Analysis Overview
SHA256
b57b2c143036ce5ee287e63f717278933a2d9b64a9c85999343f715d91f2f6e1
Threat Level: Likely benign
The file 7f1768f8d49b2339e0fb39e6cb19ed22 was found to be: Likely benign.
Malicious Activity Summary
Unsigned PE
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-02-05 02:20
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-02-05 02:20
Reported
2024-02-05 02:21
Platform
macos-20231201-en
Max time kernel
19s
Max time network
21s
Command Line
Signatures
Processes
/bin/sh
[sh -c sudo /bin/zsh -c "/Users/run/7f1768f8d49b2339e0fb39e6cb19ed22.exe"]
/bin/bash
[sh -c sudo /bin/zsh -c "/Users/run/7f1768f8d49b2339e0fb39e6cb19ed22.exe"]
/usr/bin/sudo
[sudo /bin/zsh -c /Users/run/7f1768f8d49b2339e0fb39e6cb19ed22.exe]
/bin/zsh
[/bin/zsh -c /Users/run/7f1768f8d49b2339e0fb39e6cb19ed22.exe]
/Users/run/7f1768f8d49b2339e0fb39e6cb19ed22.exe
[/Users/run/7f1768f8d49b2339e0fb39e6cb19ed22.exe]
/usr/libexec/xpcproxy
[xpcproxy com.apple.audio.systemsoundserverd]
/usr/sbin/systemsoundserverd
[/usr/sbin/systemsoundserverd]
Network
| Country | Destination | Domain | Proto |
| US | 52.182.143.211:443 | tcp | |
| US | 8.8.8.8:53 | mobile.events.data.trafficmanager.net | udp |
| US | 52.182.143.211:443 | tcp | |
| NL | 17.248.236.67:443 | tcp | |
| US | 8.8.8.8:53 | e673.dsce9.akamaiedge.net | udp |