Overview

overview

4

Static

static

1

Discord.dmg

macos-10.15-amd64

1

Discord/.ds_store

macos-10.15-amd64

4

Discord/.V...n.icns

macos-10.15-amd64

1

Discord/.b...d.tiff

macos-10.15-amd64

1

Discord/Di...ources

macos-10.15-amd64

Discord/Di...fo.xml

macos-10.15-amd64

4

Discord/Di...iscord

macos-10.15-amd64

1

Discord/Di...kgInfo

macos-10.15-amd64

1

Discord/Di...app.js

macos-10.15-amd64

4

Discord/Di...t.json

macos-10.15-amd64

4

Discord/Di...o.json

macos-10.15-amd64

Discord/Di...n.icns

macos-10.15-amd64

4

Discord/Di...es.xml

macos-10.15-amd64

4

Discord/Di...rofile

macos-10.15-amd64

1

Analysis

  • max time kernel
    131s
  • max time network
    200s
  • platform
    macos-10.15_amd64
  • resource
    macos-20240410-en
  • resource tags

    arch:amd64arch:i386image:macos-20240410-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    14/05/2024, 20:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Discord.dmg

  • Size

    170.7MB

  • MD5

    b2733691e7b9e24891f7d38502d4c01b

  • SHA1

    793c103986a67b0677c22c7b8734b52286845c8e

  • SHA256

    5042acc1e52fb55297643add218ba8dc53d23eb9d8dc40888a59ed06cf59ac65

  • SHA512

    6f8ca49bcfe3c02bfe4654be1c237bd171f2c45624a17557ac473580caa38a0133182da458266432a7a3334240ab265f3eb996e0ff3785e18fc3793c2581e902

  • SSDEEP

    3145728:msOBr+OPRgrGnW18fLPP3+3IwDYxLoXIvsoiY6qPyI96GIfLWOZMr/Llnx9cR9lj:OBCOGQWyn+3IwUxvUPUf9YfSXRTcfk/g

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"open /Volumes/Discord/Discord.app\""
    1⤵
      PID:566
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"open /Volumes/Discord/Discord.app\""
      1⤵
        PID:566
      • /usr/bin/sudo
        sudo /bin/zsh -c "open /Volumes/Discord/Discord.app"
        1⤵
          PID:566
          • /bin/zsh
            /bin/zsh -c "open /Volumes/Discord/Discord.app"
            2⤵
              PID:567
            • /usr/bin/open
              open /Volumes/Discord/Discord.app
              2⤵
                PID:567
            • /usr/libexec/xpcproxy
              xpcproxy com.apple.nehelper
              1⤵
                PID:568
              • /usr/libexec/nehelper
                /usr/libexec/nehelper
                1⤵
                  PID:568
                • /usr/libexec/xpcproxy
                  xpcproxy com.hnc.Discord.2300
                  1⤵
                    PID:569
                  • /Volumes/Discord/Discord.app/Contents/MacOS/Discord
                    /Volumes/Discord/Discord.app/Contents/MacOS/Discord
                    1⤵
                      PID:569
                    • /usr/libexec/xpcproxy
                      xpcproxy com.apple.pbs
                      1⤵
                        PID:573
                      • /System/Library/CoreServices/pbs
                        /System/Library/CoreServices/pbs
                        1⤵
                          PID:573
                        • /usr/libexec/xpcproxy
                          xpcproxy com.apple.GameController.gamecontrollerd
                          1⤵
                            PID:578
                          • /usr/libexec/gamecontrollerd
                            /usr/libexec/gamecontrollerd
                            1⤵
                              PID:578
                            • /usr/libexec/xpcproxy
                              xpcproxy com.apple.spindump
                              1⤵
                                PID:581
                              • /usr/sbin/spindump
                                /usr/sbin/spindump
                                1⤵
                                  PID:581
                                • /usr/libexec/xpcproxy
                                  xpcproxy com.apple.tailspind
                                  1⤵
                                    PID:582
                                  • /usr/libexec/xpcproxy
                                    xpcproxy com.apple.spindump_agent
                                    1⤵
                                      PID:583
                                    • /usr/libexec/tailspind
                                      /usr/libexec/tailspind
                                      1⤵
                                        PID:582
                                      • /usr/libexec/spindump_agent
                                        /usr/libexec/spindump_agent
                                        1⤵
                                          PID:583

                                        Network

                                        MITRE ATT&CK Matrix

                                        Replay Monitor

                                        Loading Replay Monitor...

                                        Downloads

                                        • /Library/Preferences/com.apple.networkextension.uuidcache.plist
                                          Filesize

                                          42B

                                          MD5

                                          ce7f5b3d4bfc7b4b0da6a06dccc515f2

                                          SHA1

                                          ce657a52a052a3aaf534ecfbf7cbdde4ee334c10

                                          SHA256

                                          9261ecceda608ef174256e5fdc774c1e6e3dcf533409c1bc393d490d01c713f1

                                          SHA512

                                          db9de6afa0e14c347aa0988a985b8a453ef133a2413c03bae0fab48bda34d4f9a488db104837a386bb65c393e8f11b1ed4856b211c1c186423649c147d6aabfb

                                          Download Submit