2e697828d0bb36a4aa0085997b62a9cc6a83e13afe94c299e4a707f3282b2a66

Analysis

max time kernel
703s
max time network
851s
platform
macos-10.15_amd64
resource
macos-20231201-en
resource tags

arch:amd64arch:i386image:macos-20231201-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
submitted
03-02-2024 17:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Install Parallels Desktop (1).dmg
Size

1.9MB
MD5

24f906cfda1e856380787927a7443af2
SHA1

9acda3749161f99d8be9408eb618694c56eaa0f9
SHA256

2e697828d0bb36a4aa0085997b62a9cc6a83e13afe94c299e4a707f3282b2a66
SHA512

a58c4c901491b1f18b127a32647844f15abe3a25e40fce04f5361f9f2f5ac4840a607e0f23c4d315da3746a7fcb7081d170910d95ed7e1c936a34f227a865292
SSDEEP

49152:JSyJQgxOqeh6dwzVQm2V4htQgHH4WZaDJ2VVXun:c2QgxOqXMgV4r4WZaDJ2en

Score

1^/10

Malware Config

Signatures

/bin/sh
sh -c "sudo /bin/zsh -c \"open /Volumes/Install\\ Parallels\\ Desktop/Install\\ Parallels\\ Desktop.app\""
1⤵
PID:549

/bin/bash
sh -c "sudo /bin/zsh -c \"open /Volumes/Install\\ Parallels\\ Desktop/Install\\ Parallels\\ Desktop.app\""
1⤵
PID:549

/usr/bin/sudo
sudo /bin/zsh -c "open /Volumes/Install\\ Parallels\\ Desktop/Install\\ Parallels\\ Desktop.app"
1⤵
PID:549
- /bin/zsh
  /bin/zsh -c "open /Volumes/Install\\ Parallels\\ Desktop/Install\\ Parallels\\ Desktop.app"
  2⤵
  PID:551
- /usr/bin/open
  open "/Volumes/Install Parallels Desktop/Install Parallels Desktop.app"
  2⤵
  PID:551

/usr/libexec/xpcproxy
xpcproxy com.apple.Safari.2028
1⤵
PID:553

/Applications/Safari.app/Contents/MacOS/Safari
/Applications/Safari.app/Contents/MacOS/Safari
1⤵
PID:553

/usr/libexec/xpcproxy
xpcproxy com.apple.Safari.History
1⤵
PID:554

/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History
/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History
1⤵
PID:554

/usr/libexec/xpcproxy
xpcproxy com.apple.WebKit.WebContent.F082407B-B5FD-4DD9-AF3A-7F520B75419C 553
1⤵
PID:556

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
1⤵
PID:556

/usr/libexec/xpcproxy
xpcproxy com.apple.spindump
1⤵
PID:560

/usr/sbin/spindump
/usr/sbin/spindump
1⤵
PID:560

/usr/libexec/xpcproxy
xpcproxy com.apple.tailspind
1⤵
PID:561

/usr/libexec/xpcproxy
xpcproxy com.apple.spindump_agent
1⤵
PID:562

/usr/libexec/tailspind
/usr/libexec/tailspind
1⤵
PID:561

/usr/libexec/spindump_agent
/usr/libexec/spindump_agent
1⤵
PID:562

/usr/libexec/xpcproxy
xpcproxy com.apple.SafariLaunchAgent
1⤵
PID:565

/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent
/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent
1⤵
PID:565

/usr/libexec/xpcproxy
xpcproxy com.apple.akd
1⤵
PID:566

/System/Library/PrivateFrameworks/AuthKit.framework/Versions/A/Support/akd
/System/Library/PrivateFrameworks/AuthKit.framework/Versions/A/Support/akd
1⤵
PID:566

/usr/libexec/xpcproxy
xpcproxy com.apple.WebKit.WebContent.B1DD1F0A-0406-4299-82FA-4133865DF3F6 553
1⤵
PID:567

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
1⤵
PID:567

/usr/libexec/xpcproxy
xpcproxy com.parallels.webinstaller.2300
1⤵
PID:570

/Volumes/Install Parallels Desktop/Install Parallels Desktop.app/Contents/MacOS/Install Parallels Desktop
"/Volumes/Install Parallels Desktop/Install Parallels Desktop.app/Contents/MacOS/Install Parallels Desktop"
1⤵
PID:570

/usr/libexec/xpcproxy
xpcproxy com.apple.Safari.SearchHelper 553
1⤵
PID:571

/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.SearchHelper.xpc/Contents/MacOS/com.apple.Safari.SearchHelper
/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.SearchHelper.xpc/Contents/MacOS/com.apple.Safari.SearchHelper
1⤵
PID:571

/usr/libexec/xpcproxy
xpcproxy com.apple.bird
1⤵
PID:573

/System/Library/PrivateFrameworks/CloudDocsDaemon.framework/Versions/A/Support/bird
/System/Library/PrivateFrameworks/CloudDocsDaemon.framework/Versions/A/Support/bird
1⤵
PID:573

/usr/libexec/xpcproxy
xpcproxy com.apple.neagent.878568F8-CCE5-4157-8315-22F20DC8FB0A
1⤵
PID:574

/usr/libexec/neagent
/usr/libexec/neagent
1⤵
PID:574

/usr/libexec/xpcproxy
xpcproxy com.apple.Safari.SafeBrowsing.Service
1⤵
PID:586

/System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service
/System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service
1⤵
PID:586

/usr/libexec/xpcproxy
xpcproxy com.apple.WebKit.WebContent.BA2AB941-9528-4194-B889-A2EB3ED21AAA 553
1⤵
PID:587

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
1⤵
PID:587

/usr/libexec/xpcproxy
xpcproxy com.apple.ReportMemoryException
1⤵
PID:588

/usr/libexec/ReportMemoryException
/usr/libexec/ReportMemoryException
1⤵
PID:588

/usr/libexec/xpcproxy
xpcproxy com.apple.corespotlightservice.725FD30A-6064-6C02-CC51-5DDB8891B57E
1⤵
PID:591

/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
1⤵
PID:591

/usr/libexec/xpcproxy
xpcproxy com.apple.PerfPowerServices
1⤵
PID:610

/usr/libexec/PerfPowerServices
/usr/libexec/PerfPowerServices
1⤵
PID:610

/usr/libexec/xpcproxy
xpcproxy com.apple.diagnosticd
1⤵
PID:620

/usr/libexec/diagnosticd
/usr/libexec/diagnosticd
1⤵
PID:620

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/malware,osx,url_expression

Filesize
225KB

MD5
9ccad8f0804c59b3710df2123e7a081d

SHA1
9bd3de9fdd0a768eb21d98bddfe9d62d3b395d25

SHA256
1f8e621c7c5c921c5c83b402dc4ee872573d0114fc3bce986c2568a2ddb7b875

SHA512
ef316c566f67d8b017fa94aac48e2b546453651368066c1d6cfb083a464793a285b8cad09e66895797625d84248569b6334ebf1016b8988f722235fd33c8c8cc

Download Submit
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/social_engineering,osx,url_expression

Filesize
23.3MB

MD5
19be7d5d6085bbc87f453f8846f4f8ff

SHA1
e97a9fd3ec74427b71d4a748a8579c3cf8260b8c

SHA256
a90f4b37e31be5958a232d7db0219a7ae221483d01523b9309a327101f876c80

SHA512
db108781a559a8ee5b8b44e74d10fd7abc80c4b1d0fe600fa870b3ccd3fa212f10e054358d6660d735dd20b8bbb9a03123e5dcfec32adcf2fab57575d78fa2be

Download Submit
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/unwanted_software,osx,url_expression

Filesize
122KB

MD5
856041a7450fa45db55d0c1f5bfb7789

SHA1
7f430020794c88b3f58ad6260e880302fa0c222d

SHA256
cd8e0a61b6545a2219fc9797fc0e1c654f0f0af825b2b67cdf6e94c03edc50a1

SHA512
662ffbcb4a885a19960d287d9292d72b5cee6d797f15db84f7cdae9af1cc266d8cb8ad5fa95a4039a44714362219b675ac3a135280515a65edb53672f49ffd2d

Download Submit
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari//mds/mdsDirectory.db

Filesize
47KB

MD5
0e4a0d1ceb2af6f0f8d0167ce77be2d3

SHA1
414ba4c1dc5fc8bf53d550e296fd6f5ad669918c

SHA256
cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030

SHA512
1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

Download Submit
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari//mds/mdsObject.db

Filesize
4KB

MD5
d3a1859e6ec593505cc882e6def48fc8

SHA1
f8e6728e3e9de477a75706faa95cead9ce13cb32

SHA256
3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c

SHA512
ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads