ccdcdf02bdc032a4d16ed422f42b80df4f4405e24688087e6e6164cb86d235ab | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

run.js

windows7-x64

3

run.js

android-9-x86

run.js

android-10-x64

run.js

android-11-x64

run.js

macos-10.15-amd64

1

Resubmissions

25/07/2024, 21:14

240725-z3fp7syanc 3

25/07/2024, 20:01

240725-yrw3davdkc 3

Analysis

max time kernel
311s
max time network
430s
platform
macos-10.15_amd64
resource
macos-20240711.1-en
resource tags

arch:amd64arch:i386image:macos-20240711.1-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
submitted
25/07/2024, 20:01

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

run.js

Resource

win7-20240704-en

windows7-x64

1 signatures

300 seconds

Behavioral task

behavioral2

Sample

run.js

Resource

android-x86-arm-20240624-en

android-9-x86

0 signatures

300 seconds

Behavioral task

behavioral3

Sample

run.js

Resource

android-x64-20240624-en

android-10-x64

0 signatures

300 seconds

Behavioral task

behavioral4

Sample

run.js

Resource

android-x64-arm64-20240624-en

android-11-x64

0 signatures

300 seconds

Behavioral task

behavioral5

Sample

run.js

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

300 seconds

Report Analysis Logs

General

Target

run.js
Size

14B
MD5

0a63950f39a63ef300b090de19e20612
SHA1

9bcc7fbb1760bff4197810a0aceb2f3de92020f8
SHA256

ccdcdf02bdc032a4d16ed422f42b80df4f4405e24688087e6e6164cb86d235ab
SHA512

4496644c43c85e7c8cabf8e79c9ff4dc1b7fe66bb2468a820186455d30273bb556db070bad422e7a2a6001e91ea17589808a15fcc4d01d14340cf6d6dac5a055

Score

1^/10

Malware Config

Signatures

Processes

/usr/libexec/xpcproxy
xpcproxy com.apple.logkextloadsd
1⤵
PID:481

/usr/libexec/xpcproxy
xpcproxy com.apple.var-db-dslocal-backup
1⤵
PID:482

/usr/libexec/xpcproxy
xpcproxy com.apple.gkreport
1⤵
PID:483

/usr/bin/xar
/usr/bin/xar -c -f dslocal-backup.xar dslocal
1⤵
PID:482

/usr/libexec/xpcproxy
xpcproxy com.apple.systemstats.daily
1⤵
PID:484

/usr/libexec/gkreport
/usr/libexec/gkreport
1⤵
PID:483

/bin/sh
sh -c "sudo /bin/zsh -c \"/Users/run/run.js\""
1⤵
PID:485

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/run.js\""
1⤵
PID:485

/usr/bin/sudo
sudo /bin/zsh -c /Users/run/run.js
1⤵
PID:485
- /bin/zsh
  /bin/zsh -c /Users/run/run.js
  2⤵
  PID:487
- /Users/run/run.js
  /Users/run/run.js
  2⤵
  PID:487
- /bin/sh
  sh /Users/run/run.js
  2⤵
  PID:487
- /bin/bash
  sh /Users/run/run.js
  2⤵
  PID:487

/usr/libexec/xpcproxy
xpcproxy com.apple.audio.AudioComponentRegistrar
1⤵
PID:515

/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar
/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar -daemon
1⤵
PID:515

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy