hxxps://cdn[.]discordapp[.]com/attachments/1144240344997830726/1210292260953129040/Fynical[.]7z?ex=65ea0781&is=65d79281&hm=d76c83c010d508e98d9320ebb3217ef58a64881a56e36b975ddb04c267c2c795&

Resubmissions

22/02/2024, 20:33

240222-zbx56sfc63 1

22/02/2024, 20:30

240222-zad1xaeg8v 7

Analysis

max time kernel
13s
max time network
16s
platform
macos-10.15_amd64
resource
macos-20240214-en
resource tags

arch:amd64arch:i386image:macos-20240214-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
submitted
22/02/2024, 20:33

Sharing

Copy URL

Twitter E-mail

Reason

Machine shutdown

Report Analysis Logs

General

Target

https://cdn.discordapp.com/attachments/1144240344997830726/1210292260953129040/Fynical.7z?ex=65ea0781&is=65d79281&hm=d76c83c010d508e98d9320ebb3217ef58a64881a56e36b975ddb04c267c2c795&

Score

1^/10

Malware Config

Signatures

/bin/sh
sh -c "sudo /bin/zsh -c \"/Applications/Google\\ Chrome.app/Contents/MacOS/Google\\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window https://cdn.discordapp.com/attachments/1144240344997830726/1210292260953129040/Fynical.7z?ex=65ea0781&is=65d79281&hm=d76c83c010d508e98d9320ebb3217ef58a64881a56e36b975ddb04c267c2c795&\""
1⤵
PID:535

/bin/bash
sh -c "sudo /bin/zsh -c \"/Applications/Google\\ Chrome.app/Contents/MacOS/Google\\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window https://cdn.discordapp.com/attachments/1144240344997830726/1210292260953129040/Fynical.7z?ex=65ea0781&is=65d79281&hm=d76c83c010d508e98d9320ebb3217ef58a64881a56e36b975ddb04c267c2c795&\""
1⤵
PID:535

/usr/bin/sudo
sudo /bin/zsh -c "/Applications/Google\\ Chrome.app/Contents/MacOS/Google\\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window https://cdn.discordapp.com/attachments/1144240344997830726/1210292260953129040/Fynical.7z?ex=65ea0781&is=65d79281&hm=d76c83c010d508e98d9320ebb3217ef58a64881a56e36b975ddb04c267c2c795&"
1⤵
PID:535
- /bin/zsh
  /bin/zsh -c "/Applications/Google\\ Chrome.app/Contents/MacOS/Google\\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window https://cdn.discordapp.com/attachments/1144240344997830726/1210292260953129040/Fynical.7z?ex=65ea0781&is=65d79281&hm=d76c83c010d508e98d9320ebb3217ef58a64881a56e36b975ddb04c267c2c795&"
  2⤵
  PID:538

/usr/libexec/xpcproxy
xpcproxy com.apple.sysmond
1⤵
PID:550

/usr/libexec/sysmond
/usr/libexec/sysmond
1⤵
PID:550

/usr/libexec/xpcproxy
xpcproxy com.apple.PackageKit.InstallStatus
1⤵
PID:562

/usr/libexec/xpcproxy
xpcproxy com.apple.warmd_agent
1⤵
PID:563

/System/Library/CoreServices/Install in Progress.app/Contents/MacOS/Install in Progress
"/System/Library/CoreServices/Install in Progress.app/Contents/MacOS/Install in Progress"
1⤵
PID:562

/usr/libexec/warmd_agent
/usr/libexec/warmd_agent
1⤵
PID:563

/usr/libexec/xpcproxy
xpcproxy com.apple.security.keychain-circle-notification
1⤵
PID:564

/usr/libexec/xpcproxy
xpcproxy com.apple.ViewBridgeAuxiliary
1⤵
PID:565

/System/Library/CoreServices/Keychain Circle Notification.app/Contents/MacOS/Keychain Circle Notification
"/System/Library/CoreServices/Keychain Circle Notification.app/Contents/MacOS/Keychain Circle Notification"
1⤵
PID:564

/System/Library/PrivateFrameworks/ViewBridge.framework/Versions/A/XPCServices/ViewBridgeAuxiliary.xpc/Contents/MacOS/ViewBridgeAuxiliary
/System/Library/PrivateFrameworks/ViewBridge.framework/Versions/A/XPCServices/ViewBridgeAuxiliary.xpc/Contents/MacOS/ViewBridgeAuxiliary
1⤵
PID:565

/usr/libexec/xpcproxy
xpcproxy com.apple.rtcreportingd
1⤵
PID:566

/usr/libexec/rtcreportingd
/usr/libexec/rtcreportingd
1⤵
PID:566

/usr/libexec/xpcproxy
xpcproxy com.apple.sessionlogoutd
1⤵
PID:567

/usr/libexec/xpcproxy
xpcproxy com.apple.akd
1⤵
PID:568

/usr/libexec/xpcproxy
xpcproxy com.apple.routined
1⤵
PID:569

/System/Library/CoreServices/sessionlogoutd
/System/Library/CoreServices/sessionlogoutd
1⤵
PID:567

/usr/libexec/xpcproxy
xpcproxy com.apple.security.cloudkeychainproxy3
1⤵
PID:570

/sbin/shutdown
/sbin/shutdown -h now
1⤵
PID:1.8446744073709552e+19

/bin/sh
sh -c "/usr/bin/wall -n"
1⤵
PID:573

/bin/bash
sh -c "/usr/bin/wall -n"
1⤵
PID:573

/usr/bin/wall
/usr/bin/wall -n
1⤵
PID:573

/System/Library/Extensions/IOGraphicsFamily.kext/iogdiagnose
iogdiagnose -b /var/log/displaypolicy/iogdiagnose-last.bin
1⤵
PID:4.784951e+07

/usr/sbin/spindump
spindump -shutdownstall 2 -timelimit 5
1⤵
PID:575

/bin/sh
sh -c /usr/sbin/kextstat
1⤵
PID:576

/bin/bash
sh -c /usr/sbin/kextstat
1⤵
PID:576

/usr/sbin/kextstat
/usr/sbin/kextstat
1⤵
PID:576

/bin/bash
bash /private/var/install/shutdown_installer_tasks
1⤵
PID:577

/bin/bash
bash /private/var/install/deferred_install
1⤵
PID:578

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T//spindump.txt

Filesize
188KB

MD5
c89eef1f2e4e5d83b41b20dde50f23fb

SHA1
261291bdf42e61609c4686fb84106ecdbc403775

SHA256
4de75b904aee21c76ef07122dacdae0462c6de681799a9400fc55c3a5123be44

SHA512
510790434e3d286db6916179831e610af33937e1375e7e4274be9dc978804f976bfc6b3bd6ef3b82dd8f23ffa4d4b3005f2098983fb37b35ef8397907564f4f6

Download Submit

Resubmissions

Analysis

Sharing

Errors

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads