Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

Browser.dmg

macos-10.15-amd64

1

Arc-1-26-4...-45413

macos-10.15-amd64

1

Resubmissions

24/01/2024, 04:54

240124-fjtyyabbek 3

24/01/2024, 04:47

240124-fevdxabca4 1

Analysis

  • max time kernel
    143s
  • max time network
    157s
  • platform
    macos-10.15_amd64
  • resource
    macos-20231201-en
  • resource tags

    arch:amd64arch:i386image:macos-20231201-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    24/01/2024, 04:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Browser.dmg

  • Size

    905KB

  • MD5

    ac1a958ea6449450fbfa5cb9a6bb197a

  • SHA1

    0505a3b7683aaff50b9f4214e259b519bc27bc6c

  • SHA256

    f81f1dfc07e5b84cd158ed24ec60ac43a2d2427835d4d1a21b8f8622b7b706a6

  • SHA512

    e84ba5ee1c0825b19949755e14f3c61f00ae7273f1757cb6d049faf757a88c71befd72571d5c508664e42b0c01bd322dbe3ac4b248a62880d0bcf69821e6833d

  • SSDEEP

    24576:ZRgr1ZdtkgxTgViE5KY3dv53KPqxf3dlIu8tqEYUKx8RnZEja:XI3kaTAx3dB3mqx/gu88EYU0aij

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"open /Volumes/Arc-1-26-45413\""
    1⤵
      PID:549
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"open /Volumes/Arc-1-26-45413\""
      1⤵
        PID:549
      • /usr/bin/sudo
        sudo /bin/zsh -c "open /Volumes/Arc-1-26-45413"
        1⤵
          PID:549
          • /bin/zsh
            /bin/zsh -c "open /Volumes/Arc-1-26-45413"
            2⤵
              PID:551
            • /usr/bin/open
              open /Volumes/Arc-1-26-45413
              2⤵
                PID:551
            • /usr/libexec/xpcproxy
              xpcproxy com.apple.spindump
              1⤵
                PID:552
              • /usr/sbin/spindump
                /usr/sbin/spindump
                1⤵
                  PID:552
                • /usr/libexec/xpcproxy
                  xpcproxy com.apple.spindump_agent
                  1⤵
                    PID:553
                  • /usr/libexec/xpcproxy
                    xpcproxy com.apple.tailspind
                    1⤵
                      PID:554
                    • /usr/libexec/tailspind
                      /usr/libexec/tailspind
                      1⤵
                        PID:554
                      • /usr/libexec/spindump_agent
                        /usr/libexec/spindump_agent
                        1⤵
                          PID:553
                        • /usr/sbin/spctl
                          /usr/sbin/spctl --assess --type execute /Applications/OneDrive.app
                          1⤵
                            PID:584
                          • /usr/libexec/xpcproxy
                            xpcproxy com.apple.bird
                            1⤵
                              PID:586
                            • /System/Library/PrivateFrameworks/CloudDocsDaemon.framework/Versions/A/Support/bird
                              /System/Library/PrivateFrameworks/CloudDocsDaemon.framework/Versions/A/Support/bird
                              1⤵
                                PID:586
                              • /bin/launchctl
                                /bin/launchctl kill SIGTERM system/com.microsoft.OneDriveUpdaterDaemon
                                1⤵
                                  PID:592
                                • /bin/launchctl
                                  /bin/launchctl kill SIGTERM system/com.microsoft.OneDriveStandaloneUpdaterDaemon
                                  1⤵
                                    PID:593

                                  Network

                                  MITRE ATT&CK Matrix

                                  Replay Monitor

                                  Loading Replay Monitor...

                                  Downloads