Analysis

  • max time kernel
    138s
  • max time network
    148s
  • platform
    macos-10.15_amd64
  • resource
    macos-20240410-en
  • resource tags

    arch:amd64arch:i386image:macos-20240410-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    11-05-2024 04:19

General

  • Target

    NetShred X 6.0.2/NetShred X.app/Contents/Library/LoginItems/LaunchAtLoginHelperApp.app/Contents/MacOS/LaunchAtLoginHelperApp

  • Size

    132KB

  • MD5

    83015e129c5d6135adcd8652185c10d4

  • SHA1

    2c6924c88d547a68bede25b78e30d96c2aed6fd6

  • SHA256

    fe05e8f5a73f38ca413042c0b9122ff71865820da1c9c7e25bce0a53b9875b7c

  • SHA512

    b106071d925bc27a6af096a517d48134275f243e52cdf5da3b8c3df65a2404c1674612971c1a325b2e1513e05ea1ff32cbc1aad63d455c01bf258bbd43490b5e

  • SSDEEP

    768:QGqv78n1Q8iab8u7bZLTtexjSmpT8T9Aab8:QGqz8n1QDKD7bZwxpTk9AK

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/NetShred X 6.0.2/NetShred X.app/Contents/Library/LoginItems/LaunchAtLoginHelperApp.app/Contents/MacOS/LaunchAtLoginHelperApp\""
    1⤵
      PID:485
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/NetShred X 6.0.2/NetShred X.app/Contents/Library/LoginItems/LaunchAtLoginHelperApp.app/Contents/MacOS/LaunchAtLoginHelperApp\""
      1⤵
        PID:485
      • /usr/bin/sudo
        sudo /bin/zsh -c "/Users/run/NetShred X 6.0.2/NetShred X.app/Contents/Library/LoginItems/LaunchAtLoginHelperApp.app/Contents/MacOS/LaunchAtLoginHelperApp"
        1⤵
          PID:485
          • /bin/zsh
            /bin/zsh -c "/Users/run/NetShred X 6.0.2/NetShred X.app/Contents/Library/LoginItems/LaunchAtLoginHelperApp.app/Contents/MacOS/LaunchAtLoginHelperApp"
            2⤵
              PID:486
            • /Users/run/NetShred
              /Users/run/NetShred X 6.0.2/NetShred X.app/Contents/Library/LoginItems/LaunchAtLoginHelperApp.app/Contents/MacOS/LaunchAtLoginHelperApp
              2⤵
                PID:486
            • /usr/libexec/xpcproxy
              xpcproxy com.apple.corespotlightservice.725FD30A-6064-6C02-CC51-5DDB8891B57E
              1⤵
                PID:531
              • /System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
                /System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
                1⤵
                  PID:531

                Network

                MITRE ATT&CK Matrix

                Replay Monitor

                Loading Replay Monitor...

                Downloads