f728301d7d3e56aa8322359176953e57e5f7e53e5da7f8cae7b8467da328e89d

Resubmissions

26/07/2024, 14:24

240726-rqptcataqj 3

26/07/2024, 14:21

240726-rpbkbswgre 3

Analysis

max time kernel
1665s
max time network
1808s
platform
macos-10.15_amd64
resource
macos-20240711.1-en
resource tags

arch:amd64arch:i386image:macos-20240711.1-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
submitted
26/07/2024, 14:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

OCAT_Mac.dmg
Size

26.0MB
MD5

d959882bd6c0dc3b0d5195a69fdd966c
SHA1

7ea4699001e4ee6d857ae4cc0d55216d380dd5d8
SHA256

f728301d7d3e56aa8322359176953e57e5f7e53e5da7f8cae7b8467da328e89d
SHA512

48464e5686f8289b21f29c1528ddcf158bbae57a8536a72e52fe32240787333cdd2aa618c5152cf333e84aced06986cecac2c5c94fbe7b3e17e09a15fe393a6f
SSDEEP

393216:kIRIlexz4Zk0q6+S3AX9hfJElSCi1+++iyGC2PrtepQfH16Uqq6UWmZeNpKUef:kIiexz4ZF4SgVmSCS+mJPXYPUhZeNpK

Score

1^/10

Malware Config

Signatures

/bin/sh
sh -c "sudo /bin/zsh -c \"open /Volumes/OCAuxiliaryTools/OCAuxiliaryTools.app\""
1⤵
PID:517

/bin/bash
sh -c "sudo /bin/zsh -c \"open /Volumes/OCAuxiliaryTools/OCAuxiliaryTools.app\""
1⤵
PID:517

/usr/bin/sudo
sudo /bin/zsh -c "open /Volumes/OCAuxiliaryTools/OCAuxiliaryTools.app"
1⤵
PID:517
- /bin/zsh
  /bin/zsh -c "open /Volumes/OCAuxiliaryTools/OCAuxiliaryTools.app"
  2⤵
  PID:518
- /usr/bin/open
  open /Volumes/OCAuxiliaryTools/OCAuxiliaryTools.app
  2⤵
  PID:518

/usr/libexec/xpcproxy
xpcproxy z.OC-Auxiliary-Tools.2320
1⤵
PID:519

/Volumes/OCAuxiliaryTools/OCAuxiliaryTools.app/Contents/MacOS/OCAuxiliaryTools
/Volumes/OCAuxiliaryTools/OCAuxiliaryTools.app/Contents/MacOS/OCAuxiliaryTools
1⤵
PID:519
- sysctl machdep.cpu
  "sysctl machdep.cpu"
  2⤵
  PID:536
- /Users/run/.ocat/Database/mac/macserial
  /Users/run/.ocat/Database/mac/macserial -s
  2⤵
  PID:537

/usr/libexec/xpcproxy
xpcproxy com.apple.spindump
1⤵
PID:527

/usr/sbin/spindump
/usr/sbin/spindump
1⤵
PID:527

/usr/libexec/xpcproxy
xpcproxy com.apple.spindump_agent
1⤵
PID:528

/usr/libexec/spindump_agent
/usr/libexec/spindump_agent
1⤵
PID:528

/usr/libexec/xpcproxy
xpcproxy com.apple.diagnosticd
1⤵
PID:546

/usr/libexec/diagnosticd
/usr/libexec/diagnosticd
1⤵
PID:546

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/Users/run/.ocat/Database/BaseConfigs/SampleCustom.plist

Filesize
53KB

MD5
671b793f2133906d6f288a1a9c028973

SHA1
5f8d391bf2b32f83603eca7513ede1d15ac5c646

SHA256
c2a6231dd1b4dd3f1934011b444777d0d74dd8917b9d0fef433947915b88f7e7

SHA512
01a7db2b8a187c6742752b7b23cc8d957a2e698d303fe98f2ef88cb812c4c75e65784dd485fdf724ec6ad66205f7247d0a6a93473a5a5019be190d9ff1496231

Download Submit
/Volumes/OCAuxiliaryTools/OCAuxiliaryTools.app/Contents/Info.plist

Filesize
1KB

MD5
5673b3e68d4d7e9cdbf45af79708d7d1

SHA1
247db1856d45352ca27c51d1ec0e2aa800dc719f

SHA256
6679e683811e5719bc56aa4de9f6c1bb4074d10a5714394721de086acc079e42

SHA512
18962a5e096f82acf90f50ee2f28eaa5234a251c41edfea897420966f5d670fc54844bf1974efb7b785802b9e526e06bc40918afff5e11080120a02a687d979c

Download Submit
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C//mds/mdsDirectory.db

Filesize
47KB

MD5
0e4a0d1ceb2af6f0f8d0167ce77be2d3

SHA1
414ba4c1dc5fc8bf53d550e296fd6f5ad669918c

SHA256
cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030

SHA512
1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

Download Submit
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C//mds/mdsObject.db

Filesize
4KB

MD5
d3a1859e6ec593505cc882e6def48fc8

SHA1
f8e6728e3e9de477a75706faa95cead9ce13cb32

SHA256
3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c

SHA512
ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads