Analysis

  • max time kernel
    110s
  • max time network
    120s
  • platform
    macos-10.15_amd64
  • resource
    macos-20240410-en
  • resource tags

    arch:amd64arch:i386image:macos-20240410-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    11-05-2024 04:19

General

  • Target

    NetShred X 6.0.2/NetShred X.app/Contents/Resources/libConfigurer64.dylib

  • Size

    522KB

  • MD5

    eec4cd5b3a8cc48d56481e8ca99a3649

  • SHA1

    c3a0f887e449222c22447d42ebc6b7bd5e8e9fe1

  • SHA256

    eeb31488d53fefd4856f5b3e63b1f35f13365c11e7f74185e07416c1f0f923f1

  • SHA512

    1650f3ce2ac9e22bdcb7830884d3270f5745de80900556758319d4a8ca964f6905a98785cb832a1d10b842ae03bd80bd5d10e0c89b1d9d158c25e7b01f33e5ea

  • SSDEEP

    6144:qvefUORvfLhnBZ4M9YFexs2clDxF2sU8fU8eU87U8eU8kU8PTWE0XM:qvefUORLxf4M9gexs2clD7X

Score
4/10

Malware Config

Signatures

  • Resource Forking 1 TTPs 4 IoCs

    Adversaries may abuse resource forks to hide malicious code or executables to evade detection and bypass security applications. A resource fork provides applications a structured way to store resources such as thumbnail images, menu definitions, icons, dialog boxes, and code.

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/NetShred X 6.0.2/NetShred X.app/Contents/Resources/libConfigurer64.dylib\""
    1⤵
      PID:487
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/NetShred X 6.0.2/NetShred X.app/Contents/Resources/libConfigurer64.dylib\""
      1⤵
        PID:487
      • /usr/bin/sudo
        sudo /bin/zsh -c "/Users/run/NetShred X 6.0.2/NetShred X.app/Contents/Resources/libConfigurer64.dylib"
        1⤵
          PID:487
          • /bin/zsh
            /bin/zsh -c "/Users/run/NetShred X 6.0.2/NetShred X.app/Contents/Resources/libConfigurer64.dylib"
            2⤵
              PID:489
            • /Users/run/NetShred
              /Users/run/NetShred X 6.0.2/NetShred X.app/Contents/Resources/libConfigurer64.dylib
              2⤵
                PID:489

            Network

            MITRE ATT&CK Matrix ATT&CK v13

            Defense Evasion

            Hide Artifacts

            1
            T1564

            Resource Forking

            1
            T1564.009

            Replay Monitor

            Loading Replay Monitor...

            Downloads