Analysis Overview
SHA256
7a02a9616d7fc81b412a46e036c7e562e9b86a9912a0b9202ba429da6aa774ec
Threat Level: No (potentially) malicious behavior was detected
The file Screenshot_2.png was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-06-11 05:26
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-11 05:26
Reported
2024-06-11 05:27
Platform
macos-20240410-en
Max time kernel
33s
Max time network
38s
Command Line
Signatures
Processes
/bin/sh
[sh -c sudo /bin/zsh -c "/Users/run/Screenshot_2.png"]
/bin/bash
[sh -c sudo /bin/zsh -c "/Users/run/Screenshot_2.png"]
/usr/bin/sudo
[sudo /bin/zsh -c /Users/run/Screenshot_2.png]
/bin/zsh
[/bin/zsh -c /Users/run/Screenshot_2.png]
/Users/run/Screenshot_2.png
[/Users/run/Screenshot_2.png]
/usr/libexec/xpcproxy
[xpcproxy com.apple.spindump]
/usr/sbin/spindump
[/usr/sbin/spindump]
/usr/libexec/xpcproxy
[xpcproxy com.apple.diagnosticd]
/usr/libexec/diagnosticd
[/usr/libexec/diagnosticd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.rtcreportingd]
/usr/libexec/rtcreportingd
[/usr/libexec/rtcreportingd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.spindump_agent]
/usr/libexec/spindump_agent
[/usr/libexec/spindump_agent]
Network
| Country | Destination | Domain | Proto |
| IE | 17.57.146.88:5223 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | bag-cdn-lb.itunes-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | 0-courier.push.apple.com | udp |
| GB | 17.57.146.153:5223 | 0-courier.push.apple.com | tcp |
| GB | 17.57.146.154:5223 | 0-courier.push.apple.com | tcp |