e02f5adf1beac248a57f2dbd32fd46617125f00011b7ed04bff6236574f4e66e | Triage

Submit
Reports

Overview

overview

7

Static

static

1

TL_legacy.dmg

macos-10.15-amd64

1

TL Legacy/...cOS/TL

macos-10.15-amd64

1

TL Legacy/...ap.jar

windows7-x64

1

TL Legacy/...ap.jar

windows10-2004-x64

7

TL Legacy/...art.sh

ubuntu-18.04-amd64

3

TL Legacy/...art.sh

debian-9-armhf

3

TL Legacy/...art.sh

debian-9-mips

3

TL Legacy/...art.sh

debian-9-mipsel

3

TL Legacy/...e.html

windows7-x64

1

TL Legacy/...e.html

windows10-2004-x64

1

TL Legacy/...n/java

macos-10.15-amd64

1

TL Legacy/...in/jfr

macos-10.15-amd64

4

TL Legacy/...script

macos-10.15-amd64

4

TL Legacy/...eytool

macos-10.15-amd64

1

TL Legacy/...gistry

macos-10.15-amd64

TL Legacy/...fs.jar

windows7-x64

1

TL Legacy/...fs.jar

windows10-2004-x64

1

TL Legacy/...helper

macos-10.15-amd64

4

TL Legacy/....dylib

macos-10.15-amd64

1

TL Legacy/....dylib

macos-10.15-amd64

4

TL Legacy/....dylib

macos-10.15-amd64

1

TL Legacy/....dylib

macos-10.15-amd64

TL Legacy/....dylib

macos-10.15-amd64

1

TL Legacy/....dylib

macos-10.15-amd64

TL Legacy/....dylib

macos-10.15-amd64

1

TL Legacy/....dylib

macos-10.15-amd64

4

TL Legacy/....dylib

macos-10.15-amd64

4

TL Legacy/....dylib

macos-10.15-amd64

TL Legacy/....dylib

macos-10.15-amd64

1

TL Legacy/....dylib

macos-10.15-amd64

TL Legacy/....dylib

macos-10.15-amd64

1

TL Legacy/....dylib

macos-10.15-amd64

Analysis

max time kernel
141s
max time network
159s
platform
macos-10.15_amd64
resource
macos-20240611-en
resource tags

arch:amd64arch:i386image:macos-20240611-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
submitted
08/07/2024, 20:25

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

TL_legacy.dmg

Resource

macos-20240611-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

TL Legacy/TL Legacy.app/Contents/MacOS/TL

Resource

macos-20240611-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

TL Legacy/TL Legacy.app/Contents/app/bootstrap.jar

Resource

win7-20240705-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

TL Legacy/TL Legacy.app/Contents/app/bootstrap.jar

Resource

win10v2004-20240704-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral5

Sample

TL Legacy/TL Legacy.app/Contents/app/restart.sh

Resource

ubuntu1804-amd64-20240611-en

ubuntu-18.04-amd64

1 signatures

150 seconds

Behavioral task

behavioral6

Sample

TL Legacy/TL Legacy.app/Contents/app/restart.sh

Resource

debian9-armhf-20240611-en

debian-9-armhf

1 signatures

150 seconds

Behavioral task

behavioral7

Sample

TL Legacy/TL Legacy.app/Contents/app/restart.sh

Resource

debian9-mipsbe-20240611-en

debian-9-mips

1 signatures

150 seconds

Behavioral task

behavioral8

Sample

TL Legacy/TL Legacy.app/Contents/app/restart.sh

Resource

debian9-mipsel-20240611-en

debian-9-mipsel

1 signatures

150 seconds

Behavioral task

behavioral9

Sample

TL Legacy/TL Legacy.app/Contents/runtime/Contents/Home/Welcome.html

Resource

win7-20240708-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral10

Sample

TL Legacy/TL Legacy.app/Contents/runtime/Contents/Home/Welcome.html

Resource

win10v2004-20240704-en

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral11

Sample

TL Legacy/TL Legacy.app/Contents/runtime/Contents/Home/bin/java

Resource

macos-20240611-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

TL Legacy/TL Legacy.app/Contents/runtime/Contents/Home/bin/jfr

Resource

macos-20240611-en

macos-10.15-amd64

1 signatures

150 seconds

Behavioral task

behavioral13

Sample

TL Legacy/TL Legacy.app/Contents/runtime/Contents/Home/bin/jrunscript

Resource

macos-20240611-en

macos-10.15-amd64

1 signatures

150 seconds

Behavioral task

behavioral14

Sample

TL Legacy/TL Legacy.app/Contents/runtime/Contents/Home/bin/keytool

Resource

macos-20240611-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

TL Legacy/TL Legacy.app/Contents/runtime/Contents/Home/bin/rmiregistry

Resource

macos-20240611-en

macos-10.15-amd64

1 signatures

150 seconds

Behavioral task

behavioral16

Sample

TL Legacy/TL Legacy.app/Contents/runtime/Contents/Home/lib/jrt-fs.jar

Resource

win7-20240704-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

TL Legacy/TL Legacy.app/Contents/runtime/Contents/Home/lib/jrt-fs.jar

Resource

win10v2004-20240708-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

TL Legacy/TL Legacy.app/Contents/runtime/Contents/Home/lib/jspawnhelper

Resource

macos-20240611-en

macos-10.15-amd64

1 signatures

150 seconds

Behavioral task

behavioral19

Sample

TL Legacy/TL Legacy.app/Contents/runtime/Contents/Home/lib/libawt.dylib

Resource

macos-20240611-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

TL Legacy/TL Legacy.app/Contents/runtime/Contents/Home/lib/libawt_lwawt.dylib

Resource

macos-20240611-en

macos-10.15-amd64

1 signatures

150 seconds

Behavioral task

behavioral21

Sample

TL Legacy/TL Legacy.app/Contents/runtime/Contents/Home/lib/libdecora_sse.dylib

Resource

macos-20240611-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

TL Legacy/TL Legacy.app/Contents/runtime/Contents/Home/lib/libdt_socket.dylib

Resource

macos-20240611-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

TL Legacy/TL Legacy.app/Contents/runtime/Contents/Home/lib/libextnet.dylib

Resource

macos-20240611-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

TL Legacy/TL Legacy.app/Contents/runtime/Contents/Home/lib/libfontmanager.dylib

Resource

macos-20240611-en

macos-10.15-amd64

1 signatures

150 seconds

Behavioral task

behavioral25

Sample

TL Legacy/TL Legacy.app/Contents/runtime/Contents/Home/lib/libfreetype.dylib

Resource

macos-20240611-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

TL Legacy/TL Legacy.app/Contents/runtime/Contents/Home/lib/libfxplugins.dylib

Resource

macos-20240611-en

macos-10.15-amd64

1 signatures

150 seconds

Behavioral task

behavioral27

Sample

TL Legacy/TL Legacy.app/Contents/runtime/Contents/Home/lib/libglass.dylib

Resource

macos-20240611-en

macos-10.15-amd64

1 signatures

150 seconds

Behavioral task

behavioral28

Sample

TL Legacy/TL Legacy.app/Contents/runtime/Contents/Home/lib/libglib-lite.dylib

Resource

macos-20240611-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

TL Legacy/TL Legacy.app/Contents/runtime/Contents/Home/lib/libgstreamer-lite.dylib

Resource

macos-20240611-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

TL Legacy/TL Legacy.app/Contents/runtime/Contents/Home/lib/libinstrument.dylib

Resource

macos-20240611-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

TL Legacy/TL Legacy.app/Contents/runtime/Contents/Home/lib/libj2gss.dylib

Resource

macos-20240611-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

TL Legacy/TL Legacy.app/Contents/runtime/Contents/Home/lib/libj2pcsc.dylib

Resource

macos-20240611-en

macos-10.15-amd64

1 signatures

150 seconds

Report Analysis Logs

General

Target

TL Legacy/TL Legacy.app/Contents/runtime/Contents/Home/lib/libawt.dylib
Size

627KB
MD5

fbca9bd0cab66bba9457be4d3608e5ce
SHA1

8487e6a890baacf6f4ded92de0fe53c8fa3603e0
SHA256

6367c3d8ed21e59f1fa907044035377090e9d2a860c28ce679b4e4f3c376b8af
SHA512

2d1e2da59b6e67e83fbd67000bc5a4d8ff91241e18f526206618beddc93929871e55d6f99e3239afa4f94176e3622a948179238a7293bebb170c275d3e90a89e
SSDEEP

12288:kBbSWQpIEB2a8+9zjLwlXPNVOCIeZdZ5nW4yEB7fSrtmc:kBNmF9zjLw0CZZd3W4ywSE

Score

1^/10

Malware Config

Signatures

Processes

/bin/sh
sh -c "sudo /bin/zsh -c \"/Users/run/TL Legacy/TL Legacy.app/Contents/runtime/Contents/Home/lib/libawt.dylib\""
1⤵
PID:554

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/TL Legacy/TL Legacy.app/Contents/runtime/Contents/Home/lib/libawt.dylib\""
1⤵
PID:554

/usr/bin/sudo
sudo /bin/zsh -c "/Users/run/TL Legacy/TL Legacy.app/Contents/runtime/Contents/Home/lib/libawt.dylib"
1⤵
PID:554
- /bin/zsh
  /bin/zsh -c "/Users/run/TL Legacy/TL Legacy.app/Contents/runtime/Contents/Home/lib/libawt.dylib"
  2⤵
  PID:555
- /Users/run/TL
  /Users/run/TL Legacy/TL Legacy.app/Contents/runtime/Contents/Home/lib/libawt.dylib
  2⤵
  PID:555

/usr/bin/pluginkit
/usr/bin/pluginkit -e ignore -i com.microsoft.OneDrive.FinderSync
1⤵
PID:571

/usr/sbin/spctl
/usr/sbin/spctl --assess --type execute /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/OneDriveUpdaterBCBF2C69/OneDrive.app
1⤵
PID:572

/usr/libexec/xpcproxy
xpcproxy com.apple.newsyslog
1⤵
PID:581

/usr/sbin/newsyslog
/usr/sbin/newsyslog
1⤵
PID:581

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy