Overview
overview
7Static
static
3publish/OpenAL32.dll
windows7-x64
1publish/OpenAL32.dll
windows10-2004-x64
1publish/Ry...va.exe
windows7-x64
7publish/Ry...va.exe
windows10-2004-x64
7publish/Ryujinx.exe
windows7-x64
1publish/Ryujinx.exe
windows10-2004-x64
7publish/SDL2.dll
windows7-x64
1publish/SDL2.dll
windows10-2004-x64
1publish/av...v2.dll
windows7-x64
1publish/av...v2.dll
windows10-2004-x64
1publish/av...59.dll
windows7-x64
1publish/av...59.dll
windows10-2004-x64
1publish/avutil-57.dll
windows7-x64
1publish/avutil-57.dll
windows10-2004-x64
1publish/glfw3.dll
windows7-x64
1publish/glfw3.dll
windows10-2004-x64
1publish/li...rp.dll
windows7-x64
1publish/li...rp.dll
windows10-2004-x64
1publish/li...rp.dll
windows7-x64
1publish/li...rp.dll
windows10-2004-x64
1publish/li....dylib
macos-10.15-amd64
1publish/li...io.dll
windows7-x64
1publish/li...io.dll
windows10-2004-x64
1Resubmissions
16-06-2024 14:53
240616-r9bqtsxdrd 7Analysis
-
max time kernel
91s -
max time network
149s -
platform
macos-10.15_amd64 -
resource
macos-20240611-en -
resource tags
arch:amd64arch:i386image:macos-20240611-enkernel:19b77alocale:en-usos:macos-10.15-amd64system -
submitted
16-06-2024 14:53
Static task
static1
Behavioral task
behavioral1
Sample
publish/OpenAL32.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
publish/OpenAL32.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
publish/Ryujinx.Ava.exe
Resource
win7-20231129-en
Behavioral task
behavioral4
Sample
publish/Ryujinx.Ava.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral5
Sample
publish/Ryujinx.exe
Resource
win7-20240611-en
Behavioral task
behavioral6
Sample
publish/Ryujinx.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral7
Sample
publish/SDL2.dll
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
publish/SDL2.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral9
Sample
publish/av_libglesv2.dll
Resource
win7-20240508-en
Behavioral task
behavioral10
Sample
publish/av_libglesv2.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral11
Sample
publish/avcodec-59.dll
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
publish/avcodec-59.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral13
Sample
publish/avutil-57.dll
Resource
win7-20240611-en
Behavioral task
behavioral14
Sample
publish/avutil-57.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral15
Sample
publish/glfw3.dll
Resource
win7-20240508-en
Behavioral task
behavioral16
Sample
publish/glfw3.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral17
Sample
publish/libHarfBuzzSharp.dll
Resource
win7-20240611-en
Behavioral task
behavioral18
Sample
publish/libHarfBuzzSharp.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral19
Sample
publish/libSkiaSharp.dll
Resource
win7-20240508-en
Behavioral task
behavioral20
Sample
publish/libSkiaSharp.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral21
Sample
publish/libarmeilleure-jitsupport.dylib
Resource
macos-20240611-en
Behavioral task
behavioral22
Sample
publish/libsoundio.dll
Resource
win7-20240508-en
Behavioral task
behavioral23
Sample
publish/libsoundio.dll
Resource
win10v2004-20240611-en
General
-
Target
publish/libarmeilleure-jitsupport.dylib
-
Size
32KB
-
MD5
1b080a3c44ed577c1748b9ad81a8c648
-
SHA1
6589419a56e12af0068f873c49e05733223edb3a
-
SHA256
5ee8cc266f75d47850570e4962d2fe9bdb6b2058dc97eafcd43e5fc5b2ec7151
-
SHA512
7725bc2d1d318f5aabdb5df5c631c8071b8a38155be9126155afb5f785ad2a875b1c3b1809878f258339d2ad8325f85444951a897eb901be67f96f890d7206d0
-
SSDEEP
24:HKh/848++qszjOW70GqOkMFKDREB3/PhCk5qBZcTBjZZL4i:HTzyW7fX5FoR43/3c45
Malware Config
Signatures
Processes
-
/bin/shsh -c "sudo /bin/zsh -c \"/Users/run/publish/libarmeilleure-jitsupport.dylib\""1⤵PID:553
-
/bin/bashsh -c "sudo /bin/zsh -c \"/Users/run/publish/libarmeilleure-jitsupport.dylib\""1⤵PID:553
-
/usr/bin/sudosudo /bin/zsh -c /Users/run/publish/libarmeilleure-jitsupport.dylib1⤵PID:553
-
/bin/zsh/bin/zsh -c /Users/run/publish/libarmeilleure-jitsupport.dylib2⤵PID:554
-
/Users/run/publish/libarmeilleure-jitsupport.dylib/Users/run/publish/libarmeilleure-jitsupport.dylib2⤵PID:554
-
/usr/bin/pluginkit/usr/bin/pluginkit -e ignore -i com.microsoft.OneDrive.FinderSync1⤵PID:558
-
/usr/sbin/spctl/usr/sbin/spctl --assess --type execute /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/OneDriveUpdaterBCBF2C69/OneDrive.app1⤵PID:559