Analysis
-
max time kernel
89s -
max time network
153s -
platform
macos-10.15_amd64 -
resource
macos-20240214-en -
resource tags
-
submitted
13/03/2024, 20:03
General
-
Target
3fbc8344d0982fcb5aed2e8ee7310d0ff67ccd8c3984541ac27c565cba58eaac
-
Size
771KB
-
MD5
50e42d14c1a2e81421b2f03bf6640956
-
SHA1
b49796befac6089905e847bba9112f8f56e7c6f3
-
SHA256
3fbc8344d0982fcb5aed2e8ee7310d0ff67ccd8c3984541ac27c565cba58eaac
-
SHA512
7cffaeadf538fac62381740bf807c0e4bfe061b9d6b6a2d7a39cb4d3fc6d45cc200c9ce99b232f93b16df6fbf9edc85d4dd78ae2878ac9bd23f5cd2fc13a5670
-
SSDEEP
12288:yfpTZtLzgtXyZeyS7c8TLBhE5re0QzC+7mb4j:yRIyZVS7crxefzCzb4j
Malware Config
Signatures
Processes
-
/bin/shsh -c "sudo /bin/zsh -c \"/Users/run/3fbc8344d0982fcb5aed2e8ee7310d0ff67ccd8c3984541ac27c565cba58eaac\""1⤵
-
/bin/bashsh -c "sudo /bin/zsh -c \"/Users/run/3fbc8344d0982fcb5aed2e8ee7310d0ff67ccd8c3984541ac27c565cba58eaac\""1⤵
-
/usr/bin/sudosudo /bin/zsh -c /Users/run/3fbc8344d0982fcb5aed2e8ee7310d0ff67ccd8c3984541ac27c565cba58eaac1⤵
-
/bin/zsh/bin/zsh -c /Users/run/3fbc8344d0982fcb5aed2e8ee7310d0ff67ccd8c3984541ac27c565cba58eaac2⤵
-
-
/Users/run/3fbc8344d0982fcb5aed2e8ee7310d0ff67ccd8c3984541ac27c565cba58eaac/Users/run/3fbc8344d0982fcb5aed2e8ee7310d0ff67ccd8c3984541ac27c565cba58eaac2⤵
-
-
/usr/libexec/xpcproxyxpcproxy com.apple.sysmond1⤵
-
/usr/libexec/sysmond/usr/libexec/sysmond1⤵
-
/usr/libexec/xpcproxyxpcproxy com.apple.geod1⤵
-
/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod1⤵
-
/usr/libexec/xpcproxyxpcproxy com.apple.AddressBook.ContactsAccountsService1⤵
-
/System/Library/Frameworks/AddressBook.framework/Executables/ContactsAccountsService/System/Library/Frameworks/AddressBook.framework/Executables/ContactsAccountsService1⤵
-
/usr/libexec/xpcproxyxpcproxy com.apple.routined1⤵
-
/usr/libexec/routined/usr/libexec/routined LAUNCHED_BY_LAUNCHD1⤵
-
/usr/libexec/xpcproxyxpcproxy com.apple.Maps.mapspushd1⤵
-
/System/Library/CoreServices/mapspushd/System/Library/CoreServices/mapspushd1⤵
-
/usr/libexec/xpcproxyxpcproxy com.apple.nehelper1⤵
-
/usr/libexec/nehelper/usr/libexec/nehelper1⤵
-
/usr/libexec/xpcproxyxpcproxy com.apple.neagent.878568F8-CCE5-4157-8315-22F20DC8FB0A1⤵
-
/usr/libexec/neagent/usr/libexec/neagent1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
288B
MD555d707d8a498ca399dd49c710374392d
SHA194956fb7af8ebb24faa018be5739179ae2e21dbb
SHA2560de9ce482bde894cb5d5042cfeaf0d54cb0f56ad4852caa4d06ad54a53a7b49f
SHA512e6183083a8f1f1ea5e67806ecbcab5adefc331aca2622e3b846cee48b803a91076dfd9a905573ee71c900bc5563b4e6e7f3ab994de7e29552a01647cd29ad20e
-
Filesize
355B
MD5a6ef4856e99c9d8e1d9bb762c5a8503a
SHA125d5405ad91791b716ae5a56b37aa2b393854967
SHA256232441aa129d4f21999860b8bf31db4b8617df9f7d32ef5f25a383edff82d9fa
SHA512582fa1ea60766a5a4e99b295a8ed98c94f6bab45e42b7e8db61e9ad645f531891082cd457bfd11d660195af86f02c4ed93589e6e6daded683cff2d8319bbc489
-
Filesize
124KB
MD52f80298c42202ac3d72c402351253dd0
SHA1916d4339143ca0d3246109d3e49549a41fc22d02
SHA2563767521da2ebe5008766ee4a0acd3c74bba01e2ed428fe7544391b07a4d4df9c
SHA512587c75a4dc4f48e50b5f3ec7604612994009180e7a4a729c88288fd8a3390769245646d2ff2326f9e5ba3c8819d48c61c4bee9aebb8ce3ebbe1e531833cd5c31
-
Filesize
158KB
MD53beb34e02eb9bd01714f9926b3ebfc96
SHA1d558e451b1b1ea9f8a7a29449fe1d2985abbd96c
SHA256032673ebc61db6f46d76d507b19b1b0136a3f7e766a311f38921d2ee7fe450be
SHA512f882c6dc232cc24367e6a83117a8f358860fe8cc9b5d67fa2255645a43658e1cf72af44fa3708ec03c24a788c78abea2a268214adcfcb52aa7dce207102627ff