07266653b14ff50a02d0be770e90e102d766cede26e92bd43eb61255c5931fca

General

Target

Moon Predictor V2 (1).exe
Size

14.2MB
MD5

11afed49123fd774af33550dae13777a
SHA1

f02c2409c589f76a1639cef002dda5f7f538e98d
SHA256

07266653b14ff50a02d0be770e90e102d766cede26e92bd43eb61255c5931fca
SHA512

303d1eae5e242b0c831bf235705e57d0cb92c65387d7fe7279da364100f402c2212f48972cb6dbb64c951c704ebbd7af2081164bc8884b79064d2ba15e16fd55
SSDEEP

393216:Hu7L/qdQusl7Q+q9RoWOv+9fav+NNxDnDz:HCLydQu2QdborvSiv+DxDD

Score

1^/10

Malware Config

Signatures

/bin/sh
sh -c "sudo /bin/zsh -c \"/Users/run/Moon Predictor V2 (1).exe\""
1⤵
PID:485

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/Moon Predictor V2 (1).exe\""
1⤵
PID:485

/usr/bin/sudo
sudo /bin/zsh -c "/Users/run/Moon Predictor V2 (1).exe"
1⤵
PID:485
- /bin/zsh
  /bin/zsh -c "/Users/run/Moon Predictor V2 (1).exe"
  2⤵
  PID:486

/usr/libexec/xpcproxy
xpcproxy com.apple.Safari.2028
1⤵
PID:519

/Applications/Safari.app/Contents/MacOS/Safari
/Applications/Safari.app/Contents/MacOS/Safari
1⤵
PID:519

/usr/libexec/xpcproxy
xpcproxy com.apple.Safari.History
1⤵
PID:520

/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History
/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History
1⤵
PID:520

/usr/libexec/xpcproxy
xpcproxy com.apple.WebKit.WebContent.9A96A0DC-5E65-48CC-AD69-518F7307AB72 519
1⤵
PID:521

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
1⤵
PID:521

/usr/libexec/xpcproxy
xpcproxy com.apple.SafariLaunchAgent
1⤵
PID:527

/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent
/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent
1⤵
PID:527

/usr/libexec/xpcproxy
xpcproxy com.apple.WebKit.WebContent.7553BF86-AFC1-4592-945F-D9B285A136D5 519
1⤵
PID:528

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
1⤵
PID:528

/usr/libexec/xpcproxy
xpcproxy com.apple.Safari.SearchHelper 519
1⤵
PID:529

/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.SearchHelper.xpc/Contents/MacOS/com.apple.Safari.SearchHelper
/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.SearchHelper.xpc/Contents/MacOS/com.apple.Safari.SearchHelper
1⤵
PID:529

/usr/bin/bzip2
/usr/bin/bzip2 -f /var/log/wifi.log.0
1⤵
PID:530

/usr/libexec/xpcproxy
xpcproxy com.apple.Safari.SafeBrowsing.Service
1⤵
PID:531

/System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service
/System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service
1⤵
PID:531

/usr/libexec/xpcproxy
xpcproxy com.apple.accessibility.mediaaccessibilityd
1⤵
PID:532

/System/Library/Frameworks/MediaAccessibility.framework/Versions/A/XPCServices/com.apple.accessibility.mediaaccessibilityd.xpc/Contents/MacOS/com.apple.accessibility.mediaaccessibilityd
/System/Library/Frameworks/MediaAccessibility.framework/Versions/A/XPCServices/com.apple.accessibility.mediaaccessibilityd.xpc/Contents/MacOS/com.apple.accessibility.mediaaccessibilityd
1⤵
PID:532

/usr/libexec/xpcproxy
xpcproxy com.apple.coremedia.videodecoder 528
1⤵
PID:533

/System/Library/Frameworks/VideoToolbox.framework/Versions/A/XPCServices/VTDecoderXPCService.xpc/Contents/MacOS/VTDecoderXPCService
/System/Library/Frameworks/VideoToolbox.framework/Versions/A/XPCServices/VTDecoderXPCService.xpc/Contents/MacOS/VTDecoderXPCService
1⤵
PID:533

/usr/libexec/xpcproxy
xpcproxy com.apple.WebKit.WebContent.2BB7B7D2-9A29-498B-8994-C0B003AFA696 519
1⤵
PID:534

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
1⤵
PID:534

/usr/libexec/xpcproxy
xpcproxy com.apple.WebKit.WebContent.A37A06E6-0BCE-4DB1-859F-3AAF7DCA1BBA 519
1⤵
PID:535

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
1⤵
PID:535

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/Users/run/Library/Safari/Favicon Cache/favicons/816362E28D47323783CFC5F77FFBD354

Filesize
5KB

MD5
fbdcc92883587f7a5796784e771b2644

SHA1
7f149b1eb036c2de77e9f5d88166e98d6ccf6cb4

SHA256
aaa3dee76ef9db79aa640a6ce556c041b674ad5d3b59d22d8b4da195c4f24971

SHA512
aa236baabb5b48cb47135f577ef285118519827f4de9461e335d6dc3a03a10641242810ac9bee24828a70503bb19a604557ca65ebeca7b72fa62e790fc760018

Download Submit
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/malware,osx,url_expression

Filesize
220KB

MD5
00e2bd304dea5d587586e2e063a18ac4

SHA1
a9869c2afc4ee3d91a818a14200d5d42689838cd

SHA256
0b20e9ae656d62e2da1d5cc9fd87521ad628d77080c8ac0de20f59bff1f22000

SHA512
781f27127464cafb67c5bc1aca7fe0622c8662400e423b4413e83ad459328a92aa975cc567e94c52eb67b0c1b842a2c6ee226a7a245cc8ac80a1750c398a0d0c

Download Submit
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/social_engineering,osx,url_expression

Filesize
21.9MB

MD5
62aa90f2d60c1011ea38eb18564ac3ed

SHA1
ca28a679d2e759e0041783cca04b525797b2bd63

SHA256
a0432d344eacd309b31e1f27831af60ea1ec892dab08ecf870a5f3a78a9d3fa1

SHA512
72fc912691685967f996933eb10b01a3ba247e01c11ea57f701df206bceadcafdc7b66f9301e21dbe666c1c07afad2448a317dd758025dc2f34dff5ea00341c9

Download Submit
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/unwanted_software,osx,url_expression

Filesize
127KB

MD5
3fe967a29e4162e3e1bdfc832799261c

SHA1
bad0689eea82443dc194bd3127f9db38bed59fb5

SHA256
9dae8339d6f818b9701a7eed71cb2fecfe87d066bee1952ef0266d63a5068aa6

SHA512
6ba95e785ea3c5059004c91c90d70f96762c483cf443e757f29b5950ccc32247a6fdedf0bd7a0712027d04a9a8dec8412a7e7a279ce8fc0d4f9fb797b971022c

Download Submit
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari//mds/mdsDirectory.db

Filesize
47KB

MD5
0e4a0d1ceb2af6f0f8d0167ce77be2d3

SHA1
414ba4c1dc5fc8bf53d550e296fd6f5ad669918c

SHA256
cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030

SHA512
1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

Download Submit
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari//mds/mdsObject.db

Filesize
4KB

MD5
d3a1859e6ec593505cc882e6def48fc8

SHA1
f8e6728e3e9de477a75706faa95cead9ce13cb32

SHA256
3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c

SHA512
ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads