4adfeb9a9f584c7039a6aa3b0121f7ed6c17b5ff85479b6a7246a28d619a669a | Triage

Submit
Reports

Overview

overview

4

Static

static

3

Natro Macr...re.dll

macos-10.15-amd64

4

Natro Macr...fe.dll

macos-10.15-amd64

1

Natro Macr...er.dll

macos-10.15-amd64

1

Natro Macr...ed.dll

macos-10.15-amd64

1

Natro Macr...re.dll

macos-10.15-amd64

1

Natro Macr...mo.dll

macos-10.15-amd64

1

Natro Macr...ta.dll

macos-10.15-amd64

1

Natro Macr...ay.dll

macos-10.15-amd64

1

Natro Macr...na.dll

macos-10.15-amd64

1

Natro Macr...ce.dll

macos-10.15-amd64

1

Natro Macr...ts.dll

macos-10.15-amd64

1

Natro Macr...us.dll

macos-10.15-amd64

1

Natro Macr...n3.dll

macos-10.15-amd64

1

Natro Macr...al.dll

macos-10.15-amd64

1

Natro Macr...eo.dll

macos-10.15-amd64

1

Natro Macr...NK.dll

macos-10.15-amd64

1

Natro Macr...er.dll

macos-10.15-amd64

1

Natro Macr...GV.dll

macos-10.15-amd64

1

Natro Macr...se.dll

macos-10.15-amd64

1

Natro Macr...AS.dll

macos-10.15-amd64

1

Natro Macr...x3.dll

macos-10.15-amd64

1

Natro Macr...mp.dll

macos-10.15-amd64

1

Natro Macr...in.dll

macos-10.15-amd64

1

Natro Macr...S7.dll

macos-10.15-amd64

1

Natro Macr...ay.dll

macos-10.15-amd64

1

Natro Macr...rk.dll

macos-10.15-amd64

1

Natro Macr...32.exe

macos-10.15-amd64

1

Natro Macr...64.exe

macos-10.15-amd64

1

Natro Macr...or.vbs

macos-10.15-amd64

1

Natro Macr...us.ps1

macos-10.15-amd64

1

Natro Macr...und.js

macos-10.15-amd64

1

Natro Macr...ro.vbs

macos-10.15-amd64

1

Resubmissions

01/09/2024, 14:08

240901-rfv8datbph 4

01/09/2024, 13:57

240901-q9ddzssdrm 3

Analysis

max time kernel
94s
max time network
154s
platform
macos-10.15_amd64
resource
macos-20240711.1-en
resource tags

arch:amd64arch:i386image:macos-20240711.1-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
submitted
01/09/2024, 14:08

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Natro Macro v1.0.0.2/nm_image_assets/Styles/Allure.dll

Resource

macos-20240711.1-en

discovery evasion

macos-10.15-amd64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

Natro Macro v1.0.0.2/nm_image_assets/Styles/Ayofe.dll

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

Natro Macro v1.0.0.2/nm_image_assets/Styles/BluePaper.dll

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

Natro Macro v1.0.0.2/nm_image_assets/Styles/Concaved.dll

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

Natro Macro v1.0.0.2/nm_image_assets/Styles/Core.dll

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

Natro Macro v1.0.0.2/nm_image_assets/Styles/Cosmo.dll

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

Natro Macro v1.0.0.2/nm_image_assets/Styles/Fanta.dll

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

Natro Macro v1.0.0.2/nm_image_assets/Styles/Graygray.dll

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

Natro Macro v1.0.0.2/nm_image_assets/Styles/Hana.dll

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

Natro Macro v1.0.0.2/nm_image_assets/Styles/Invoice.dll

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

Natro Macro v1.0.0.2/nm_image_assets/Styles/Lakrits.dll

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

Natro Macro v1.0.0.2/nm_image_assets/Styles/Luminous.dll

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

Natro Macro v1.0.0.2/nm_image_assets/Styles/MacLion3.dll

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

Natro Macro v1.0.0.2/nm_image_assets/Styles/Minimal.dll

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

Natro Macro v1.0.0.2/nm_image_assets/Styles/Museo.dll

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

Natro Macro v1.0.0.2/nm_image_assets/Styles/PINK.dll

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

Natro Macro v1.0.0.2/nm_image_assets/Styles/Panther.dll

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

Natro Macro v1.0.0.2/nm_image_assets/Styles/PaperAGV.dll

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

Natro Macro v1.0.0.2/nm_image_assets/Styles/Relapse.dll

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

Natro Macro v1.0.0.2/nm_image_assets/Styles/SNAS.dll

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

Natro Macro v1.0.0.2/nm_image_assets/Styles/Simplex3.dll

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

Natro Macro v1.0.0.2/nm_image_assets/Styles/Stomp.dll

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

Natro Macro v1.0.0.2/nm_image_assets/Styles/USkin.dll

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

Natro Macro v1.0.0.2/nm_image_assets/Styles/VS7.dll

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

Natro Macro v1.0.0.2/nm_image_assets/Styles/WhiteGray.dll

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

Natro Macro v1.0.0.2/nm_image_assets/Styles/Woodwork.dll

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

Natro Macro v1.0.0.2/submacros/AutoHotkey32.exe

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

Natro Macro v1.0.0.2/submacros/AutoHotkey64.exe

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

Natro Macro v1.0.0.2/submacros/StatMonitor.vbs

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

Natro Macro v1.0.0.2/submacros/Status.ps1

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

Natro Macro v1.0.0.2/submacros/background.js

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

Natro Macro v1.0.0.2/submacros/natro_macro.vbs

Resource

macos-20240711.1-en

macos-10.15-amd64

0 signatures

150 seconds

Report Analysis Logs

General

Target

Natro Macro v1.0.0.2/submacros/StatMonitor.vbs
Size

390KB
MD5

8649cbb189c963951a5b39cc89b8eaa7
SHA1

4000f09d0a13bf9bb22b0f693ec248ddc8ca5a6f
SHA256

2c1b6ae1ff77280aac62a11234a00d6fba89118ac21b5a3a5ca76ee4ece69e64
SHA512

4f697a6d5efc3554d12605b6b5a23aa239dbfdc64df234fc1a1d89acb72478f03e8586f942895346fc3c7694cd8ada237ed7d9ba679b66ddb39dd2d1a3f8d690
SSDEEP

12288:1Aa4bd3iEcTQApLZrHi1SOf1lZZ4n1maKKk4IK3P:abkjdZrCXP3Xk

Score

1^/10

Malware Config

Signatures

Processes

/bin/sh
sh -c "sudo /bin/zsh -c \"/Users/run/Natro Macro v1.0.0.2/submacros/StatMonitor.vbs\""
1⤵
PID:488

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/Natro Macro v1.0.0.2/submacros/StatMonitor.vbs\""
1⤵
PID:488

/usr/bin/sudo
sudo /bin/zsh -c "/Users/run/Natro Macro v1.0.0.2/submacros/StatMonitor.vbs"
1⤵
PID:488
- /bin/zsh
  /bin/zsh -c "/Users/run/Natro Macro v1.0.0.2/submacros/StatMonitor.vbs"
  2⤵
  PID:489
- /Users/run/Natro
  /Users/run/Natro Macro v1.0.0.2/submacros/StatMonitor.vbs
  2⤵
  PID:489

/usr/libexec/xpcproxy
xpcproxy com.apple.corespotlightservice.725FD30A-6064-6C02-CC51-5DDB8891B57E
1⤵
PID:532

/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
1⤵
PID:532

/bin/launchctl
/bin/launchctl kill SIGTERM system/com.microsoft.OneDriveUpdaterDaemon
1⤵
PID:537

/bin/launchctl
/bin/launchctl kill SIGTERM system/com.microsoft.OneDriveStandaloneUpdaterDaemon
1⤵
PID:538

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy