1⤵
PID:510

/usr/bin/sudo
sudo /bin/zsh -c /Users/run/三星root工具SuperOneClickv1.7-ShortFuse/adbmac
1⤵
PID:510

/usr/bin/sudo
sudo /bin/zsh -c /Users/run/三星root工具SuperOneClickv1.7-ShortFuse/adbmac
1⤵
PID:510
- /bin/zsh
  /bin/zsh -c /Users/run/三星root工具SuperOneClickv1.7-ShortFuse/adbmac
  2⤵
  PID:511
- /bin/zsh
  /bin/zsh -c /Users/run/三星root工具SuperOneClickv1.7-ShortFuse/adbmac
  2⤵
  PID:511
- /Users/run/三星root工具SuperOneClickv1.7-ShortFuse/adbmac
  /Users/run/三星root工具SuperOneClickv1.7-ShortFuse/adbmac
  2⤵
  PID:511
- /Users/run/三星root工具SuperOneClickv1.7-ShortFuse/adbmac
  /Users/run/三星root工具SuperOneClickv1.7-ShortFuse/adbmac
  2⤵
  PID:511

/usr/libexec/xpcproxy
xpcproxy com.apple.secinitd
1⤵
PID:512

/usr/libexec/secinitd
/usr/libexec/secinitd
1⤵
PID:512

/usr/libexec/xpcproxy
xpcproxy com.apple.sysmond
1⤵
PID:533

/usr/libexec/sysmond
/usr/libexec/sysmond
1⤵
PID:533

/usr/libexec/xpcproxy
xpcproxy com.apple.audio.systemsoundserverd
1⤵
PID:534

/usr/sbin/systemsoundserverd
/usr/sbin/systemsoundserverd
1⤵
PID:534

/usr/libexec/xpcproxy
xpcproxy com.apple.pbs
1⤵
PID:535

/System/Library/CoreServices/pbs
/System/Library/CoreServices/pbs
1⤵
PID:535

/usr/libexec/xpcproxy
xpcproxy com.apple.audio.AudioComponentRegistrar
1⤵
PID:536

/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar
/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar -daemon
1⤵
PID:536

/usr/libexec/xpcproxy
xpcproxy com.apple.tailspind
1⤵
PID:566

/usr/libexec/tailspind
/usr/libexec/tailspind
1⤵
PID:566

/usr/libexec/xpcproxy
xpcproxy com.apple.corespotlightservice.725FD30A-6064-6C02-CC51-5DDB8891B57E
1⤵
PID:571

/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
1⤵
PID:571

Network

DNS

16.courier-push-apple.com.akadns.net

Remote address:

8.8.8.8:53

Request

16.courier-push-apple.com.akadns.net

IN A

Response

16.courier-push-apple.com.akadns.net

IN CNAME

gb-courier-4.push-apple.com.akadns.net

gb-courier-4.push-apple.com.akadns.net

IN A

17.57.146.154

gb-courier-4.push-apple.com.akadns.net

IN A

17.57.146.151

gb-courier-4.push-apple.com.akadns.net

IN A

17.57.146.152

gb-courier-4.push-apple.com.akadns.net

IN A

17.57.146.155

gb-courier-4.push-apple.com.akadns.net

IN A

17.57.146.153

gb-courier-4.push-apple.com.akadns.net

IN A

17.57.146.150
DNS

e673.dsce9.akamaiedge.net

Remote address:

8.8.8.8:53

Request

e673.dsce9.akamaiedge.net

IN A

Response

e673.dsce9.akamaiedge.net

IN A

95.100.244.21
DNS

cds.apple.com

Remote address:

8.8.8.8:53

Request

cds.apple.com

IN A

Response

cds.apple.com

IN CNAME

cds-cdn.v.aaplimg.com

cds-cdn.v.aaplimg.com

IN A

82.78.25.240
DNS

help.apple.com

Remote address:

8.8.8.8:53

Request

help.apple.com

IN A

Response

help.apple.com

IN CNAME

help.origin-apple.com.akadns.net

help.origin-apple.com.akadns.net

IN CNAME

help-ar.apple.com.edgekey.net

help-ar.apple.com.edgekey.net

IN CNAME

e11408.d.akamaiedge.net

e11408.d.akamaiedge.net

IN A

23.44.233.108

17.57.146.39:5223

104 B
64 B
2
1
17.57.146.42:5223

104 B
60 B
2
1
20.189.173.2:443

tls, https

1.8kB
16
20.189.173.9:443

mobile.pipe.aria.microsoft.com

tls

21.3kB
9.5kB
48
37
17.248.236.65:443

tls, https

1.1kB
15
82.78.25.240:443

cds.apple.com

tls

66.7kB
1.1MB
862
824
23.44.233.108:443

help.apple.com

tls

35.0kB
113.5kB
176
137
23.44.233.108:443

help.apple.com

tls

1.9kB
6.8kB
17
16

8.8.8.8:53

16.courier-push-apple.com.akadns.net

dns

82 B
216 B
1
1

DNS Request

16.courier-push-apple.com.akadns.net

DNS Response

17.57.146.154

17.57.146.151

17.57.146.152

17.57.146.155

17.57.146.153

17.57.146.150
8.8.8.8:53

e673.dsce9.akamaiedge.net

dns

71 B
87 B
1
1

DNS Request

e673.dsce9.akamaiedge.net

DNS Response

95.100.244.21
8.8.8.8:53

cds.apple.com

dns

59 B
107 B
1
1

DNS Request

cds.apple.com

DNS Response

82.78.25.240
8.8.8.8:53

help.apple.com

dns

60 B
196 B
1
1

DNS Request

help.apple.com

DNS Response

23.44.233.108
224.0.0.251:5353

332 B
1

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/Users/run/Library/Caches/.dat.nosync0217.HuYE5u

Filesize
12KB

MD5
bd7b4302edcaf0e372ccdcdcf0721dd6

SHA1
36ba1deecc3596e43dcf08ec91398e5cd89485da

SHA256
1c8ae9d1162fed6988fb709e80294ef6f595b4687d29cc0248aaba3384b992cb

SHA512
e24c3491d3e058938c5ed0a2188cb8abc457e2c9d9662013ac59fc96ce71ed2aa12e537e28e9732ce949e27ce5ece71e879881bdf3d2c33d9789896cadc3da34

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/mds/mdsDirectory.db_

Filesize
47KB

MD5
0e4a0d1ceb2af6f0f8d0167ce77be2d3

SHA1
414ba4c1dc5fc8bf53d550e296fd6f5ad669918c

SHA256
cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030

SHA512
1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

Download Submit
/private/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/mds/mdsObject.db_

Filesize
4KB

MD5
d3a1859e6ec593505cc882e6def48fc8

SHA1
f8e6728e3e9de477a75706faa95cead9ce13cb32

SHA256
3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c

SHA512
ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.