Overview

overview

4

Static

static

1

iconik Age...64.dmg

macos-10.15-amd64

4

iconik Age... (GPU)

macos-10.15-amd64

1

iconik Age...kAgent

macos-10.15-amd64

1

iconik Age...Helper

macos-10.15-amd64

4

iconik Age...dex.js

macos-10.15-amd64

4

iconik Age...t-util

macos-10.15-amd64

4

iconik Age...dex.js

macos-10.15-amd64

4

iconik Age...oad.js

macos-10.15-amd64

4

iconik Age...ile.js

macos-10.15-amd64

4

iconik Age...ker.js

macos-10.15-amd64

4

iconik Age...er1.js

macos-10.15-amd64

4

iconik Age...x.html

macos-10.15-amd64

4

iconik Age...dex.js

macos-10.15-amd64

4

iconik Age...oad.js

macos-10.15-amd64

4

iconik Age...x.html

macos-10.15-amd64

4

iconik Age...dex.js

macos-10.15-amd64

4

iconik Age...oad.js

macos-10.15-amd64

4

Analysis

  • max time kernel
    271s
  • max time network
    262s
  • platform
    macos-10.15_amd64
  • resource
    macos-20240711.1-en
  • resource tags

    arch:amd64arch:i386image:macos-20240711.1-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    15/07/2024, 10:51 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    iconik Agent/iconik Agent.app/Contents/Frameworks/iconik Agent Helper (GPU).app/Contents/MacOS/iconik Agent Helper (GPU)

  • Size

    99KB

  • MD5

    85b3e5e3a59cf27109bdecf7466801ea

  • SHA1

    67a71f64651336fbf9cefcd989c726abad699008

  • SHA256

    a6e59b0b241a67d11a0ca5bb764439ab5fd935969c13ea2ec4b29ec823b72a9e

  • SHA512

    6414a9db6dbcdd2177bc8bcf580c75814414135853bbf36c31d93b57b252022e5c43db59dd8e7a566c0b9739fc5a957d2c6b1dd87f64148aa5714071d49c16ae

  • SSDEEP

    1536:miYhSnrSgaIrbv5RM3Py9gJlzruUiEGHeZa8McaB6HXD1YY1bFPpHqkXc/umVAv8:miYhSn4P0uPYAqFsQK2l

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/iconik Agent/iconik Agent.app/Contents/Frameworks/iconik Agent Helper (GPU).app/Contents/MacOS/iconik Agent Helper (GPU)\""
    1⤵
      PID:489
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/iconik Agent/iconik Agent.app/Contents/Frameworks/iconik Agent Helper (GPU).app/Contents/MacOS/iconik Agent Helper (GPU)\""
      1⤵
        PID:489
      • /usr/bin/sudo
        sudo /bin/zsh -c "/Users/run/iconik Agent/iconik Agent.app/Contents/Frameworks/iconik Agent Helper (GPU).app/Contents/MacOS/iconik Agent Helper (GPU)"
        1⤵
          PID:489
          • /bin/zsh
            /bin/zsh -c "/Users/run/iconik Agent/iconik Agent.app/Contents/Frameworks/iconik Agent Helper (GPU).app/Contents/MacOS/iconik Agent Helper (GPU)"
            2⤵
              PID:490
          • /usr/libexec/xpcproxy
            xpcproxy com.apple.corespotlightservice.725FD30A-6064-6C02-CC51-5DDB8891B57E
            1⤵
              PID:527
            • /System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
              /System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
              1⤵
                PID:527
              • /bin/launchctl
                /bin/launchctl kill SIGTERM system/com.microsoft.OneDriveUpdaterDaemon
                1⤵
                  PID:530
                • /bin/launchctl
                  /bin/launchctl kill SIGTERM system/com.microsoft.OneDriveStandaloneUpdaterDaemon
                  1⤵
                    PID:531

                  Network

                  • flag-gb
                    GET
                    http://ocsp.apple.com/ocsp03-asi2ca02/ME4wTKADAgEAMEUwQzBBMAkGBSsOAwIaBQAEFDpjNYC91gD%2BzsNfJ0wP9wrPSi8lBBQSdXxHkv2D474u%2FFl%2FZ0OBNRBF7AIIR5uTR%2BogEsU%3D
                    Remote address:
                    17.253.77.202:80
                    Request
                    GET /ocsp03-asi2ca02/ME4wTKADAgEAMEUwQzBBMAkGBSsOAwIaBQAEFDpjNYC91gD%2BzsNfJ0wP9wrPSi8lBBQSdXxHkv2D474u%2FFl%2FZ0OBNRBF7AIIR5uTR%2BogEsU%3D HTTP/1.1
                    Host: ocsp.apple.com
                    Accept: */*
                    Accept-Language: en-us
                    Connection: keep-alive
                    Accept-Encoding: gzip, deflate
                    User-Agent: com.apple.trustd/2.0
                    Response
                    HTTP/1.1 200 OK
                    Server: Apple
                    Date: Mon, 15 Jul 2024 09:05:59 GMT
                    Content-Type: application/ocsp-response
                    Content-Length: 2559
                    Last-Modified: Mon, 15 Jul 2024 09:05:59 GMT
                    Expires: Mon, 15 Jul 2024 20:05:59 GMT
                    Etag: "e6684977391bd87fa32f6098703e1f2922c5a7dc"
                    Age: 6457
                    Via: http/1.1 uklon5-vp-vst-015.ts.apple.com (acdn/252.14441), http/1.1 uklon5-vp-vfe-003.ts.apple.com (acdn/252.14441), http/1.1 gbmnc1-edge-lx-001.ts.apple.com (acdn/252.14441), http/1.1 gbmnc1-edge-bx-004.ts.apple.com (acdn/252.14441)
                    X-Cache: hit-stale, hit-stale, hit-fresh, hit-fresh
                    CDNUUID: c4d892c8-5605-47c2-b6d7-b51fc6366421-17710467031
                    Connection: keep-alive
                  • flag-us
                    DNS
                    cds.apple.com
                    Remote address:
                    8.8.8.8:53
                    Request
                    cds.apple.com
                    IN A
                    Response
                    cds.apple.com
                    IN CNAME
                    cds-cdn.v.aaplimg.com
                    cds-cdn.v.aaplimg.com
                    IN CNAME
                    cds.apple.com.akadns.net
                    cds.apple.com.akadns.net
                    IN CNAME
                    cds.apple.com.edgekey.net
                    cds.apple.com.edgekey.net
                    IN CNAME
                    e14768.dscb.akamaiedge.net
                    e14768.dscb.akamaiedge.net
                    IN A
                    104.103.245.125
                  • flag-us
                    DNS
                    help.apple.com
                    Remote address:
                    8.8.8.8:53
                    Request
                    help.apple.com
                    IN A
                    Response
                    help.apple.com
                    IN CNAME
                    help.origin-apple.com.akadns.net
                    help.origin-apple.com.akadns.net
                    IN CNAME
                    help-ar.apple.com.edgekey.net
                    help-ar.apple.com.edgekey.net
                    IN CNAME
                    e11408.d.akamaiedge.net
                    e11408.d.akamaiedge.net
                    IN A
                    23.46.73.181
                  • 17.250.81.69:443
                    tls, https
                    128 B
                     40 B
                     2
                    1
                  • 17.253.77.202:80
                    http://ocsp.apple.com/ocsp03-asi2ca02/ME4wTKADAgEAMEUwQzBBMAkGBSsOAwIaBQAEFDpjNYC91gD%2BzsNfJ0wP9wrPSi8lBBQSdXxHkv2D474u%2FFl%2FZ0OBNRBF7AIIR5uTR%2BogEsU%3D
                    http
                    677 B
                     3.5kB
                     7
                    6

                    HTTP Request

                    GET http://ocsp.apple.com/ocsp03-asi2ca02/ME4wTKADAgEAMEUwQzBBMAkGBSsOAwIaBQAEFDpjNYC91gD%2BzsNfJ0wP9wrPSi8lBBQSdXxHkv2D474u%2FFl%2FZ0OBNRBF7AIIR5uTR%2BogEsU%3D

                    HTTP Response

                    200
                  • 104.103.245.125:443
                    cds.apple.com
                    tls
                    19.9kB
                     165.4kB
                     220
                    214
                  • 23.46.73.181:443
                    help.apple.com
                    tls
                    33.5kB
                     112.2kB
                     176
                    140
                  • 23.46.73.181:443
                    help.apple.com
                    tls
                    1.8kB
                     6.8kB
                     14
                    12
                  • 8.8.8.8:53
                    cds.apple.com
                    dns
                    59 B
                     218 B
                     1
                    1

                    DNS Request

                    cds.apple.com

                    DNS Response

                    104.103.245.125

                  • 8.8.8.8:53
                    help.apple.com
                    dns
                    60 B
                     196 B
                     1
                    1

                    DNS Request

                    help.apple.com

                    DNS Response

                    23.46.73.181

                  • 224.0.0.251:5353
                    332 B
                     1

                  MITRE ATT&CK Matrix

                  Replay Monitor

                  Loading Replay Monitor...

                  Downloads

                  We care about your privacy.

                  This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.