Overview

overview

4

Static

static

1

6b03d8484a...kes118

macos-10.15-amd64

1

ProntoInst...taller

macos-10.15-amd64

4

ProntoInst...ntoApp

macos-10.15-amd64

4

ProntoInst.../unrar

macos-10.15-amd64

4

Analysis

  • max time kernel
    137s
  • max time network
    148s
  • platform
    macos-10.15_amd64
  • resource
    macos-20240410-en
  • resource tags

    arch:amd64arch:i386image:macos-20240410-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    23/05/2024, 12:59 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6b03d8484a7cb56222b198cfef89c4a0_JaffaCakes118

  • Size

    962KB

  • MD5

    6b03d8484a7cb56222b198cfef89c4a0

  • SHA1

    d3fc83314fa833e6bab946a2d379e58a21a69048

  • SHA256

    82b79384462dcb99be25284fd88a55a69f83b029e0854fc6f04bae5a6262d4cb

  • SHA512

    4c50b52a2d3d6668de98b388751f6e6bcdc861d2598e3a1fb34b20cb94bd26f4e22931688a1d64576c10904cfb5b3320bb225ff06fb603d979bef895d617cc13

  • SSDEEP

    24576:wn4sL34IarE/d2lT8eM2qolxcQnN4H0BpMsMFWW1MB0sCD:wn4sLjAGI8l2qol9N4HqpM5tU0D

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/6b03d8484a7cb56222b198cfef89c4a0_JaffaCakes118\""
    1⤵
      PID:484
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/6b03d8484a7cb56222b198cfef89c4a0_JaffaCakes118\""
      1⤵
        PID:484
      • /usr/bin/sudo
        sudo /bin/zsh -c /Users/run/6b03d8484a7cb56222b198cfef89c4a0_JaffaCakes118
        1⤵
          PID:484
          • /bin/zsh
            /bin/zsh -c /Users/run/6b03d8484a7cb56222b198cfef89c4a0_JaffaCakes118
            2⤵
              PID:488
            • /Users/run/6b03d8484a7cb56222b198cfef89c4a0_JaffaCakes118
              /Users/run/6b03d8484a7cb56222b198cfef89c4a0_JaffaCakes118
              2⤵
                PID:488
            • /usr/bin/pluginkit
              /usr/bin/pluginkit -e ignore -i com.microsoft.OneDrive.FinderSync
              1⤵
                PID:489
              • /usr/sbin/spctl
                /usr/sbin/spctl --assess --type execute /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/OneDriveUpdater0BF23177/OneDrive.app
                1⤵
                  PID:490
                • /usr/sbin/spctl
                  /usr/sbin/spctl --assess --type execute /Applications/OneDrive.app
                  1⤵
                    PID:528

                  Network

                  • flag-us
                    DNS
                    mobile.events.data.trafficmanager.net
                    Remote address:
                    8.8.8.8:53
                    Request
                    mobile.events.data.trafficmanager.net
                    IN A
                    Response
                    mobile.events.data.trafficmanager.net
                    IN CNAME
                    onedscolprdcus16.centralus.cloudapp.azure.com
                    onedscolprdcus16.centralus.cloudapp.azure.com
                    IN A
                    52.182.143.213
                  • flag-us
                    DNS
                    api.apple-cloudkit.fe2.apple-dns.net
                    Remote address:
                    8.8.8.8:53
                    Request
                    api.apple-cloudkit.fe2.apple-dns.net
                    IN A
                    Response
                    api.apple-cloudkit.fe2.apple-dns.net
                    IN A
                    17.250.81.68
                    api.apple-cloudkit.fe2.apple-dns.net
                    IN A
                    17.250.81.70
                    api.apple-cloudkit.fe2.apple-dns.net
                    IN A
                    17.250.81.66
                    api.apple-cloudkit.fe2.apple-dns.net
                    IN A
                    17.250.81.64
                  • flag-us
                    DNS
                    bag-cdn-lb.itunes-apple.com.akadns.net
                    Remote address:
                    8.8.8.8:53
                    Request
                    bag-cdn-lb.itunes-apple.com.akadns.net
                    IN A
                    Response
                    bag-cdn-lb.itunes-apple.com.akadns.net
                    IN CNAME
                    h3.apis.apple.map.fastly.net
                    h3.apis.apple.map.fastly.net
                    IN A
                    151.101.3.6
                    h3.apis.apple.map.fastly.net
                    IN A
                    151.101.67.6
                    h3.apis.apple.map.fastly.net
                    IN A
                    151.101.131.6
                    h3.apis.apple.map.fastly.net
                    IN A
                    151.101.195.6
                  • 151.101.67.6:443
                    tls, https
                    91 B
                     40 B
                     1
                    1
                  • 20.42.73.27:443
                    mobile.pipe.aria.microsoft.com
                    tls
                    10.6kB
                     8.4kB
                     31
                    25
                  • 8.8.8.8:53
                    mobile.events.data.trafficmanager.net
                    dns
                    83 B
                     158 B
                     1
                    1

                    DNS Request

                    mobile.events.data.trafficmanager.net

                    DNS Response

                    52.182.143.213

                  • 8.8.8.8:53
                    api.apple-cloudkit.fe2.apple-dns.net
                    dns
                    82 B
                     146 B
                     1
                    1

                    DNS Request

                    api.apple-cloudkit.fe2.apple-dns.net

                    DNS Response

                    17.250.81.68
                    17.250.81.70
                    17.250.81.66
                    17.250.81.64

                  • 8.8.8.8:53
                    bag-cdn-lb.itunes-apple.com.akadns.net
                    dns
                    84 B
                     187 B
                     1
                    1

                    DNS Request

                    bag-cdn-lb.itunes-apple.com.akadns.net

                    DNS Response

                    151.101.3.6
                    151.101.67.6
                    151.101.131.6
                    151.101.195.6

                  • 224.0.0.251:5353
                    332 B
                     1

                  MITRE ATT&CK Matrix

                  Replay Monitor

                  Loading Replay Monitor...

                  Downloads

                  We care about your privacy.

                  This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.