Analysis Overview
SHA256
94ce445711fc5b36f2b25b8a5fa3c4832418bf06e4883ba0bbb1725e97f7b99c
Threat Level: No (potentially) malicious behavior was detected
The file Notion-3.9.0-universal.dmg was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-06-11 17:50
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-11 17:50
Reported
2024-06-11 17:54
Platform
macos-20240410-en
Max time kernel
119s
Max time network
124s
Command Line
Signatures
Processes
/bin/sh
[sh -c sudo /bin/zsh -c "open /Volumes/Notion/Notion.app"]
/bin/bash
[sh -c sudo /bin/zsh -c "open /Volumes/Notion/Notion.app"]
/usr/bin/sudo
[sudo /bin/zsh -c open /Volumes/Notion/Notion.app]
/bin/zsh
[/bin/zsh -c open /Volumes/Notion/Notion.app]
/usr/bin/open
[open /Volumes/Notion/Notion.app]
/usr/libexec/xpcproxy
[xpcproxy notion.id.2308]
/Volumes/Notion/Notion.app/Contents/MacOS/Notion
[/Volumes/Notion/Notion.app/Contents/MacOS/Notion]
/usr/libexec/xpcproxy
[xpcproxy com.apple.assistantd]
/System/Library/PrivateFrameworks/AssistantServices.framework/Versions/A/Support/assistantd
[/System/Library/PrivateFrameworks/AssistantServices.framework/Versions/A/Support/assistantd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.pbs]
/System/Library/CoreServices/pbs
[/System/Library/CoreServices/pbs]
/usr/libexec/xpcproxy
[xpcproxy com.apple.GameController.gamecontrollerd]
/usr/libexec/gamecontrollerd
[/usr/libexec/gamecontrollerd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.TextInputMenuAgent]
/System/Library/CoreServices/TextInputMenuAgent.app/Contents/MacOS/TextInputMenuAgent
[/System/Library/CoreServices/TextInputMenuAgent.app/Contents/MacOS/TextInputMenuAgent]
/usr/libexec/xpcproxy
[xpcproxy com.apple.TextInputSwitcher]
/System/Library/CoreServices/TextInputSwitcher.app/Contents/MacOS/TextInputSwitcher
[/System/Library/CoreServices/TextInputSwitcher.app/Contents/MacOS/TextInputSwitcher]
/usr/libexec/xpcproxy
[xpcproxy com.apple.suggestd]
/System/Library/PrivateFrameworks/CoreSuggestions.framework/Versions/A/Support/suggestd
[/System/Library/PrivateFrameworks/CoreSuggestions.framework/Versions/A/Support/suggestd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.siri.context.service]
/System/Library/PrivateFrameworks/ContextKit.framework/Versions/A/XPCServices/ContextService.xpc/Contents/MacOS/ContextService
[/System/Library/PrivateFrameworks/ContextKit.framework/Versions/A/XPCServices/ContextService.xpc/Contents/MacOS/ContextService]
/usr/libexec/xpcproxy
[xpcproxy com.apple.spindump]
/usr/sbin/spindump
[/usr/sbin/spindump]
/usr/libexec/xpcproxy
[xpcproxy com.apple.tailspind]
/usr/libexec/xpcproxy
[xpcproxy com.apple.spindump_agent]
/usr/libexec/tailspind
[/usr/libexec/tailspind]
/usr/libexec/spindump_agent
[/usr/libexec/spindump_agent]
Network
| Country | Destination | Domain | Proto |
| US | 20.189.173.2:443 | tcp | |
| US | 8.8.8.8:53 | bag-cdn-lb.itunes-apple.com.akadns.net | udp |
| US | 8.8.8.8:53 | mobile.events.data.trafficmanager.net | udp |
| US | 20.42.73.25:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp |