9ab258db43693b78593325ee6bdd1ff2632b7db42d31eb35ba5118d0e5729ed5

Analysis

max time kernel
138s
max time network
159s
platform
macos-10.15_amd64
resource
macos-20240711.1-en
resource tags

arch:amd64arch:i386image:macos-20240711.1-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
submitted
05/09/2024, 08:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Minecraft/Minecraft.app/Contents/runtime/jre-x64/1.8.0_74/lib/jce.jar
Size

112KB
MD5

a39f61d6ed2585519d7af1e2ea029f59
SHA1

52515ac6deab634f3495fd724dea643ee442b8fd
SHA256

60724d9e372fbe42759349a06d3426380ca2b9162fa01eb2c3587a58a34ad7e0
SHA512

ac2e9ab749f5365be0fb8ebd321e8f231d22eae396053745f047fcbccf8d3de2f737d3c37a52c715addfbdbd18f14809e8b37b382b018b58a76e063efba96948
SSDEEP

1536:5sNJO+ylt6se6sgU0w/XzGYWuSy15DudYLSfaxwpt5g1naZEqwoJ8sYcF+z/VSG8:aj8GHXZSy1pudYLdQe1ATtKVS+ws9O

Score

4^/10

execution

Malware Config

Signatures

JavaScript 1 TTPs 1 IoCs

Adversaries may abuse various implementations of JavaScript for execution.

execution

JavaScript

T1059.007

ioc	Process
"/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/bin/java" -jar /Users/run/Minecraft/Minecraft.app/Contents/runtime/jre-x64/1.8.0_74/lib/jce.jar	Process not Found

/bin/sh
sh -c "sudo /bin/zsh -c \"open /Users/run/Minecraft/Minecraft.app/Contents/runtime/jre-x64/1.8.0_74/lib/jce.jar\""
1⤵
PID:507

/bin/bash
sh -c "sudo /bin/zsh -c \"open /Users/run/Minecraft/Minecraft.app/Contents/runtime/jre-x64/1.8.0_74/lib/jce.jar\""
1⤵
PID:507

/usr/bin/sudo
sudo /bin/zsh -c "open /Users/run/Minecraft/Minecraft.app/Contents/runtime/jre-x64/1.8.0_74/lib/jce.jar"
1⤵
PID:507
- /bin/zsh
  /bin/zsh -c "open /Users/run/Minecraft/Minecraft.app/Contents/runtime/jre-x64/1.8.0_74/lib/jce.jar"
  2⤵
  PID:508
- /usr/bin/open
  open /Users/run/Minecraft/Minecraft.app/Contents/runtime/jre-x64/1.8.0_74/lib/jce.jar
  2⤵
  PID:508

/usr/libexec/xpcproxy
xpcproxy com.apple.JarLauncher.1532
1⤵
PID:509

/System/Library/CoreServices/Jar Launcher.app/Contents/MacOS/Jar Launcher
"/System/Library/CoreServices/Jar Launcher.app/Contents/MacOS/Jar Launcher"
1⤵
PID:509
- /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/bin/java
  "/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/bin/java" -jar /Users/run/Minecraft/Minecraft.app/Contents/runtime/jre-x64/1.8.0_74/lib/jce.jar
  2⤵
  PID:510

/usr/libexec/xpcproxy
xpcproxy com.apple.metadata.mdwrite
1⤵
PID:511

/usr/libexec/xpcproxy
xpcproxy com.apple.corespotlightservice.725FD30A-6064-6C02-CC51-5DDB8891B57E
1⤵
PID:525

/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
1⤵
PID:525

/bin/launchctl
/bin/launchctl kill SIGTERM system/com.microsoft.OneDriveUpdaterDaemon
1⤵
PID:528

/bin/launchctl
/bin/launchctl kill SIGTERM system/com.microsoft.OneDriveStandaloneUpdaterDaemon
1⤵
PID:529

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads