Analysis Overview
SHA256
55009365b226f674f198eb002849bb575ac9c68ef5101d5fd92c55cc622e6a85
Threat Level: No (potentially) malicious behavior was detected
The file sample was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-06-10 21:55
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-10 21:55
Reported
2024-06-10 22:36
Platform
macos-20240410-en
Max time kernel
1439s
Max time network
1581s
Command Line
Signatures
Processes
/bin/sh
[sh -c sudo /bin/zsh -c "/Users/run/sample.html"]
/bin/bash
[sh -c sudo /bin/zsh -c "/Users/run/sample.html"]
/usr/bin/sudo
[sudo /bin/zsh -c /Users/run/sample.html]
/bin/zsh
[/bin/zsh -c /Users/run/sample.html]
/Users/run/sample.html
[/Users/run/sample.html]
/bin/sh
[sh /Users/run/sample.html]
/bin/bash
[sh /Users/run/sample.html]
/usr/libexec/xpcproxy
[xpcproxy com.apple.spindump]
/usr/sbin/spindump
[/usr/sbin/spindump]
/usr/libexec/xpcproxy
[xpcproxy com.apple.diagnosticd]
/usr/libexec/diagnosticd
[/usr/libexec/diagnosticd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.newsyslog]
/usr/sbin/newsyslog
[/usr/sbin/newsyslog]
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | bag-cdn-lb.itunes-apple.com.akadns.net | udp |
| N/A | 224.0.0.251:5353 | udp | |
| IE | 17.57.146.88:5223 | tcp | |
| US | 8.8.8.8:53 | 10-courier.push.apple.com | udp |
| GB | 17.57.146.8:5223 | 10-courier.push.apple.com | tcp |
| GB | 17.57.146.9:5223 | 10-courier.push.apple.com | tcp |
| US | 8.8.8.8:53 | lb._dns-sd._udp.0.0.127.10.in-addr.arpa | udp |