Overview

overview

4

Static

static

1

ParallelsD...in.vbs

macos-10.15-amd64

1

ParallelsD..._dylib

macos-10.15-amd64

1

ParallelsD....dylib

macos-10.15-amd64

1

ParallelsD...70.dmg

macos-10.15-amd64

1

Parallels ...cOS/7z

macos-10.15-amd64

1

Parallels ...vm_app

macos-10.15-amd64

1

Parallels ...ervice

macos-10.15-amd64

1

Parallels ...ervice

macos-10.15-amd64

1

Parallels ...ed.vbs

macos-10.15-amd64

4

Parallels ...vm_app

macos-10.15-amd64

1

Parallels ...ttool2

macos-10.15-amd64

1

Parallels ....dylib

macos-10.15-amd64

1

Parallels ....dylib

macos-10.15-amd64

1

Parallels ...nt_app

macos-10.15-amd64

1

Parallels ...onvert

macos-10.15-amd64

1

Parallels ...k_tool

macos-10.15-amd64

1

Parallels ...sd2iso

macos-10.15-amd64

1

Parallels ...daemon

macos-10.15-amd64

1

Parallels ..._users

macos-10.15-amd64

1

Parallels ...helper

macos-10.15-amd64

1

Parallels ..._mkiso

macos-10.15-amd64

1

Parallels ..._naptd

macos-10.15-amd64

1

Parallels ..._start

macos-10.15-amd64

1

Parallels ...nplace

macos-10.15-amd64

1

Parallels ...rf_ctl

macos-10.15-amd64

1

Parallels ...ps2pdf

macos-10.15-amd64

1

Parallels ...spaces

macos-10.15-amd64

1

Resubmissions

18-03-2024 20:43

240318-zhqdxahg22 4

Analysis

  • max time kernel
    136s
  • max time network
    170s
  • platform
    macos-10.15_amd64
  • resource
    macos-20240214-en
  • resource tags

    arch:amd64arch:i386image:macos-20240214-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    18-03-2024 20:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Parallels Desktop 19/Parallels Desktop.app/Contents/MacOS/Parallels Service.app/Contents/MacOS/prl_disp_service

  • Size

    21.4MB

  • MD5

    b8da0d7580a5dedca73a028fed8a2017

  • SHA1

    398f0490b7c689e6cebc92ade831714fff4d0c24

  • SHA256

    92ca350419227ae4b57680fe0210aeca3a3f96979a5fbf28145069c71cc97f4a

  • SHA512

    43761620ee9a9a965e04de68e701deb08cbced361eb098af4f2778bfb915a1e3d23db9095bd61b22908f1e8123a70598cd7ca240313ae8e42663935a84e528c5

  • SSDEEP

    196608:xv9zahIC3NPIaUM4clwOAD/fZsFRaXTqTG:xv9uAaUMblwOA7fZQajqTG

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/Parallels Desktop 19/Parallels Desktop.app/Contents/MacOS/Parallels Service.app/Contents/MacOS/prl_disp_service\""
    1⤵
      PID:573
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/Parallels Desktop 19/Parallels Desktop.app/Contents/MacOS/Parallels Service.app/Contents/MacOS/prl_disp_service\""
      1⤵
        PID:573
      • /usr/bin/sudo
        sudo /bin/zsh -c "/Users/run/Parallels Desktop 19/Parallels Desktop.app/Contents/MacOS/Parallels Service.app/Contents/MacOS/prl_disp_service"
        1⤵
          PID:573
          • /bin/zsh
            /bin/zsh -c "/Users/run/Parallels Desktop 19/Parallels Desktop.app/Contents/MacOS/Parallels Service.app/Contents/MacOS/prl_disp_service"
            2⤵
              PID:574
            • /Users/run/Parallels
              /Users/run/Parallels Desktop 19/Parallels Desktop.app/Contents/MacOS/Parallels Service.app/Contents/MacOS/prl_disp_service
              2⤵
                PID:574
            • /usr/libexec/xpcproxy
              xpcproxy com.apple.sysmond
              1⤵
                PID:576
              • /usr/libexec/sysmond
                /usr/libexec/sysmond
                1⤵
                  PID:576
                • /usr/libexec/xpcproxy
                  xpcproxy com.apple.icloud.findmydeviced
                  1⤵
                    PID:583
                  • /usr/libexec/findmydeviced
                    /usr/libexec/findmydeviced
                    1⤵
                      PID:583
                    • /usr/bin/pluginkit
                      /usr/bin/pluginkit -e ignore -i com.microsoft.OneDrive.FinderSync
                      1⤵
                        PID:586
                      • /usr/sbin/spctl
                        /usr/sbin/spctl --assess --type execute /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/OneDriveUpdater6BDB2703/OneDrive.app
                        1⤵
                          PID:587
                        • /usr/libexec/xpcproxy
                          xpcproxy com.apple.pbs
                          1⤵
                            PID:591
                          • /System/Library/CoreServices/pbs
                            /System/Library/CoreServices/pbs
                            1⤵
                              PID:591
                            • /usr/libexec/xpcproxy
                              xpcproxy com.apple.tailspind
                              1⤵
                                PID:610
                              • /usr/libexec/tailspind
                                /usr/libexec/tailspind
                                1⤵
                                  PID:610
                                • /usr/libexec/xpcproxy
                                  xpcproxy com.apple.bird
                                  1⤵
                                    PID:614
                                  • /System/Library/PrivateFrameworks/CloudDocsDaemon.framework/Versions/A/Support/bird
                                    /System/Library/PrivateFrameworks/CloudDocsDaemon.framework/Versions/A/Support/bird
                                    1⤵
                                      PID:614
                                    • /usr/sbin/spctl
                                      /usr/sbin/spctl --assess --type execute /Applications/OneDrive.app
                                      1⤵
                                        PID:616

                                      Network

                                      MITRE ATT&CK Matrix

                                      Replay Monitor

                                      Loading Replay Monitor...

                                      Downloads