Overview

overview

10

Static

static

10

drivers.exe

windows10-1703-x64

10

drivers.exe

windows10-2004-x64

10

drivers.exe

windows11-21h2-x64

10

drivers.exe

macos-10.15-amd64

1

Analysis

  • max time kernel
    102s
  • max time network
    152s
  • platform
    macos-10.15_amd64
  • resource
    macos-20240711.1-en
  • resource tags

    arch:amd64arch:i386image:macos-20240711.1-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    23-08-2024 15:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    drivers.exe

  • Size

    229KB

  • MD5

    8275af467a6e5859869a13eabc03cc15

  • SHA1

    e70d0630ff34f6a1c72ab4343dc01c6dd4c53bc1

  • SHA256

    5c37ed0542974bf478e1e6ff614395e6110bfc4726494e72f76b62e014bda0ff

  • SHA512

    87497047b564694a15193d6b5e7d13fbfbbeeec2f14993c09a79b52fa9781ede36136d1c688d264ccd2c45ea93d5f372c210ae54066de02e3abf7d15428d4e6a

  • SSDEEP

    6144:lloZMLrIkd8g+EtXHkv/iD4yEay5nsAv4OXZkQlpAb8e1mGi:noZ0L+EP8yEay5nsAv4OXZkQlu4

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/drivers.exe\""
    1⤵
      PID:477
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/drivers.exe\""
      1⤵
        PID:477
      • /usr/bin/sudo
        sudo /bin/zsh -c /Users/run/drivers.exe
        1⤵
          PID:477
          • /bin/zsh
            /bin/zsh -c /Users/run/drivers.exe
            2⤵
              PID:479
            • /Users/run/drivers.exe
              /Users/run/drivers.exe
              2⤵
                PID:479
            • /System/Applications/Music.app/Contents/MacOS/Music
              /System/Applications/Music.app/Contents/MacOS/Music
              1⤵
                PID:513
              • /usr/libexec/xpcproxy
                xpcproxy com.apple.audio.AudioComponentRegistrar
                1⤵
                  PID:515
                • /System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar
                  /System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar
                  1⤵
                    PID:515
                  • /System/Applications/Music.app/Contents/XPCServices/VisualizerService.xpc/Contents/MacOS/VisualizerService
                    /System/Applications/Music.app/Contents/XPCServices/VisualizerService.xpc/Contents/MacOS/VisualizerService
                    1⤵
                      PID:518
                    • /usr/libexec/xpcproxy
                      xpcproxy com.apple.WebKit.WebContent.F63EF90D-B007-48EB-8CE6-7430EB8CF419 513
                      1⤵
                        PID:520
                      • /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                        /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
                        1⤵
                          PID:520
                        • /usr/libexec/xpcproxy
                          xpcproxy com.apple.Safari.SafeBrowsing.Service
                          1⤵
                            PID:522
                          • /System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service
                            /System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service
                            1⤵
                              PID:522
                            • /usr/libexec/xpcproxy
                              xpcproxy com.apple.spindump
                              1⤵
                                PID:525
                              • /usr/sbin/spindump
                                /usr/sbin/spindump
                                1⤵
                                  PID:525
                                • /usr/libexec/xpcproxy
                                  xpcproxy com.apple.spindump_agent
                                  1⤵
                                    PID:527
                                  • /usr/libexec/spindump_agent
                                    /usr/libexec/spindump_agent
                                    1⤵
                                      PID:527

                                    Network

                                    MITRE ATT&CK Matrix

                                    Replay Monitor

                                    Loading Replay Monitor...

                                    Downloads

                                    • /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C//mds/mdsDirectory.db
                                      Filesize

                                      47KB

                                      MD5

                                      0e4a0d1ceb2af6f0f8d0167ce77be2d3

                                      SHA1

                                      414ba4c1dc5fc8bf53d550e296fd6f5ad669918c

                                      SHA256

                                      cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030

                                      SHA512

                                      1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

                                      Download Submit

                                    • /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C//mds/mdsObject.db
                                      Filesize

                                      4KB

                                      MD5

                                      d3a1859e6ec593505cc882e6def48fc8

                                      SHA1

                                      f8e6728e3e9de477a75706faa95cead9ce13cb32

                                      SHA256

                                      3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c

                                      SHA512

                                      ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818

                                      Download Submit

                                    • /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/malware,osx,url_expression
                                      Filesize

                                      215KB

                                      MD5

                                      1e332f4ab3db6e76080978ff2b23d39a

                                      SHA1

                                      97dfe710cec5526c39fa4156317f0e6ac36f4c89

                                      SHA256

                                      ac960b3c64afc221c4e885be2187e6f0a6a44f8319a2da358931eb99c6dd2aa8

                                      SHA512

                                      402e1f7dc382fea57b5429a8303ee3c1780cbad991c3013da4c302cb00ceae43fe7a2f4658cde4c83cf034689bec7265d1e0fc10f23a2d5648ac2e93dfcc065d

                                      Download Submit

                                    • /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/social_engineering,osx,url_expression
                                      Filesize

                                      21.8MB

                                      MD5

                                      5ff4f4c92e9fc1cbacb7ce61b0016832

                                      SHA1

                                      220581818914de689c7810bc857e7e34dbf3afc2

                                      SHA256

                                      716f8b6f8345f37187f19e2d21defab17d5753520fec390442f3dcc176b9e572

                                      SHA512

                                      ad5e0eb745e5f45dd4afdd32da4778b3729aba49867000401149a77a0ba5f4431cecf1d303bb150f73de6e0917473bbc1da30f3c7b90126439974d1af9535afd

                                      Download Submit

                                    • /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/unwanted_software,osx,url_expression
                                      Filesize

                                      129KB

                                      MD5

                                      38dc3536848aa7c64accdf4654cffe76

                                      SHA1

                                      e8df94913c069bfab76328b620f1a0d6d741a1b5

                                      SHA256

                                      d161e79b5fe1938b493a8ed2de61b00ed5bee0e989adf1704b4a5d0e4be5955d

                                      SHA512

                                      9a12209704b15817abd19c7623044c8397e0791dd2ed574239c53a95a5a807e416aa858f311a0ebf95d6b6ddf9a355212a2cbb5223175d38bc76f1ee0b6c3f56

                                      Download Submit