Overview

overview

4

Static

static

3

Bambu_Stud...51.exe

macos-10.15-amd64

4

resources/...x.html

macos-10.15-amd64

4

resources/...mon.js

macos-10.15-amd64

4

resources/...api.js

macos-10.15-amd64

4

resources/...ome.js

macos-10.15-amd64

4

resources/...min.js

macos-10.15-amd64

4

resources/...min.js

macos-10.15-amd64

4

resources/...on2.js

macos-10.15-amd64

4

resources/...umd.js

macos-10.15-amd64

4

resources/...umd.js

macos-10.15-amd64

4

resources/...api.js

macos-10.15-amd64

4

resources/...ive.js

macos-10.15-amd64

4

resources/...ent.js

macos-10.15-amd64

4

resources/...ule.js

macos-10.15-amd64

4

resources/...ams.js

macos-10.15-amd64

4

resources/...ist.js

macos-10.15-amd64

4

resources/...ils.js

macos-10.15-amd64

4

resources/...lar.js

macos-10.15-amd64

4

resources/...lar.js

macos-10.15-amd64

4

resources/...lar.js

macos-10.15-amd64

4

resources/...lar.js

macos-10.15-amd64

4

resources/...int.js

macos-10.15-amd64

4

resources/...dex.js

macos-10.15-amd64

4

resources/...int.js

macos-10.15-amd64

4

resources/...dex.js

macos-10.15-amd64

4

resources/...ses.js

macos-10.15-amd64

4

resources/...dex.js

macos-10.15-amd64

4

resources/...ses.js

macos-10.15-amd64

4

resources/...ore.js

macos-10.15-amd64

4

resources/...lts.js

macos-10.15-amd64

4

resources/...ter.js

macos-10.15-amd64

4

resources/...dex.js

macos-10.15-amd64

4

Analysis

  • max time kernel
    133s
  • max time network
    164s
  • platform
    macos-10.15_amd64
  • resource
    macos-20240410-en
  • resource tags

    arch:amd64arch:i386image:macos-20240410-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    16-04-2024 21:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    resources/web/guide/swiper/angular/esm2015/swiper_angular.js

  • Size

    492B

  • MD5

    b54c1862f9dbca4c61124daa66c79722

  • SHA1

    47c42af83a4265d720249d8dcce76089c62f9f6c

  • SHA256

    76121e2a278e7740944ead046df81056f3fab202365b6dee1a1b61d1f829d44d

  • SHA512

    256c65bf9578f3350d8a55f252028b9d284e137d6104cc64674849e356febe768987af1b21ab1209d673d8a4a7ca6b2cfac2446906efe91905800fb1848ca545

Score
4/10
evasion

Malware Config

Signatures

  • Resource Forking 1 TTPs 5 IoCs

    Adversaries may abuse resource forks to hide malicious code or executables to evade detection and bypass security applications. A resource fork provides applications a structured way to store resources such as thumbnail images, menu definitions, icons, dialog boxes, and code.

    evasion

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/resources/web/guide/swiper/angular/esm2015/swiper_angular.js\""
    1⤵
      PID:509
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/resources/web/guide/swiper/angular/esm2015/swiper_angular.js\""
      1⤵
        PID:509
      • /usr/bin/sudo
        sudo /bin/zsh -c /Users/run/resources/web/guide/swiper/angular/esm2015/swiper_angular.js
        1⤵
          PID:509
          • /bin/zsh
            /bin/zsh -c /Users/run/resources/web/guide/swiper/angular/esm2015/swiper_angular.js
            2⤵
              PID:510
            • /Users/run/resources/web/guide/swiper/angular/esm2015/swiper_angular.js
              /Users/run/resources/web/guide/swiper/angular/esm2015/swiper_angular.js
              2⤵
                PID:510
              • /bin/sh
                sh /Users/run/resources/web/guide/swiper/angular/esm2015/swiper_angular.js
                2⤵
                  PID:510
                • /bin/bash
                  sh /Users/run/resources/web/guide/swiper/angular/esm2015/swiper_angular.js
                  2⤵
                    PID:510
                    • /Applications
                      /Applications /Library /System /Users /Volumes /bin /cores /dev /etc /home /opt /private /sbin /tmp /usr /var
                      3⤵
                        PID:511
                      • Applications/
                        Applications/ Library/ System/ Users/ Volumes/ bin/ cores/ dev/ etc/ home/ opt/ private/ sbin/ tmp/ usr/ var/
                        3⤵
                          PID:513
                        • //#
                          "//#" "sourceMappingURL=data:application/json"
                          3⤵
                            PID:514
                      • /usr/libexec/xpcproxy
                        xpcproxy com.apple.corespotlightservice.725FD30A-6064-6C02-CC51-5DDB8891B57E
                        1⤵
                          PID:619
                        • /System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
                          /System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
                          1⤵
                            PID:619

                          Network

                          MITRE ATT&CK Enterprise v15

                          Replay Monitor

                          Loading Replay Monitor...

                          Downloads