Malware Analysis Report

2024-10-10 07:17

Sample ID 240611-tfelqsshnj
Target ArcInstaller.exe
SHA256 20fe34797b5d870900402aaf927136076111bec331d6bfc443b86d66c551243e
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

SHA256

20fe34797b5d870900402aaf927136076111bec331d6bfc443b86d66c551243e

Threat Level: No (potentially) malicious behavior was detected

The file ArcInstaller.exe was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary

N/A

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-11 15:59

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-11 15:59

Reported

2024-06-11 16:00

Platform

macos-20240410-en

Max time kernel

8s

Max time network

13s

Command Line

[sh -c sudo /bin/zsh -c "/Users/run/ArcInstaller.exe"]

Signatures

N/A

Processes

/bin/sh

[sh -c sudo /bin/zsh -c "/Users/run/ArcInstaller.exe"]

/bin/bash

[sh -c sudo /bin/zsh -c "/Users/run/ArcInstaller.exe"]

/usr/bin/sudo

[sudo /bin/zsh -c /Users/run/ArcInstaller.exe]

/bin/zsh

[/bin/zsh -c /Users/run/ArcInstaller.exe]

/Users/run/ArcInstaller.exe

[/Users/run/ArcInstaller.exe]

Network

Country Destination Domain Proto
DE 20.52.64.201:443 tcp
US 8.8.8.8:53 apis.apple.map.fastly.net udp

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-11 15:59

Reported

2024-06-11 16:00

Platform

ubuntu2204-amd64-20240522.1-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A