Overview

overview

10

Static

static

10

dsfdsf.jar

macos-10.15-amd64

4

Analysis

  • max time kernel
    39s
  • max time network
    41s
  • platform
    macos-10.15_amd64
  • resource
    macos-20240711.1-en
  • resource tags

    arch:amd64arch:i386image:macos-20240711.1-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    20/10/2024, 08:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dsfdsf.jar

  • Size

    639KB

  • MD5

    cc108aa6088dbb3ade326a5067056702

  • SHA1

    a4ac4ddc10efeb02cfb49d33364e409dee13b67a

  • SHA256

    c2bb92c95627cd2a19705dcc2c9d3a83916e8bf7606500e0f9b2f3f64411a9ae

  • SHA512

    24899d7356f304101a5dbc68aa3355aad6f78a0b6c5d082472fcb881bfdd1f7d46699a020e5b7253fcb853be1c8aab1f2a029ae4675cc9f345f85889f0bde4e6

  • SSDEEP

    12288:yjvpQ5/jrxg3V45VIN8Xg2/bRb+hL0NOr+gO5uR1M3Qus2NoS6RDoI:yjxQ55gl4zTXg212COrHMdQuRNz6RDoI

Score
4/10
execution

Malware Config

Signatures

  • JavaScript 1 TTPs 1 IoCs

    Adversaries may abuse various implementations of JavaScript for execution.

    execution

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"open /Users/run/dsfdsf.jar\""
    1⤵
      PID:487
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"open /Users/run/dsfdsf.jar\""
      1⤵
        PID:487
      • /usr/bin/sudo
        sudo /bin/zsh -c "open /Users/run/dsfdsf.jar"
        1⤵
          PID:487
          • /bin/zsh
            /bin/zsh -c "open /Users/run/dsfdsf.jar"
            2⤵
              PID:488
            • /usr/bin/open
              open /Users/run/dsfdsf.jar
              2⤵
                PID:488
            • /usr/libexec/xpcproxy
              xpcproxy com.apple.JarLauncher.1532
              1⤵
                PID:489
              • /System/Library/CoreServices/Jar Launcher.app/Contents/MacOS/Jar Launcher
                "/System/Library/CoreServices/Jar Launcher.app/Contents/MacOS/Jar Launcher"
                1⤵
                  PID:489
                  • /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/bin/java
                    "/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/bin/java" -jar /Users/run/dsfdsf.jar
                    2⤵
                      PID:493
                  • /usr/libexec/xpcproxy
                    xpcproxy com.apple.metadata.mdwrite
                    1⤵
                      PID:492
                    • /usr/libexec/xpcproxy
                      xpcproxy com.apple.audio.AudioComponentRegistrar
                      1⤵
                        PID:516
                      • /System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar
                        /System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar -daemon
                        1⤵
                          PID:516

                        Network

                        MITRE ATT&CK Enterprise v15

                        Replay Monitor

                        Loading Replay Monitor...

                        Downloads