Overview

overview

4

Static

static

1

关于体�...��.dmg

macos-10.15-amd64

4

0.img

macos-10.15-amd64

1

Analysis

  • max time kernel
    95s
  • max time network
    154s
  • platform
    macos-10.15_amd64
  • resource
    macos-20240711.1-en
  • resource tags

    arch:amd64arch:i386image:macos-20240711.1-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    23-08-2024 11:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0.img

  • Size

    18.5MB

  • MD5

    6f65f5f2074905c08002944ab31480ac

  • SHA1

    a6e00948cf25e73e9f06ef753197fc57a1b14a0d

  • SHA256

    20ac37319b579a34cdca6b147f7e5076d0fb2e73ea1f5bdd054d1ca3017473f7

  • SHA512

    c31a33c3528433052d6988caa4783125849538ae49512e632887d9e2bbb6a825b87d037b57464d499efcd8566227f0db15abb243caf68cae58f2a85443853502

  • SSDEEP

    98304:spNbe/m90EhfM8GW1YYfewpuRKs5MovKzaivV:sve/m3qCpjseoG

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/0.img\""
    1⤵
      PID:488
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/0.img\""
      1⤵
        PID:488
      • /usr/bin/sudo
        sudo /bin/zsh -c /Users/run/0.img
        1⤵
          PID:488
          • /bin/zsh
            /bin/zsh -c /Users/run/0.img
            2⤵
              PID:489
            • /Users/run/0.img
              /Users/run/0.img
              2⤵
                PID:489
            • /bin/launchctl
              /bin/launchctl kill SIGTERM system/com.microsoft.OneDriveUpdaterDaemon
              1⤵
                PID:524
              • /bin/launchctl
                /bin/launchctl kill SIGTERM system/com.microsoft.OneDriveStandaloneUpdaterDaemon
                1⤵
                  PID:525
                • /usr/libexec/xpcproxy
                  xpcproxy com.apple.corespotlightservice.725FD30A-6064-6C02-CC51-5DDB8891B57E
                  1⤵
                    PID:526
                  • /System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
                    /System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
                    1⤵
                      PID:526

                    Network

                    MITRE ATT&CK Matrix

                    Replay Monitor

                    Loading Replay Monitor...

                    Downloads