Analysis

  • max time kernel
    78s
  • max time network
    105s
  • platform
    macos-10.15_amd64
  • resource
    macos-20241101-en
  • resource tags

    arch:amd64arch:i386image:macos-20241101-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    17/11/2024, 08:37

General

  • Target

    MediaHuman Audio Converter/MediaHuman Audio Converter.app/Contents/PlugIns/printsupport/libcocoaprintersupport.dylib

  • Size

    46KB

  • MD5

    6ced81aa15a46d1568cb2e147b71ffd8

  • SHA1

    b6ee5b047c9c79d5aa649257c5988ddb74f5faaf

  • SHA256

    c8f08c43e1294fa350fa8bdd694255d811d806c269d5eecff17581d9b7a39e85

  • SHA512

    aeb2da31f782fe823d81ca8f3c89467f7d398da1ca96702f8df317a4389be8949022a39e48515ecb743d771f4c1e3bcb6632aa92ab4f8d8572357c9214199558

  • SSDEEP

    384:kumyC1MC/fpjjn4WakEJr+Q8UrYriFrefr69rNab8er+:kuu/fCYEH8SHLab8

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/MediaHuman Audio Converter/MediaHuman Audio Converter.app/Contents/PlugIns/printsupport/libcocoaprintersupport.dylib\""
    1⤵
      PID:492
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/MediaHuman Audio Converter/MediaHuman Audio Converter.app/Contents/PlugIns/printsupport/libcocoaprintersupport.dylib\""
      1⤵
        PID:492
      • /usr/bin/sudo
        sudo /bin/zsh -c "/Users/run/MediaHuman Audio Converter/MediaHuman Audio Converter.app/Contents/PlugIns/printsupport/libcocoaprintersupport.dylib"
        1⤵
          PID:492
          • /bin/zsh
            /bin/zsh -c "/Users/run/MediaHuman Audio Converter/MediaHuman Audio Converter.app/Contents/PlugIns/printsupport/libcocoaprintersupport.dylib"
            2⤵
              PID:498
            • /Users/run/MediaHuman
              /Users/run/MediaHuman Audio Converter/MediaHuman Audio Converter.app/Contents/PlugIns/printsupport/libcocoaprintersupport.dylib
              2⤵
                PID:498
            • /usr/libexec/xpcproxy
              xpcproxy com.apple.sysmond
              1⤵
                PID:502
              • /usr/libexec/sysmond
                /usr/libexec/sysmond
                1⤵
                  PID:502

                Network

                      MITRE ATT&CK Matrix

                      Replay Monitor

                      Loading Replay Monitor...

                      Downloads