76b2ad6694d96a44a96db9fb25dac7da1ab70a174be812b78fcfe5dc048eba25 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

76b2ad6694...25.exe

windows7-x64

76b2ad6694...25.exe

windows10-2004-x64

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Brava/Deri...es.app

macos-10.15-amd64

1

Analysis

max time kernel
140s
max time network
129s
platform
macos-10.15_amd64
resource
macos-20231201-en
resource tags

arch:amd64arch:i386image:macos-20231201-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
submitted
13/02/2024, 02:54

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

76b2ad6694d96a44a96db9fb25dac7da1ab70a174be812b78fcfe5dc048eba25.exe

Resource

win7-20231215-en

agenttesla keylogger persistence spyware stealer trojan

windows7-x64

22 signatures

150 seconds

Behavioral task

behavioral2

Sample

76b2ad6694d96a44a96db9fb25dac7da1ab70a174be812b78fcfe5dc048eba25.exe

Resource

win10v2004-20231215-en

agenttesla keylogger persistence spyware stealer trojan

windows10-2004-x64

22 signatures

150 seconds

Behavioral task

behavioral3

Sample

$PLUGINSDIR/System.dll

Resource

win7-20231215-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral4

Sample

$PLUGINSDIR/System.dll

Resource

win10v2004-20231215-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral5

Sample

Brava/Deriverendes.app

Resource

macos-20231201-en

macos-10.15-amd64

0 signatures

150 seconds

Report Analysis Logs

General

Target

Brava/Deriverendes.app
Size

208KB
MD5

dbf8a0843f87bc37591a188287517bbb
SHA1

ffdb4795d4e624b6644900b07186f49b58fb1888
SHA256

2f6eecf89dac2bb4dadc340b4a9c3f79e489aef63c6ac6bb949fdd8e2296dd9c
SHA512

a73b5a349a4a577670056e54eebbf637c2b59f3ac76cc6aa43f72862f0bbbf12312b0a920d95eda8df9acfb32ad0fd4af54b5587d48243edbcc9da3037781b21
SSDEEP

3072:pdYbg5EY/rXDjl1QjSHwKpAWcaKmMeKcfx7hgbKAtZ6F8rdEfbyUo5qtEGv:pdYZQXDbkoAWcLmMeKcwgF0ET5o5qtV

Score

1^/10

Malware Config

Signatures

Processes

/bin/sh
sh -c "sudo /bin/zsh -c \"open /Users/run/Brava/Deriverendes.app\""
1⤵
PID:520

/bin/bash
sh -c "sudo /bin/zsh -c \"open /Users/run/Brava/Deriverendes.app\""
1⤵
PID:520

/usr/bin/sudo
sudo /bin/zsh -c "open /Users/run/Brava/Deriverendes.app"
1⤵
PID:520
- /bin/zsh
  /bin/zsh -c "open /Users/run/Brava/Deriverendes.app"
  2⤵
  PID:521
- /usr/bin/open
  open /Users/run/Brava/Deriverendes.app
  2⤵
  PID:521

/usr/libexec/xpcproxy
xpcproxy com.apple.audio.systemsoundserverd
1⤵
PID:542

/usr/sbin/systemsoundserverd
/usr/sbin/systemsoundserverd
1⤵
PID:542

/usr/libexec/xpcproxy
xpcproxy com.apple.pbs
1⤵
PID:543

/System/Library/CoreServices/pbs
/System/Library/CoreServices/pbs
1⤵
PID:543

/usr/libexec/xpcproxy
xpcproxy com.apple.audio.AudioComponentRegistrar
1⤵
PID:544

/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar
/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar -daemon
1⤵
PID:544

/usr/sbin/spctl
/usr/sbin/spctl --assess --type execute /Applications/OneDrive.app
1⤵
PID:564

/bin/launchctl
/bin/launchctl kill SIGTERM system/com.microsoft.OneDriveUpdaterDaemon
1⤵
PID:572

/bin/launchctl
/bin/launchctl kill SIGTERM system/com.microsoft.OneDriveStandaloneUpdaterDaemon
1⤵
PID:573

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy