809631d5c1dfd10a9e185e7ca312eeddcdb46b3ba4afa60ab8cb61accbf3a5fa

Resubmissions

07-11-2024 18:36

241107-w9c14sxcjh 10

Analysis

max time kernel
69s
max time network
104s
platform
macos-10.15_amd64
resource
macos-20241101-en
resource tags

arch:amd64arch:i386image:macos-20241101-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
submitted
07-11-2024 18:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Covid/covid
Size

688KB
MD5

84c373d0ad1d9cee4b97d165a6c5d1b3
SHA1

d0eb9c2c90b6f402c20c92e2f6db0900f9fff4f7
SHA256

7831806172857a563d7b4789acddc98fc11763aaf3cedf937630b4a9dce31419
SHA512

076c69547e0325133d50029d24b0623e37bff119aeabee879177c290f86b9983c5bfac388075ec53b06d015eacdb7d99a20637139628e0e62ef931b420da41d8
SSDEEP

12288:7dsjE55NcCD/YiaN64Jh0nrkqrI8c5dO0+a+x+R62fTUjQX13DEWfDQo9fi:7ajE3dYiqJ+nrkqAZ+a+xiHTUq3DrDQG

Score

1^/10

Malware Config

Signatures

/bin/sh
sh -c "sudo /bin/zsh -c \"/Users/run/Covid/covid\""
1⤵
PID:479

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/Covid/covid\""
1⤵
PID:479

/usr/bin/sudo
sudo /bin/zsh -c /Users/run/Covid/covid
1⤵
PID:479
- /bin/zsh
  /bin/zsh -c /Users/run/Covid/covid
  2⤵
  PID:480
- /Users/run/Covid/covid
  /Users/run/Covid/covid
  2⤵
  PID:480

/usr/libexec/xpcproxy
xpcproxy com.apple.WebKit.WebContent.1812A28A-CD94-4C3D-8BD5-FBB8D909FA3F 480
1⤵
PID:483

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
1⤵
PID:483

/usr/libexec/xpcproxy
xpcproxy com.apple.ViewBridgeAuxiliary
1⤵
PID:499

/System/Library/PrivateFrameworks/ViewBridge.framework/Versions/A/XPCServices/ViewBridgeAuxiliary.xpc/Contents/MacOS/ViewBridgeAuxiliary
/System/Library/PrivateFrameworks/ViewBridge.framework/Versions/A/XPCServices/ViewBridgeAuxiliary.xpc/Contents/MacOS/ViewBridgeAuxiliary
1⤵
PID:499

/usr/libexec/xpcproxy
xpcproxy com.apple.Safari.SafeBrowsing.Service
1⤵
PID:500

/System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service
/System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service
1⤵
PID:500

/usr/libexec/xpcproxy
xpcproxy com.apple.secinitd
1⤵
PID:502

/usr/libexec/secinitd
/usr/libexec/secinitd
1⤵
PID:502

/usr/libexec/xpcproxy
xpcproxy com.apple.audio.systemsoundserverd
1⤵
PID:503

/usr/sbin/systemsoundserverd
/usr/sbin/systemsoundserverd
1⤵
PID:503

/usr/libexec/xpcproxy
xpcproxy com.apple.pbs
1⤵
PID:504

/System/Library/CoreServices/pbs
/System/Library/CoreServices/pbs
1⤵
PID:504

/usr/libexec/xpcproxy
xpcproxy com.apple.audio.AudioComponentRegistrar
1⤵
PID:507

/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar
/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar -daemon
1⤵
PID:507

/usr/libexec/xpcproxy
xpcproxy com.apple.nsurlstoraged
1⤵
PID:516

/usr/libexec/nsurlstoraged
/usr/libexec/nsurlstoraged --privileged
1⤵
PID:516

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C//mds/mdsDirectory.db

Filesize
47KB

MD5
0e4a0d1ceb2af6f0f8d0167ce77be2d3

SHA1
414ba4c1dc5fc8bf53d550e296fd6f5ad669918c

SHA256
cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030

SHA512
1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

Download Submit
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C//mds/mdsObject.db

Filesize
4KB

MD5
d3a1859e6ec593505cc882e6def48fc8

SHA1
f8e6728e3e9de477a75706faa95cead9ce13cb32

SHA256
3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c

SHA512
ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818

Download Submit
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/malware,osx,url_expression

Filesize
299KB

MD5
cb2bf504bb348394c22535f53d84dd54

SHA1
73ff1adbf189c97ed6eab0ee36d977e621949250

SHA256
8477ac495618b09c50b6abc999c82e5091d8492a4aa93ae7ef38d1b1a0555400

SHA512
36d68bdc794ceec2be7740c90add4c3f97bab0b422f9949e006214ffff2a9ab4b6eca2b973f9083627ce0c21da9c5d5c58eb9f0b985b03dcfef406d5b7a9515b

Download Submit
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/social_engineering,osx,url_expression

Filesize
17.1MB

MD5
2f050ca4ed7d18af575a9cc6df2ade1c

SHA1
d9ad8939146ee1131bd80c45d769a527874d328a

SHA256
2e3b088f86354c4e39fd6d2bb5975a6c6ebfe80aea8789562f24a6a21165b46a

SHA512
2d13ddb65439f6243ef7ac214960941c845bd9a4ef5882bd727af6814951f854faf3d00dcc4c1d42063dc012ca03b058dfea3a02c1e69911a6150de76af88f30

Download Submit
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/unwanted_software,osx,url_expression

Filesize
123KB

MD5
5715fc0b6092d43b2aa14608956c9746

SHA1
7e7abf3ca08e836e18336f14292460ce6ccebe16

SHA256
cc974e5143c41e37fce62413a4cee2ef12b3484ef7e926bba7630059f42cb2d2

SHA512
b9238e3934207a2e24b1b21ac7f9459fe101c67c35564318bd4264b43145458b16eafa568a5f6e2a5d1be095d20fe470324a494f587e423bcf475903a9822aef

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads