Overview

overview

3

Static

static

3

win64.exe

android-9-x86

win64.exe

android-10-x64

win64.exe

android-11-x64

win64.exe

macos-10.15-amd64

1

Analysis

  • max time kernel
    136s
  • max time network
    125s
  • platform
    macos-10.15_amd64
  • resource
    macos-20240711.1-en
  • resource tags

    arch:amd64arch:i386image:macos-20240711.1-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    25/08/2024, 18:28

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    win64.exe

  • Size

    1.1MB

  • MD5

    0cf061ff391f467a683d11884d2ad520

  • SHA1

    ed6212e71335f3707303da91c84993c149520d01

  • SHA256

    3ac8a1a80b1aea1542a42ac25b0b4d730cc9f3cebd9b2661686177a083e98c03

  • SHA512

    022e77fb62f3b5911172ef0b378b6f625fb940f475c6069c5146d179c0d426ba99a80f10fada8e5d1bdbd00c3ff3332dbf11f81469a75db29e79e71d0fe616d3

  • SSDEEP

    24576:Yx4er0brd7gWwDj8pL3KXypmEgMjgWBzUnD4:eArd7gNSTBYWGnD4

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/win64.exe\""
    1⤵
      PID:486
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/win64.exe\""
      1⤵
        PID:486
      • /usr/bin/sudo
        sudo /bin/zsh -c /Users/run/win64.exe
        1⤵
          PID:486
          • /bin/zsh
            /bin/zsh -c /Users/run/win64.exe
            2⤵
              PID:487
            • /Users/run/win64.exe
              /Users/run/win64.exe
              2⤵
                PID:487
            • /bin/launchctl
              /bin/launchctl kill SIGTERM system/com.microsoft.OneDriveUpdaterDaemon
              1⤵
                PID:525
              • /bin/launchctl
                /bin/launchctl kill SIGTERM system/com.microsoft.OneDriveStandaloneUpdaterDaemon
                1⤵
                  PID:526
                • /usr/libexec/xpcproxy
                  xpcproxy com.apple.corespotlightservice.725FD30A-6064-6C02-CC51-5DDB8891B57E
                  1⤵
                    PID:530
                  • /System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
                    /System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
                    1⤵
                      PID:530
                    • /usr/libexec/xpcproxy
                      xpcproxy com.apple.newsyslog
                      1⤵
                        PID:535
                      • /usr/sbin/newsyslog
                        /usr/sbin/newsyslog
                        1⤵
                          PID:535

                        Network

                              MITRE ATT&CK Matrix

                              Replay Monitor

                              Loading Replay Monitor...

                              Downloads