Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

1

6b03d8484a...kes118

macos-10.15-amd64

1

ProntoInst...taller

macos-10.15-amd64

4

ProntoInst...ntoApp

macos-10.15-amd64

4

ProntoInst.../unrar

macos-10.15-amd64

4

Analysis

  • max time kernel
    137s
  • max time network
    148s
  • platform
    macos-10.15_amd64
  • resource
    macos-20240410-en
  • resource tags

    arch:amd64arch:i386image:macos-20240410-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    23/05/2024, 12:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6b03d8484a7cb56222b198cfef89c4a0_JaffaCakes118

  • Size

    962KB

  • MD5

    6b03d8484a7cb56222b198cfef89c4a0

  • SHA1

    d3fc83314fa833e6bab946a2d379e58a21a69048

  • SHA256

    82b79384462dcb99be25284fd88a55a69f83b029e0854fc6f04bae5a6262d4cb

  • SHA512

    4c50b52a2d3d6668de98b388751f6e6bcdc861d2598e3a1fb34b20cb94bd26f4e22931688a1d64576c10904cfb5b3320bb225ff06fb603d979bef895d617cc13

  • SSDEEP

    24576:wn4sL34IarE/d2lT8eM2qolxcQnN4H0BpMsMFWW1MB0sCD:wn4sLjAGI8l2qol9N4HqpM5tU0D

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/6b03d8484a7cb56222b198cfef89c4a0_JaffaCakes118\""
    1⤵
      PID:484
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/6b03d8484a7cb56222b198cfef89c4a0_JaffaCakes118\""
      1⤵
        PID:484
      • /usr/bin/sudo
        sudo /bin/zsh -c /Users/run/6b03d8484a7cb56222b198cfef89c4a0_JaffaCakes118
        1⤵
          PID:484
          • /bin/zsh
            /bin/zsh -c /Users/run/6b03d8484a7cb56222b198cfef89c4a0_JaffaCakes118
            2⤵
              PID:488
            • /Users/run/6b03d8484a7cb56222b198cfef89c4a0_JaffaCakes118
              /Users/run/6b03d8484a7cb56222b198cfef89c4a0_JaffaCakes118
              2⤵
                PID:488
            • /usr/bin/pluginkit
              /usr/bin/pluginkit -e ignore -i com.microsoft.OneDrive.FinderSync
              1⤵
                PID:489
              • /usr/sbin/spctl
                /usr/sbin/spctl --assess --type execute /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/OneDriveUpdater0BF23177/OneDrive.app
                1⤵
                  PID:490
                • /usr/sbin/spctl
                  /usr/sbin/spctl --assess --type execute /Applications/OneDrive.app
                  1⤵
                    PID:528

                  Network

                  MITRE ATT&CK Matrix

                  Replay Monitor

                  Loading Replay Monitor...

                  Downloads