3341abf6dbefb8aec171f3766a4a23f323ff207e1b031946ee4dbe6dbb2d45a4 | Triage

Submit
Reports

Overview

overview

8

Static

static

3

Ana.zip

windows7-x64

Ana.zip

windows10-2004-x64

Ana.zip

windows11-21h2-x64

1

Ana.zip

macos-10.15-amd64

4

Ana.zip

ubuntu-20.04-amd64

[email protected]

windows7-x64

8

[email protected]

windows10-2004-x64

[email protected]

windows11-21h2-x64

[email protected]

macos-10.15-amd64

1

[email protected]

ubuntu-20.04-amd64

Analysis

max time kernel
354s
max time network
389s
platform
macos-10.15_amd64
resource
macos-20240410-en
resource tags

arch:amd64arch:i386image:macos-20240410-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
submitted
04/05/2024, 16:13

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Ana.zip

Resource

win7-20240221-en

windows7-x64

8 signatures

1800 seconds

Behavioral task

behavioral2

Sample

Ana.zip

Resource

win10v2004-20240419-en

discovery evasion trojan upx

windows10-2004-x64

17 signatures

1800 seconds

Behavioral task

behavioral3

Sample

Ana.zip

Resource

win11-20240426-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral4

Sample

Ana.zip

Resource

macos-20240410-en

macos-10.15-amd64

1 signatures

1800 seconds

Behavioral task

behavioral5

Sample

Ana.zip

Resource

ubuntu2004-amd64-20240418-en

ubuntu-20.04-amd64

0 signatures

1800 seconds

Behavioral task

behavioral6

Sample

[email protected]

Resource

win7-20240215-en

bootkit discovery evasion persistence trojan upx

windows7-x64

21 signatures

1800 seconds

Behavioral task

behavioral7

Sample

[email protected]

Resource

win10v2004-20240426-en

bootkit discovery evasion persistence trojan upx

windows10-2004-x64

16 signatures

1800 seconds

Behavioral task

behavioral8

Sample

[email protected]

Resource

win11-20240419-en

bootkit discovery evasion persistence trojan upx

windows11-21h2-x64

16 signatures

1800 seconds

Behavioral task

behavioral9

Sample

[email protected]

Resource

macos-20240410-en

macos-10.15-amd64

0 signatures

1800 seconds

Behavioral task

behavioral10

Sample

[email protected]

Resource

ubuntu2004-amd64-20240221-en

ubuntu-20.04-amd64

0 signatures

1800 seconds

Report Analysis Logs

General

Target

[email protected]
Size

2.1MB
MD5

f571faca510bffe809c76c1828d44523
SHA1

7a3ca1660f0a513316b8cd5496ac7dbe82f0e0c2
SHA256

117d7af0deb40b3fe532bb6cbe374884fa55ed7cfe053fe698720cdccb5a59cb
SHA512

a08bca2fb1387cc70b737520d566c7117aa3fdb9a52f5dbb0bb7be44630da7977882d8c808cbee843c8a180777b4ac5819e8bafda6b2c883e380dc7fb5358a51
SSDEEP

49152:OwVYlfBUDiZx8Fa/Q0NuB3btlnCItWNSwoy:OxPUDQmso0NuBZlnCItM

Score

1^/10

Malware Config

Signatures

Processes

/bin/sh
sh -c "sudo /bin/zsh -c \"/Users/run/[email protected]\""
1⤵
PID:485

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/[email protected]\""
1⤵
PID:485

/usr/bin/sudo
sudo /bin/zsh -c "/Users/run/[email protected]"
1⤵
PID:485
- /bin/zsh
  /bin/zsh -c "/Users/run/[email protected]"
  2⤵
  PID:486
- /Users/run/[email protected]
  "/Users/run/[email protected]"
  2⤵
  PID:486

/usr/libexec/xpcproxy
xpcproxy com.apple.corespotlightservice.725FD30A-6064-6C02-CC51-5DDB8891B57E
1⤵
PID:525

/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
1⤵
PID:525

/usr/libexec/xpcproxy
xpcproxy com.apple.spindump
1⤵
PID:533

/usr/sbin/spindump
/usr/sbin/spindump
1⤵
PID:533

/usr/libexec/xpcproxy
xpcproxy com.apple.diagnosticd
1⤵
PID:534

/usr/libexec/diagnosticd
/usr/libexec/diagnosticd
1⤵
PID:534

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy