aa8ff4d4c4505f9245ae995be2fee8f6a78b1167126e613490e1c22549bdf142 | Triage

Submit
Reports

Overview

overview

3

Static

static

3

capcut_cap...1).exe

macos-10.15-amd64

1

$PLUGINSDI...er.dll

macos-10.15-amd64

1

$PLUGINSDI...em.dll

macos-10.15-amd64

1

$PLUGINSDI...ed.dll

macos-10.15-amd64

1

$PLUGINSDI...in.dll

macos-10.15-amd64

1

$PLUGINSDI...er.dll

macos-10.15-amd64

1

Resubmissions

22-08-2024 14:53

240822-r9gxvavhpn 3

22-08-2024 14:49

240822-r631xasfrh 5

22-08-2024 14:35

240822-ryadmasckd 9

Analysis

max time kernel
366s
max time network
1804s
platform
macos-10.15_amd64
resource
macos-20240711.1-en
resource tags

arch:amd64arch:i386image:macos-20240711.1-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
submitted
22-08-2024 14:53

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

capcut_capcutpc_invitefission_1.2.4_installer (1).exe

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

1800 seconds

Behavioral task

behavioral2

Sample

$PLUGINSDIR/BgWorker.dll

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

1800 seconds

Behavioral task

behavioral3

Sample

$PLUGINSDIR/System.dll

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

1800 seconds

Behavioral task

behavioral4

Sample

$PLUGINSDIR/deviceregister_shared.dll

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

1800 seconds

Behavioral task

behavioral5

Sample

$PLUGINSDIR/downloader_nsis_plugin.dll

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

1800 seconds

Behavioral task

behavioral6

Sample

$PLUGINSDIR/shell_downloader.dll

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

1800 seconds

Report Analysis Logs

General

Target

$PLUGINSDIR/BgWorker.dll
Size

2KB
MD5

33ec04738007e665059cf40bc0f0c22b
SHA1

4196759a922e333d9b17bda5369f14c33cd5e3bc
SHA256

50f735ab8f3473423e6873d628150bbc0777be7b4f6405247cddf22bb00fb6be
SHA512

2318b01f0c2f2f021a618ca3e6e5c24a94df5d00154766b77160203b8b0a177c8581c7b688ffe69be93a69bc7fd06b8a589844d42447f5060fb4bcf94d8a9aef

Score

1^/10

Malware Config

Signatures

Processes

/bin/sh
sh -c "sudo /bin/zsh -c \"/Users/run/\$PLUGINSDIR/BgWorker.dll\""
1⤵
PID:479

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/\$PLUGINSDIR/BgWorker.dll\""
1⤵
PID:479

/usr/bin/sudo
sudo /bin/zsh -c /Users/run//BgWorker.dll
1⤵
PID:479

/bin/zsh
/bin/zsh -c /Users/run//BgWorker.dll
2⤵
PID:480

/Users/run//BgWorker.dll
/Users/run//BgWorker.dll
2⤵
PID:480

/usr/libexec/xpcproxy
xpcproxy com.apple.spindump
1⤵
PID:523

/usr/sbin/spindump
/usr/sbin/spindump
1⤵
PID:523

/usr/libexec/xpcproxy
xpcproxy com.apple.diagnosticd
1⤵
PID:524

/usr/libexec/diagnosticd
/usr/libexec/diagnosticd
1⤵
PID:524

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy