Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

6

Paste 4.4....d].dmg

macos-10.15-amd64

1

Paste 4.4...._store

windows7-x64

3

Paste 4.4...._store

windows10-2004-x64

3

Paste 4.4....n.icns

windows7-x64

3

Paste 4.4....n.icns

windows10-2004-x64

3

Paste 4.4....g.tiff

windows7-x64

1

Paste 4.4....g.tiff

windows10-2004-x64

1

Paste 4.4....123.gz

windows7-x64

3

Paste 4.4....123.gz

windows10-2004-x64

3

Paste 4.4....124.gz

windows7-x64

3

Paste 4.4....124.gz

windows10-2004-x64

3

Paste 4.4....d-uuid

windows7-x64

1

Paste 4.4....d-uuid

windows10-2004-x64

1

Paste 4.4....fo.xml

windows7-x64

3

Paste 4.4....fo.xml

windows10-2004-x64

1

Paste 4.4.....plist

windows7-x64

3

Paste 4.4.....plist

windows10-2004-x64

3

Paste 4.4....Helper

macos-10.15-amd64

1

Paste 4.4....kgInfo

windows7-x64

1

Paste 4.4....kgInfo

windows10-2004-x64

1

Paste 4.4....es.xml

windows7-x64

3

Paste 4.4....es.xml

windows10-2004-x64

1

Paste 4.4..../Paste

macos-10.15-amd64

4

Paste 4.4.....dylib

macos-10.15-amd64

4

Paste 4.4....kgInfo

windows7-x64

1

Paste 4.4....kgInfo

windows10-2004-x64

1

Paste 4.4....n.icns

windows7-x64

3

Paste 4.4....n.icns

windows10-2004-x64

3

Paste 4.4....te.cer

windows7-x64

1

Paste 4.4....te.cer

windows10-2004-x64

1

Paste 4.4....ts.pdf

windows7-x64

3

Paste 4.4....ts.pdf

windows10-2004-x64

3

Analysis

  • max time kernel
    105s
  • max time network
    124s
  • platform
    macos-10.15_amd64
  • resource
    macos-20240711.1-en
  • resource tags

    arch:amd64arch:i386image:macos-20240711.1-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    21/09/2024, 00:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Paste 4.4.0 [MacKed]/Paste.app/Contents/Library/LoginItems/LaunchAtLoginHelper.app/Contents/MacOS/LaunchAtLoginHelper

  • Size

    177KB

  • MD5

    50a5a0b4416cc144daa8d5a7cca6a0f7

  • SHA1

    dcf03eda4ba38d8337805e6a13b9a1eef07aee08

  • SHA256

    be27d44c13516e70361dc68986f93ecf18b1dc38071c6eee7529b05a2b1770c6

  • SHA512

    2e3b2b5b88ea464d2b93e72d2e858dd6543301ebf006958915744182870b3f3478dbd179df4e3f015e354e9490cd3110d57c8e9f8099e9f680247e593172f47d

  • SSDEEP

    3072:xGkGZg33b70AR6DW1AxxdGZg33b70AR6DW1AxopjhNGZg33b70AR6DW0GZg33b7a:xDGZg33b70AR6DW1AxxdGZg33b70AR6p

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/Paste 4.4.0 [MacKed]/Paste.app/Contents/Library/LoginItems/LaunchAtLoginHelper.app/Contents/MacOS/LaunchAtLoginHelper\""
    1⤵
      PID:514
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/Paste 4.4.0 [MacKed]/Paste.app/Contents/Library/LoginItems/LaunchAtLoginHelper.app/Contents/MacOS/LaunchAtLoginHelper\""
      1⤵
        PID:514
      • /usr/bin/sudo
        sudo /bin/zsh -c "/Users/run/Paste 4.4.0 [MacKed]/Paste.app/Contents/Library/LoginItems/LaunchAtLoginHelper.app/Contents/MacOS/LaunchAtLoginHelper"
        1⤵
          PID:514
          • /bin/zsh
            /bin/zsh -c "/Users/run/Paste 4.4.0 [MacKed]/Paste.app/Contents/Library/LoginItems/LaunchAtLoginHelper.app/Contents/MacOS/LaunchAtLoginHelper"
            2⤵
              PID:515
          • /usr/libexec/xpcproxy
            xpcproxy com.apple.sysmond
            1⤵
              PID:516
            • /usr/libexec/sysmond
              /usr/libexec/sysmond
              1⤵
                PID:516
              • /usr/libexec/xpcproxy
                xpcproxy com.apple.audio.AudioComponentRegistrar
                1⤵
                  PID:518
                • /System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar
                  /System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar -daemon
                  1⤵
                    PID:518
                  • /usr/bin/bzip2
                    /usr/bin/bzip2 -f /var/log/wifi.log.0
                    1⤵
                      PID:527
                    • /usr/libexec/xpcproxy
                      xpcproxy com.apple.corespotlightservice.725FD30A-6064-6C02-CC51-5DDB8891B57E
                      1⤵
                        PID:533
                      • /System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
                        /System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService
                        1⤵
                          PID:533
                        • /bin/launchctl
                          /bin/launchctl kill SIGTERM system/com.microsoft.OneDriveUpdaterDaemon
                          1⤵
                            PID:538
                          • /bin/launchctl
                            /bin/launchctl kill SIGTERM system/com.microsoft.OneDriveStandaloneUpdaterDaemon
                            1⤵
                              PID:539

                            Network

                            MITRE ATT&CK Matrix

                            Replay Monitor

                            Loading Replay Monitor...

                            Downloads