Malware Analysis Report

2024-10-24 21:56

Sample ID 240606-lm2qvadd85
Target test.mp4
SHA256 ed870c6324279da44c768f819b9bb832d89f8e47806d0b9bd8ed5f02a9427f58
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

SHA256

ed870c6324279da44c768f819b9bb832d89f8e47806d0b9bd8ed5f02a9427f58

Threat Level: No (potentially) malicious behavior was detected

The file test.mp4 was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary

N/A

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-06 09:39

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-06 09:39

Reported

2024-06-06 11:24

Platform

macos-20240410-en

Max time kernel

377s

Max time network

1582s

Command Line

[sh -c sudo /bin/zsh -c "/Users/run/test.mp4"]

Signatures

N/A

Processes

/bin/sh

[sh -c sudo /bin/zsh -c "/Users/run/test.mp4"]

/bin/bash

[sh -c sudo /bin/zsh -c "/Users/run/test.mp4"]

/usr/bin/sudo

[sudo /bin/zsh -c /Users/run/test.mp4]

/bin/zsh

[/bin/zsh -c /Users/run/test.mp4]

/Users/run/test.mp4

[/Users/run/test.mp4]

/usr/libexec/xpcproxy

[xpcproxy com.apple.spindump]

/usr/sbin/spindump

[/usr/sbin/spindump]

/usr/libexec/xpcproxy

[xpcproxy com.apple.diagnosticd]

/usr/libexec/diagnosticd

[/usr/libexec/diagnosticd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.DiagnosticReportCleanup.plist]

Network

Country Destination Domain Proto
US 8.8.8.8:53 bag-cdn-lb.itunes-apple.com.akadns.net udp
N/A 224.0.0.251:5353 udp
IE 17.57.146.88:5223 tcp
US 8.8.8.8:53 33-courier.push.apple.com udp
GB 17.57.146.155:5223 33-courier.push.apple.com tcp
US 8.8.8.8:53 lb._dns-sd._udp.0.0.127.10.in-addr.arpa udp

Files

N/A