adecb476a78a5df9dd7f3434028390da7af4aa89d242666f8a2819a5823bbe0a | Triage

Submit
Reports

Overview

overview

1

Static

static

1

nytimes.html

macos-10.15-amd64

1

Analysis

max time kernel
21s
max time network
18s
platform
macos-10.15_amd64
resource
macos-20240410-en
resource tags

arch:amd64arch:i386image:macos-20240410-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
submitted
24/04/2024, 22:21

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

nytimes.html

Resource

macos-20240410-en

macos-10.15-amd64

0 signatures

150 seconds

Report Analysis Logs

General

Target

nytimes.html
Size

1.6MB
MD5

645e1446a5210fd7acc83ab8304e9cfe
SHA1

81a0745536c29518d3c84d11a4bffdb6249b7248
SHA256

adecb476a78a5df9dd7f3434028390da7af4aa89d242666f8a2819a5823bbe0a
SHA512

2c742c3290b7cd5ae51ad94f0c7bac3488e65caf98e24755aa9a908ee34188fd99e2d4c8b5c8634b794d009d67d2c430734afd7cd82c0145100468206f2e4b53
SSDEEP

12288:22uxdUCvCRV6ys5ou5Zteeo6vPr3BazCNEAwkVKZwqUXRjRxijTxJCT0WUTVa5Vc:46

Score

1^/10

Malware Config

Signatures

Processes

/bin/sh
sh -c "sudo /bin/zsh -c \"/Users/run/nytimes.html\""
1⤵
PID:486

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/nytimes.html\""
1⤵
PID:486

/usr/bin/sudo
sudo /bin/zsh -c /Users/run/nytimes.html
1⤵
PID:486
- /bin/zsh
  /bin/zsh -c /Users/run/nytimes.html
  2⤵
  PID:488
- /Users/run/nytimes.html
  /Users/run/nytimes.html
  2⤵
  PID:488
- /bin/sh
  sh /Users/run/nytimes.html
  2⤵
  PID:488
- /bin/bash
  sh /Users/run/nytimes.html
  2⤵
  PID:488

/usr/bin/pluginkit
/usr/bin/pluginkit -e ignore -i com.microsoft.OneDrive.FinderSync
1⤵
PID:491

/usr/sbin/spctl
/usr/sbin/spctl --assess --type execute /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/OneDriveUpdater0BF23177/OneDrive.app
1⤵
PID:492

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy