2e1e3f75fdb08c26e41d7870db6ffea5b89b39100899fe609b3c1d0d018c87d3 | Triage

Submit
Reports

Overview

overview

4

Static

static

3

d(41).zip

windows7-x64

1

d(41).zip

windows10-2004-x64

1

d(41)/d_eu_(6).zip

windows7-x64

1

d(41)/d_eu_(6).zip

windows10-2004-x64

1

d_freebsd_arm

debian-12-armhf

1

d_freebsd_x32

ubuntu-18.04-amd64

1

d_freebsd_x64

ubuntu-18.04-amd64

1

d_lin_arm

debian-9-armhf

3

d_lin_x32

ubuntu-18.04-amd64

3

d_lin_x64

ubuntu-20.04-amd64

1

d_mac_arm64

macos-10.15-amd64

1

d_mac_x64

macos-10.15-amd64

1

d_win_arm64.exe

windows7-x64

d_win_arm64.exe

windows10-2004-x64

d_win_x32.exe

windows7-x64

1

d_win_x32.exe

windows10-2004-x64

1

d_win_x64.exe

windows7-x64

1

d_win_x64.exe

windows10-2004-x64

1

d(41)/d_ru_(6).zip

windows7-x64

1

d(41)/d_ru_(6).zip

windows10-2004-x64

1

d_freebsd_arm_ru

debian-12-armhf

1

d_freebsd_x32_ru

ubuntu-18.04-amd64

1

d_freebsd_x64_ru

ubuntu-18.04-amd64

1

d_lin_arm_ru

debian-9-armhf

3

d_lin_x32_ru

ubuntu-20.04-amd64

3

d_lin_x64_ru

ubuntu-20.04-amd64

1

d_mac_arm64_ru

macos-10.15-amd64

4

d_mac_x64_ru

macos-10.15-amd64

4

d_win_arm64_ru.exe

windows7-x64

d_win_arm64_ru.exe

windows10-2004-x64

d_win_x32_ru.exe

windows7-x64

1

d_win_x32_ru.exe

windows10-2004-x64

1

Resubmissions

14-06-2024 14:23

240614-rqapesxhrn 3

17-04-2024 09:42

240417-lpnl1abc26 4

Analysis

max time kernel
123s
max time network
143s
platform
macos-10.15_amd64
resource
macos-20240410-en
resource tags

arch:amd64arch:i386image:macos-20240410-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
submitted
17-04-2024 09:42

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

d(41).zip

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

d(41).zip

Resource

win10v2004-20240412-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

d(41)/d_eu_(6).zip

Resource

win7-20240215-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

d(41)/d_eu_(6).zip

Resource

win10v2004-20240412-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

d_freebsd_arm

Resource

debian12-armhf-20240221-en

debian-12-armhf

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

d_freebsd_x32

Resource

ubuntu1804-amd64-20240226-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

d_freebsd_x64

Resource

ubuntu1804-amd64-20240226-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

d_lin_arm

Resource

debian9-armhf-20240226-en

debian-9-armhf

2 signatures

150 seconds

Behavioral task

behavioral9

Sample

d_lin_x32

Resource

ubuntu1804-amd64-20240226-en

ubuntu-18.04-amd64

2 signatures

150 seconds

Behavioral task

behavioral10

Sample

d_lin_x64

Resource

ubuntu2004-amd64-20240221-en

ubuntu-20.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

d_mac_arm64

Resource

macos-20240410-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

d_mac_x64

Resource

macos-20240410-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

d_win_arm64.exe

Resource

win7-20231129-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

d_win_arm64.exe

Resource

win10v2004-20240412-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

d_win_x32.exe

Resource

win7-20240319-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral16

Sample

d_win_x32.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral17

Sample

d_win_x64.exe

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral18

Sample

d_win_x64.exe

Resource

win10v2004-20240412-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral19

Sample

d(41)/d_ru_(6).zip

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

d(41)/d_ru_(6).zip

Resource

win10v2004-20240412-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

d_freebsd_arm_ru

Resource

debian12-armhf-20240221-en

debian-12-armhf

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

d_freebsd_x32_ru

Resource

ubuntu1804-amd64-20240226-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

d_freebsd_x64_ru

Resource

ubuntu1804-amd64-20240226-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

d_lin_arm_ru

Resource

debian9-armhf-20240226-en

debian-9-armhf

2 signatures

150 seconds

Behavioral task

behavioral25

Sample

d_lin_x32_ru

Resource

ubuntu2004-amd64-20240221-en

ubuntu-20.04-amd64

2 signatures

150 seconds

Behavioral task

behavioral26

Sample

d_lin_x64_ru

Resource

ubuntu2004-amd64-20240221-en

ubuntu-20.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

d_mac_arm64_ru

Resource

macos-20240410-en

macos-10.15-amd64

1 signatures

150 seconds

Behavioral task

behavioral28

Sample

d_mac_x64_ru

Resource

macos-20240410-en

macos-10.15-amd64

1 signatures

150 seconds

Behavioral task

behavioral29

Sample

d_win_arm64_ru.exe

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

d_win_arm64_ru.exe

Resource

win10v2004-20240412-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

d_win_x32_ru.exe

Resource

win7-20231129-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral32

Sample

d_win_x32_ru.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

d_mac_x64
Size

18.8MB
MD5

0d5cac778ec1f9a1471e0d78742d3fe9
SHA1

311be0904207d069ac5cf139e067a46b39184608
SHA256

87cd40fbf9f363c212a8402cc8350f624fd6760799c013a0cdd301707a5bd083
SHA512

8018b630ad348cef3caed84dd87a6d14698ef7db6f6cb33e9a9638759585a8c62eff5540f819142a4b3d38f8597a86b92854e1156f927a0daf4755f91b9c2f7a
SSDEEP

196608:rRAc4Ayyglbj1si36hIVNEESkVYJAERf7sKJ:9Ac4JXbpsi362BSka7sKJ

Score

1^/10

Malware Config

Signatures

Processes

/bin/sh
sh -c "sudo /bin/zsh -c \"/Users/run/d_mac_x64\""
1⤵
PID:515

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/d_mac_x64\""
1⤵
PID:515

/usr/bin/sudo
sudo /bin/zsh -c /Users/run/d_mac_x64
1⤵
PID:515
- /bin/zsh
  /bin/zsh -c /Users/run/d_mac_x64
  2⤵
  PID:516
- /Users/run/d_mac_x64
  /Users/run/d_mac_x64
  2⤵
  PID:516

/usr/libexec/xpcproxy
xpcproxy com.apple.sysmond
1⤵
PID:517

/usr/libexec/sysmond
/usr/libexec/sysmond
1⤵
PID:517

/usr/sbin/spctl
/usr/sbin/spctl --assess --type execute /Applications/OneDrive.app
1⤵
PID:533

/usr/libexec/xpcproxy
xpcproxy com.apple.pbs
1⤵
PID:538

/System/Library/CoreServices/pbs
/System/Library/CoreServices/pbs
1⤵
PID:538

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy