Resubmissions

06-06-2024 01:16

240606-bnacwade4t

Analysis

  • max time kernel
    1619s
  • max time network
    1583s
  • platform
    macos-10.15_amd64
  • resource
    macos-20240410-en
  • resource tags

    arch:amd64arch:i386image:macos-20240410-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    06-06-2024 01:16

General

  • Target

    breeze-icons.rcc

  • Size

    38.7MB

  • MD5

    9c8d6a0cf2c77dfe6989b63d0c0faf75

  • SHA1

    1a684d7b30fde4763d6d642942d01172aa314cc7

  • SHA256

    066315045696e158a6c990c39966104dc2a3ed800dc55c16e38282eee65175ef

  • SHA512

    9bbe614cd446ce7278bf6ae384fdc657d34c5bee8189821e7250cf65418028e10a6c14c99fd071951e578afb24985963a014785a91815ed4619477ef72fe9f32

  • SSDEEP

    49152:E4X+K+wlTZ3d47dJONBeneONBlRomvjv2vM81x4SwV6X0J4SwV6X084SwV6X0/oD:EIZtK7dFnZomvjv2vM81owN/occob6Yi

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/breeze-icons.rcc\""
    1⤵
      PID:483
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/breeze-icons.rcc\""
      1⤵
        PID:483
      • /usr/bin/sudo
        sudo /bin/zsh -c /Users/run/breeze-icons.rcc
        1⤵
          PID:483
          • /bin/zsh
            /bin/zsh -c /Users/run/breeze-icons.rcc
            2⤵
              PID:484
            • /Users/run/breeze-icons.rcc
              /Users/run/breeze-icons.rcc
              2⤵
                PID:484
            • /usr/sbin/spctl
              /usr/sbin/spctl --assess --type execute /Applications/OneDrive.app
              1⤵
                PID:525
              • /bin/launchctl
                /bin/launchctl kill SIGTERM system/com.microsoft.OneDriveUpdaterDaemon
                1⤵
                  PID:532
                • /bin/launchctl
                  /bin/launchctl kill SIGTERM system/com.microsoft.OneDriveStandaloneUpdaterDaemon
                  1⤵
                    PID:533
                  • /usr/libexec/xpcproxy
                    xpcproxy com.apple.corespotlightservice.725FD30A-6064-6C02-CC51-5DDB8891B57E
                    1⤵
                      PID:542
                    • /System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
                      /System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
                      1⤵
                        PID:542
                      • /usr/libexec/xpcproxy
                        xpcproxy com.apple.spindump
                        1⤵
                          PID:544
                        • /usr/sbin/spindump
                          /usr/sbin/spindump
                          1⤵
                            PID:544
                          • /usr/libexec/xpcproxy
                            xpcproxy com.apple.diagnosticd
                            1⤵
                              PID:545
                            • /usr/libexec/diagnosticd
                              /usr/libexec/diagnosticd
                              1⤵
                                PID:545
                              • /usr/libexec/xpcproxy
                                xpcproxy com.apple.newsyslog
                                1⤵
                                  PID:546
                                • /usr/sbin/newsyslog
                                  /usr/sbin/newsyslog
                                  1⤵
                                    PID:546

                                  Network

                                  MITRE ATT&CK Matrix

                                  Replay Monitor

                                  Loading Replay Monitor...

                                  Downloads