Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

Ultra-Viru...4.html

macos-10.15-amd64

1

Resubmissions

26/07/2024, 10:57

240726-m2rd4atdrr 1

26/07/2024, 10:45

240726-mth3rasglq 3

Analysis

  • max time kernel
    123s
  • max time network
    152s
  • platform
    macos-10.15_amd64
  • resource
    macos-20240711.1-de
  • resource tags

    arch:amd64arch:i386image:macos-20240711.1-dekernel:19b77alocale:de-deos:macos-10.15-amd64system
  • submitted
    26/07/2024, 10:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Ultra-Virus-Killer_104856004.html

  • Size

    459KB

  • MD5

    cebbfc7ee941337581e5c71e60dc55fd

  • SHA1

    b86050726405d0ee5e97b39758dbc6e768a50de3

  • SHA256

    d9f5f8c57ecb50cf344c02ccec2344c439fa8f894195683562d59a7114e2f0bd

  • SHA512

    9e57c542e4f47b255d9bc509996bd7ca25d3cfdc22f23b8180caa0930c2e22fc75c311cf3192c0fb2e700a2e07ef1d6045fa71b3bd48de6df5c7efb23c8b7e51

  • SSDEEP

    12288:BAO6xNOc+YMKnzScUDdq4nuQtzYwRNqS5ebGWGCE2iqf4KSaASMs6GymQ+G+MKtA:BAHpLUcUDbuQ9YwHqSebGWGCE2iqf4Ko

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/Ultra-Virus-Killer_104856004.html\""
    1⤵
      PID:480
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/Ultra-Virus-Killer_104856004.html\""
      1⤵
        PID:480
      • /usr/bin/sudo
        sudo /bin/zsh -c /Users/run/Ultra-Virus-Killer_104856004.html
        1⤵
          PID:480
          • /bin/zsh
            /bin/zsh -c /Users/run/Ultra-Virus-Killer_104856004.html
            2⤵
              PID:481
            • /Users/run/Ultra-Virus-Killer_104856004.html
              /Users/run/Ultra-Virus-Killer_104856004.html
              2⤵
                PID:481
              • /bin/sh
                sh /Users/run/Ultra-Virus-Killer_104856004.html
                2⤵
                  PID:481
                • /bin/bash
                  sh /Users/run/Ultra-Virus-Killer_104856004.html
                  2⤵
                    PID:481
                • /usr/libexec/xpcproxy
                  xpcproxy com.apple.Safari.2028
                  1⤵
                    PID:511
                  • /Applications/Safari.app/Contents/MacOS/Safari
                    /Applications/Safari.app/Contents/MacOS/Safari
                    1⤵
                      PID:511
                    • /usr/libexec/xpcproxy
                      xpcproxy com.apple.Safari.History
                      1⤵
                        PID:514
                      • /System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History
                        /System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History
                        1⤵
                          PID:514
                        • /usr/libexec/xpcproxy
                          xpcproxy com.apple.WebKit.WebContent.3FF31E6B-F2D9-4B1A-8A9A-C3B9E73B16F4 511
                          1⤵
                            PID:515
                          • /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                            /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                            1⤵
                              PID:515
                            • /usr/libexec/xpcproxy
                              xpcproxy com.apple.SafariLaunchAgent
                              1⤵
                                PID:521
                              • /Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent
                                /Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent
                                1⤵
                                  PID:521
                                • /usr/libexec/xpcproxy
                                  xpcproxy com.apple.WebKit.WebContent.00604A91-DC17-4E7F-9002-FA99CCDDD9FC 511
                                  1⤵
                                    PID:522
                                  • /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                    /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                    1⤵
                                      PID:522
                                    • /usr/libexec/xpcproxy
                                      xpcproxy com.apple.WebKit.WebContent.1FED4184-3E3D-4609-9852-7FD2E9F2BEB8 511
                                      1⤵
                                        PID:523
                                      • /usr/libexec/xpcproxy
                                        xpcproxy com.apple.WebKit.WebContent.FE7EC525-0B3C-4E5F-852E-5089C7B03FED 511
                                        1⤵
                                          PID:525
                                        • /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                          /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                          1⤵
                                            PID:523
                                          • /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                            /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                            1⤵
                                              PID:525
                                            • /usr/libexec/xpcproxy
                                              xpcproxy com.apple.Safari.SafeBrowsing.Service
                                              1⤵
                                                PID:526
                                              • /System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service
                                                /System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service
                                                1⤵
                                                  PID:526
                                                • /usr/libexec/xpcproxy
                                                  xpcproxy com.apple.Safari.SearchHelper 511
                                                  1⤵
                                                    PID:527
                                                  • /System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.SearchHelper.xpc/Contents/MacOS/com.apple.Safari.SearchHelper
                                                    /System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.SearchHelper.xpc/Contents/MacOS/com.apple.Safari.SearchHelper
                                                    1⤵
                                                      PID:527
                                                    • /usr/libexec/xpcproxy
                                                      xpcproxy com.apple.WebKit.WebContent.10B8ABF5-3E6A-496F-B443-86F28447CA43 511
                                                      1⤵
                                                        PID:528
                                                      • /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                                        /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                                        1⤵
                                                          PID:528
                                                        • /usr/libexec/xpcproxy
                                                          xpcproxy com.apple.WebKit.WebContent.BC9E63DC-C408-446F-9527-A35A0B14F908 511
                                                          1⤵
                                                            PID:529
                                                          • /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                                            /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                                            1⤵
                                                              PID:529
                                                            • /usr/libexec/xpcproxy
                                                              xpcproxy com.apple.WebKit.WebContent.2A11E021-BA80-46DB-AD11-9581C3121CAD 511
                                                              1⤵
                                                                PID:530
                                                              • /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                                                /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                                                1⤵
                                                                  PID:530
                                                                • /usr/libexec/xpcproxy
                                                                  xpcproxy com.apple.WebKit.WebContent.1496CCE8-B5A6-4152-BDF5-75D4B7279E17 511
                                                                  1⤵
                                                                    PID:531
                                                                  • /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                                                    /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                                                    1⤵
                                                                      PID:531
                                                                    • /usr/libexec/xpcproxy
                                                                      xpcproxy com.apple.WebKit.WebContent.F9559DD1-8601-4922-964D-12F790EFC670 511
                                                                      1⤵
                                                                        PID:532
                                                                      • /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                                                        /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                                                        1⤵
                                                                          PID:532
                                                                        • /usr/libexec/xpcproxy
                                                                          xpcproxy com.apple.WebKit.WebContent.3CDB5E2D-4BC0-4B4D-9D6F-006BFD3CEBCC 511
                                                                          1⤵
                                                                            PID:533
                                                                          • /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                                                            /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                                                            1⤵
                                                                              PID:533
                                                                            • /usr/libexec/xpcproxy
                                                                              xpcproxy com.apple.WebKit.WebContent.C55C1A13-F29C-4739-A128-F96E89EF0A05 511
                                                                              1⤵
                                                                                PID:535
                                                                              • /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                                                                /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                                                                1⤵
                                                                                  PID:535
                                                                                • /usr/libexec/xpcproxy
                                                                                  xpcproxy com.apple.WebKit.WebContent.62D598C7-0104-4EE5-8137-4F63E06FA7FA 511
                                                                                  1⤵
                                                                                    PID:540
                                                                                  • /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                                                                    /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                                                                    1⤵
                                                                                      PID:540
                                                                                    • /usr/libexec/xpcproxy
                                                                                      xpcproxy com.apple.WebKit.WebContent.48F840DB-E94D-4579-838F-A17EA2511A24 511
                                                                                      1⤵
                                                                                        PID:541
                                                                                      • /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                                                                        /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                                                                        1⤵
                                                                                          PID:541
                                                                                        • /usr/libexec/xpcproxy
                                                                                          xpcproxy com.apple.audio.AudioComponentRegistrar
                                                                                          1⤵
                                                                                            PID:545
                                                                                          • /System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar
                                                                                            /System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar
                                                                                            1⤵
                                                                                              PID:545
                                                                                            • /usr/libexec/xpcproxy
                                                                                              xpcproxy com.apple.audio.SandboxHelper 522
                                                                                              1⤵
                                                                                                PID:546
                                                                                              • /System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper
                                                                                                /System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper
                                                                                                1⤵
                                                                                                  PID:546
                                                                                                • /usr/libexec/xpcproxy
                                                                                                  xpcproxy com.apple.accessibility.mediaaccessibilityd
                                                                                                  1⤵
                                                                                                    PID:547
                                                                                                  • /System/Library/Frameworks/MediaAccessibility.framework/Versions/A/XPCServices/com.apple.accessibility.mediaaccessibilityd.xpc/Contents/MacOS/com.apple.accessibility.mediaaccessibilityd
                                                                                                    /System/Library/Frameworks/MediaAccessibility.framework/Versions/A/XPCServices/com.apple.accessibility.mediaaccessibilityd.xpc/Contents/MacOS/com.apple.accessibility.mediaaccessibilityd
                                                                                                    1⤵
                                                                                                      PID:547
                                                                                                    • /usr/libexec/xpcproxy
                                                                                                      xpcproxy com.apple.WebKit.WebContent.B8782F88-57C6-4C3A-9AA2-1B64FC7815CC 511
                                                                                                      1⤵
                                                                                                        PID:550
                                                                                                      • /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                                                                                        /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                                                                                                        1⤵
                                                                                                          PID:550
                                                                                                        • /usr/libexec/xpcproxy
                                                                                                          xpcproxy com.apple.DiagnosticReportCleanup.plist
                                                                                                          1⤵
                                                                                                            PID:555

                                                                                                          Network

                                                                                                          MITRE ATT&CK Matrix

                                                                                                          Replay Monitor

                                                                                                          Loading Replay Monitor...

                                                                                                          Downloads

                                                                                                          • /Users/run/Library/Safari/Favicon Cache/favicons/121E9F89AB6023E6D39B5DDD0DBA93A7
                                                                                                            Filesize

                                                                                                            5KB

                                                                                                            MD5

                                                                                                            342ca9ff48dc294f7cc4ef1aa3bde90e

                                                                                                            SHA1

                                                                                                            b3cfa9ead9693392807d0c4ef766015202e927f3

                                                                                                            SHA256

                                                                                                            e3a24c4396e6c72eabf2d4ceeff339959dd91921a7341ac80101ff78ad9dcf96

                                                                                                            SHA512

                                                                                                            848a0cb78e3e96e520b48886d872e91d1d21b2c7677e3200545a12204e5c885ff09e880cba2872f81fceb354cc558b69d33c870d23ef9fc614e9d4027b4f85e2

                                                                                                            Download Submit

                                                                                                          • /Users/run/Library/Safari/Favicon Cache/favicons/2529545429CE075A4E64DE7DAA3D4C27
                                                                                                            Filesize

                                                                                                            5KB

                                                                                                            MD5

                                                                                                            f3418a443e7d841097c714d69ec4bcb8

                                                                                                            SHA1

                                                                                                            49263695f6b0cdd72f45cf1b775e660fdc36c606

                                                                                                            SHA256

                                                                                                            6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770

                                                                                                            SHA512

                                                                                                            82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

                                                                                                            Download Submit

                                                                                                          • /Users/run/Library/Safari/Favicon Cache/favicons/B49FEFE5CB078F7D00EA868A4440BE36
                                                                                                            Filesize

                                                                                                            7KB

                                                                                                            MD5

                                                                                                            5c08cf3d187c161fc17f0a2c1e84e326

                                                                                                            SHA1

                                                                                                            a811ea8bd64430cb75382042dff8a3a197754c30

                                                                                                            SHA256

                                                                                                            5a1324bf55e01c17edb68f7c5c472f7279f11f3c80a2844ea6769f83e45a303d

                                                                                                            SHA512

                                                                                                            5f99ace59eb0faa62c23abf922f4519b7589124ec113f51a3d3e41c6cf88cccd09b3d5a4d73d8d6afcc5adb25f02d241a8be2e9039b78a98e9ae813d63589cee

                                                                                                            Download Submit

                                                                                                          • /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/malware,osx,url_expression
                                                                                                            Filesize

                                                                                                            216KB

                                                                                                            MD5

                                                                                                            ba1362bc045456ba5666895f0a8c8860

                                                                                                            SHA1

                                                                                                            3054ef18f5c03585fbbd3fa3b413fcf31693f6f6

                                                                                                            SHA256

                                                                                                            3952c416af8843dd5bded79adecf21778d04a543d50d6eff2f89ace41a284385

                                                                                                            SHA512

                                                                                                            38e27965e9e05ec47bb8822e0fd4bd68bc4e94818f8c1ed8b0cacac344692cdc1fb002385b82e2269d2c8ba593c4f8a225866e335b6ae23f476db96952b1ed63

                                                                                                            Download Submit

                                                                                                          • /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/social_engineering,osx,url_expression
                                                                                                            Filesize

                                                                                                            21.9MB

                                                                                                            MD5

                                                                                                            4dae7428bcf4e667fed53c1ad803225f

                                                                                                            SHA1

                                                                                                            b537da4a1c43e6d43923f4c1786f00760d189d7b

                                                                                                            SHA256

                                                                                                            62aa918464133ff7dc801d81ca8374c3f5f17ef9b368d24c6ddceb0509dd8b72

                                                                                                            SHA512

                                                                                                            8189bf3da970fb303f08dfdda8385392351d76836a9cd2a272ef86f356fa485c63a12f9d91cf57b42d4c6c64a92ec2c830891f88e9b606cdb7c686e5775bb75c

                                                                                                            Download Submit

                                                                                                          • /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/unwanted_software,osx,url_expression
                                                                                                            Filesize

                                                                                                            133KB

                                                                                                            MD5

                                                                                                            cd4e8cf0b5e472e1ee129e495d0a8d6d

                                                                                                            SHA1

                                                                                                            0857a26603d988e25f2384a5cb2798a71d60e06d

                                                                                                            SHA256

                                                                                                            c8da936705014456129c95a982013dcebdc8fa49472fe9c1026885682b1d3c7f

                                                                                                            SHA512

                                                                                                            7a98e5d5bd7d381f22bc5efa3892e74ee9072f0e4faae9cf8b31d7cbe49757571bc670d21e463d5db6796a67bc048c54d1b446753cfebe0b4cbffc617cf3fd1f

                                                                                                            Download Submit

                                                                                                          • /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari//mds/mdsDirectory.db
                                                                                                            Filesize

                                                                                                            47KB

                                                                                                            MD5

                                                                                                            0e4a0d1ceb2af6f0f8d0167ce77be2d3

                                                                                                            SHA1

                                                                                                            414ba4c1dc5fc8bf53d550e296fd6f5ad669918c

                                                                                                            SHA256

                                                                                                            cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030

                                                                                                            SHA512

                                                                                                            1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

                                                                                                            Download Submit

                                                                                                          • /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari//mds/mdsObject.db
                                                                                                            Filesize

                                                                                                            4KB

                                                                                                            MD5

                                                                                                            d3a1859e6ec593505cc882e6def48fc8

                                                                                                            SHA1

                                                                                                            f8e6728e3e9de477a75706faa95cead9ce13cb32

                                                                                                            SHA256

                                                                                                            3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c

                                                                                                            SHA512

                                                                                                            ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818

                                                                                                            Download Submit