Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

1

796f331dde...7eec47

macos-10.15-amd64

1

InstallMe/...taller

macos-10.15-amd64

1

InstallMe/...ts.rtf

windows7-x64

4

InstallMe/...ts.rtf

windows10-2004-x64

1

Analysis

  • max time kernel
    145s
  • max time network
    149s
  • platform
    macos-10.15_amd64
  • resource
    macos-20231201-en
  • resource tags

    arch:amd64arch:i386image:macos-20231201-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    27/01/2024, 05:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    InstallMe/Installer.app/Contents/MacOS/Installer

  • Size

    442KB

  • MD5

    5d731dbfe702389a4bd873f3de477c23

  • SHA1

    d9c86b025385d0e47c26109efdc58144e297bcba

  • SHA256

    e9c351c9422b388f2e39d891bfcf4901d9cfe0ea2055b93b7a9f67c36267f49a

  • SHA512

    1d30bb113e599733522c1fb9e3041a27306f665bacfca5e0d2175a541e96e754ee775d25ba9470b225a4bf3547a0dc4cfa7df9a39a3db1c23e2748dc7eb0f9d3

  • SSDEEP

    12288:Xulw3WwP00OJig3N3yy+LFqjgl1orf6LFqjgl1IrfOWG/y/j:XuC3WwP07jGK

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/InstallMe/Installer.app/Contents/MacOS/Installer\""
    1⤵
      PID:513
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/InstallMe/Installer.app/Contents/MacOS/Installer\""
      1⤵
        PID:513
      • /usr/bin/sudo
        sudo /bin/zsh -c /Users/run/InstallMe/Installer.app/Contents/MacOS/Installer
        1⤵
          PID:513
          • /bin/zsh
            /bin/zsh -c /Users/run/InstallMe/Installer.app/Contents/MacOS/Installer
            2⤵
              PID:514
            • /Users/run/InstallMe/Installer.app/Contents/MacOS/Installer
              /Users/run/InstallMe/Installer.app/Contents/MacOS/Installer
              2⤵
                PID:514
            • /usr/sbin/spctl
              /usr/sbin/spctl --assess --type execute /Applications/OneDrive.app
              1⤵
                PID:549
              • /bin/launchctl
                /bin/launchctl kill SIGTERM system/com.microsoft.OneDriveUpdaterDaemon
                1⤵
                  PID:562
                • /bin/launchctl
                  /bin/launchctl kill SIGTERM system/com.microsoft.OneDriveStandaloneUpdaterDaemon
                  1⤵
                    PID:563
                  • /usr/libexec/xpcproxy
                    xpcproxy com.apple.corespotlightservice.725FD30A-6064-6C02-CC51-5DDB8891B57E
                    1⤵
                      PID:564
                    • /System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
                      /System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
                      1⤵
                        PID:564

                      Network

                      MITRE ATT&CK Matrix

                      Replay Monitor

                      Loading Replay Monitor...

                      Downloads