Analysis
-
max time kernel
149s -
max time network
119s -
platform
macos-10.15_amd64 -
resource
macos-20240410-en -
resource tags
arch:amd64arch:i386image:macos-20240410-enkernel:19b77alocale:en-usos:macos-10.15-amd64system -
submitted
06-06-2024 08:28
Static task
static1
Behavioral task
behavioral1
Sample
anydesk.dmg
Resource
macos-20240410-en
General
-
Target
anydesk.dmg
-
Size
14.0MB
-
MD5
83b6e2714e9abce1043f7c2879c9b010
-
SHA1
e205b810d4f8b6c651f4222714777e82aa920678
-
SHA256
9d3ddcea8fd39ea6da374fdcd77dae55dd5088238271f77f6eed6ef2f5a2e501
-
SHA512
1a41fb2c488a17d50254ba424cc278c9f617aa0d3505c6799341fa909763faba0dfeebc1da88d818a1c6656ebaa10ac405654a7567822a2d8c0a3c09e25df9cc
-
SSDEEP
393216:UNUingI7fU+XOg/y0rMBrWQxLFBaNwyfSkNP:69LBq0IdaNPKkNP
Malware Config
Signatures
Processes
-
/bin/shsh -c "sudo /bin/zsh -c \"open /Volumes/AnyDesk/AnyDesk.app\""1⤵PID:525
-
/bin/bashsh -c "sudo /bin/zsh -c \"open /Volumes/AnyDesk/AnyDesk.app\""1⤵PID:525
-
/usr/bin/sudosudo /bin/zsh -c "open /Volumes/AnyDesk/AnyDesk.app"1⤵PID:525
-
/bin/zsh/bin/zsh -c "open /Volumes/AnyDesk/AnyDesk.app"2⤵PID:526
-
/usr/bin/openopen /Volumes/AnyDesk/AnyDesk.app2⤵PID:526
-
/usr/libexec/xpcproxyxpcproxy com.philandro.anydesk.23001⤵PID:529
-
/Volumes/AnyDesk/AnyDesk.app/Contents/MacOS/AnyDesk/Volumes/AnyDesk/AnyDesk.app/Contents/MacOS/AnyDesk1⤵PID:529
-
/Volumes/AnyDesk/AnyDesk.app/Contents/MacOS/AnyDesk/Volumes/AnyDesk/AnyDesk.app/Contents/MacOS/AnyDesk --local-service1⤵PID:534
-
/usr/libexec/xpcproxyxpcproxy com.apple.spindump1⤵PID:535
-
/usr/sbin/spindump/usr/sbin/spindump1⤵PID:535
-
/usr/libexec/xpcproxyxpcproxy com.apple.spindump_agent1⤵PID:536
-
/usr/libexec/spindump_agent/usr/libexec/spindump_agent1⤵PID:536
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5aab63a8993a925ba700df6e3d5729c89
SHA1cbd87c43c426b9e3ece5ed5dbbf7f8e45054550f
SHA2560ddd73cdb4cb93385468511b2715f19562c90025b9bb706c3804dbdf174770bf
SHA512cfcc1fa6ba402e130281e5a9ecbcf7727d3c9f316efea547532a0592b46bc20f8254228e4ba438add8d3e1a65a14df02d87b19eab181c1e00fb26a1865fbc0a1
-
Filesize
1KB
MD5142592bc2e75d56ffbe9c73a17ac57fe
SHA183af2c0ffb6214414ab2ef91ae79f39d3f021cb3
SHA25635a4fea4406c90a63f2618ef11228821a53868656e3521003924913447c03f17
SHA512a1d49baf33d14dff7b8f964cefaed7adf04afda6128e236552cf5bdb5650be8f949fac8c63a26309766c9a7fa143c4d308c5ba850a037007c18f0b4ea16b5900
-
Filesize
2KB
MD577ca3136a9a2de26460f391353b042b5
SHA1bb1a6236ea20fc252d2ff84696d55f2997c0035d
SHA25617987288fb634610af98c1017d71350979e776400f26214b6ea40d49ba7e9960
SHA512719158fed3155122ad20e5d424d9181f0af5beff2a29db17d29e3a07213549e4b54a52a964ed5a1f93a09b72932074f0152c9328ba2e731f3920a69f476f7acb
-
Filesize
424B
MD507d02a7f5fd420d5832965c8153bf2b6
SHA1e7a30ebfae9c9fc330966b9a5b72c1a2bae020ca
SHA2564203d2a6d8116a63d2886f3ca312bc0b0770865dda4eac94e6584760af234011
SHA512827f9c7aafdfd2772b2d5258d5c05448799033915005bdd89d5d43fe667c403c0efa53b4ad99e766ebcbff25433f95e6b9ec6ffaa7e7b6ecd0354d9165cae233
-
Filesize
312B
MD50c04ad1083dc5c7c45e3ee2cd344ae38
SHA1f1cf190f8ca93000e56d49732e9e827e2554c46f
SHA2566452273c017db7cbe0ffc5b109bbf3f8d3282fb91bfa3c5eabc4fb8f1fc98cb0
SHA5126c414b39bbc1f1f08446c6c6da6f6e1ceb9303bbf183ae279c872d91641ea8d67ec5e5c4e0824da3837eca73ec29fe70e92b72c09458c8ce50fa6f08791d1492
-
Filesize
367B
MD50c58d7fe30acaf56843aefd8dae4b8d9
SHA15716d0e004ffcc2aa8e0ea77e29fe49f8773bdfa
SHA25621c6e374d0ced9fb00be1e11e36e9d7e8ff797f07f8fb79ed59a67cd08107ec3
SHA5122f1192c7221e7df115d5b6ac0c852c57e9a79adef0d336f217262a9d01a1a36336c3323bc13b577aaa1e948eee9e16cefc774196446914616e00398d2d628d2a
-
Filesize
391B
MD5fa0d9340e1b47963165cabe2ee078f1c
SHA13410277cf9fa460f659f8f344bd9e8319f5a4f9e
SHA256c134df142a18c7b6dc968717a0c655ef0fb967a670e2c93dd7a94c7319055b04
SHA512cd4cf75dc61414005aa8252ada3f44dc2d7809743c3d549e8f9d6b8694474832f98e551715e9e74a3464dae036b5375ddde967900e5d9b53d9f587881e88c31f
-
MD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
Filesize
424B
MD5d29dfa09b39288138c6dbec73314de51
SHA167ae558f2d2aa020c9f598b8f0d8f0ff76af2db2
SHA256e42d771e3b956e96b4e40d0ff3e315bc54d7f98072353f75f7dffc8dea5a5048
SHA512e405f9ad57b30035201377844ba43a7d8d72ced7258c021856a86bef3acb12d6e6ae08029c65960575442c24243386714155531c6b7acc15705b04a7486090ef