Analysis
-
max time kernel
134s -
max time network
151s -
platform
macos-10.15_amd64 -
resource
macos-20240611-en -
resource tags
arch:amd64arch:i386image:macos-20240611-enkernel:19b77alocale:en-usos:macos-10.15-amd64system -
submitted
19-06-2024 11:16
Static task
static1
Behavioral task
behavioral1
Sample
BTRT.dmg
Resource
macos-20240611-en
Behavioral task
behavioral2
Sample
Boonana Trojan Removal Tool/Boonana Removal Tool.app/Contents/MacOS/Boonana Removal Tool
Resource
macos-20240611-en
Behavioral task
behavioral3
Sample
Boonana Trojan Removal Tool/ReadMe.rtf
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
Boonana Trojan Removal Tool/ReadMe.rtf
Resource
win10v2004-20240611-en
General
-
Target
Boonana Trojan Removal Tool/Boonana Removal Tool.app/Contents/MacOS/Boonana Removal Tool
-
Size
70KB
-
MD5
a15be0fceae1cc1058b55af195fdb84b
-
SHA1
0a09e1ee22075b33b231018136815a197de36f18
-
SHA256
cd6dd7621341b059333e0f31b203577b96f6d8794d87d27241ab95f1a6d40e75
-
SHA512
60be3660c87408934ae7aad66340eeb12ef260288ce568029dd5150d17a314ea2e646c70e6cb806f33d2f55d3463e9c36b6be3996d947f22326b267f978fa64f
-
SSDEEP
768:Zr/A+q+vNskjDHUZ0pOfU7V0pIaILGngh+6NHcrNPW+dbCRC86gQm0pmfp7W0pUD:ZrNNbjTUZ0z0Uh+6NodDb1gP0X0w
Malware Config
Signatures
Processes
-
/bin/shsh -c "sudo /bin/zsh -c \"/Users/run/Boonana Trojan Removal Tool/Boonana Removal Tool.app/Contents/MacOS/Boonana Removal Tool\""1⤵PID:533
-
/bin/bashsh -c "sudo /bin/zsh -c \"/Users/run/Boonana Trojan Removal Tool/Boonana Removal Tool.app/Contents/MacOS/Boonana Removal Tool\""1⤵PID:533
-
/usr/bin/sudosudo /bin/zsh -c "/Users/run/Boonana Trojan Removal Tool/Boonana Removal Tool.app/Contents/MacOS/Boonana Removal Tool"1⤵PID:533
-
/bin/zsh/bin/zsh -c "/Users/run/Boonana Trojan Removal Tool/Boonana Removal Tool.app/Contents/MacOS/Boonana Removal Tool"2⤵PID:534
-
/Users/run/Boonana/Users/run/Boonana Trojan Removal Tool/Boonana Removal Tool.app/Contents/MacOS/Boonana Removal Tool2⤵PID:534
-
/usr/bin/pluginkit/usr/bin/pluginkit -e ignore -i com.microsoft.OneDrive.FinderSync1⤵PID:556
-
/usr/sbin/spctl/usr/sbin/spctl --assess --type execute /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/OneDriveUpdaterBCBF2C69/OneDrive.app1⤵PID:557
-
/usr/libexec/xpcproxyxpcproxy com.apple.corespotlightservice.725FD30A-6064-6C02-CC51-5DDB8891B57E1⤵PID:581
-
/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService1⤵PID:581