4e9c21bbd2357080f36ba6c799f0cce69f527160b862270d5ebda23c22cd40a7

Resubmissions

10-01-2024 05:08

240110-fs1g3sfdg8 7

10-01-2024 05:03

240110-fp5ydsebcm 6

Analysis

max time kernel
147s
max time network
137s
platform
macos-10.15_amd64
resource
macos-20231201-en
resource tags

arch:amd64arch:i386image:macos-20231201-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
submitted
10-01-2024 05:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

KineMaster Blue Latest MOD.apk
Size

113.2MB
MD5

c8c99a14aa8cc178eda15f382efa4b85
SHA1

a6631cfbfd11dda52fcce526fbcbb77c458e5ada
SHA256

4e9c21bbd2357080f36ba6c799f0cce69f527160b862270d5ebda23c22cd40a7
SHA512

4ba09967d26893a377cce92111344219f08f0223799c2215a6fc1cb28661f805d591b02e4a8682fefe07c85a43a2b0dc539451ef6fb7e90bb607c9a466e5fbe4
SSDEEP

3145728:o9Z6Ezle5+PVxoFVnDptAr32iv3GHYFxFw7wivbwytV+jO5Jly:AvWymIkYFxFw7wiv6OU

Score

1^/10

Malware Config

Signatures

/usr/libexec/xpcproxy
xpcproxy com.apple.gkreport
1⤵
PID:506

/usr/libexec/xpcproxy
xpcproxy com.apple.loginwindow.LWWeeklyMessageTracer
1⤵
PID:507

/usr/libexec/gkreport
/usr/libexec/gkreport
1⤵
PID:506
- /usr/sbin/spctl
  /usr/sbin/spctl --status
  2⤵
  PID:510
- /usr/sbin/spctl
  /usr/sbin/spctl --test-devid-status
  2⤵
  PID:511
- /usr/bin/syslog
  /usr/bin/syslog -s -k com.apple.message.domain com.apple.security.assessment.current_state com.apple.message.signature "assessments enabled" com.apple.message.signature2 "devid enabled" Message "Gatekeeper state assessments enabled/devid enabled"
  2⤵
  PID:512

/usr/libexec/xpcproxy
xpcproxy com.apple.systemstats.daily
1⤵
PID:508

/usr/libexec/xpcproxy
xpcproxy com.oracle.java.Java-Updater
1⤵
PID:509

/System/Library/CoreServices/loginwindow.app/Contents/Resources/LWWeeklyMessageTracer
/System/Library/CoreServices/loginwindow.app/Contents/Resources/LWWeeklyMessageTracer
1⤵
PID:507

/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Java Updater.app/Contents/MacOS/Java Updater
"/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Java Updater.app/Contents/MacOS/Java Updater" -bgcheck
1⤵
PID:509

/bin/sh
sh -c "sudo /bin/zsh -c \"/Users/run/KineMaster Blue Latest MOD.apk\""
1⤵
PID:513

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/KineMaster Blue Latest MOD.apk\""
1⤵
PID:513

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/KineMaster Blue Latest MOD.apk\""
1⤵
PID:513

/usr/bin/sudo
sudo /bin/zsh -c "/Users/run/KineMaster Blue Latest MOD.apk"
1⤵
PID:513

/usr/bin/sudo
sudo /bin/zsh -c "/Users/run/KineMaster Blue Latest MOD.apk"
1⤵
PID:513
- /bin/zsh
  /bin/zsh -c "/Users/run/KineMaster Blue Latest MOD.apk"
  2⤵
  PID:514
- /bin/zsh
  /bin/zsh -c "/Users/run/KineMaster Blue Latest MOD.apk"
  2⤵
  PID:514
- /Users/run/KineMaster
  /Users/run/KineMaster Blue Latest MOD.apk
  2⤵
  PID:514
- /Users/run/KineMaster
  /Users/run/KineMaster Blue Latest MOD.apk
  2⤵
  PID:514

/usr/libexec/xpcproxy
xpcproxy com.apple.spindump
1⤵
PID:553

/usr/sbin/spindump
/usr/sbin/spindump
1⤵
PID:553

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/private/var/db/systemstats/.dat.nosync01fc.BuNFzX

Filesize
186B

MD5
7b2790b901139c3dbe9dca0b86e4ec1c

SHA1
950130d379dba4fde1c19c013f58d502a0b03bd4

SHA256
23b3ec80af145bf3fe9831bf31a0ee80332816302460abdcb12f13a0ab78e69e

SHA512
683629dc6cc8438928c65c50c051023ee6b1f902e16eb223f2d6da8b0d5b1f249be477cff7d1e35a1867ff81ea171d13311d97216fc3770d0dd84a10d28e87cf

Download Submit
/private/var/db/systemstats/.dat.nosync01fc.nltoAi

Filesize
186B

MD5
017e71d651b008d6923ccb7093b448a4

SHA1
1106692ca1d0e9df03ff8c2f259760412ee61ae5

SHA256
8884ab58d48a160abcc5da627613ea79141a7fac187a83ed6b94cf9ef62b3878

SHA512
383eaa21a741e8f96953c5d6a67386144785556e8df9f037ea0fc13e24349b2e6405ad2bcb8aecf2cadb14c217306f5e65f0fd98395f15e391ede26952e02d60

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads