1cb6ad7e145fc1ca37eb9007d2338a68d51a5dd960d99a560f1d1eed218c194a

Submit
Reports

Overview

overview

Static

static

Payload/Sp...ts.pdf

windows7-x64

Payload/Sp...ts.pdf

windows10-2004-x64

Payload/Sp...s/cycc

ubuntu-18.04-amd64

Payload/Sp...s/cycc

debian-9-armhf

Payload/Sp...s/cycc

debian-9-mips

Payload/Sp...s/cycc

debian-9-mipsel

Payload/Sp...ynject

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Analysis

max time kernel
77s
max time network
103s
platform
macos-10.15_amd64
resource
macos-20241106-en
resource tags

arch:amd64arch:i386image:macos-20241106-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
submitted
03/12/2024, 12:23

Sharing

Copy URL

Twitter E-mail

Static task

static1

pdf evasion

1 signatures

Behavioral task

behavioral1

Sample

Payload/Spotify.app/Assets.pdf

Resource

win7-20240903-en

discovery

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

Payload/Spotify.app/Assets.pdf

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral3

Sample

Payload/Spotify.app/Frameworks/CydiaSubstrate.framework/Commands/cycc

Resource

ubuntu1804-amd64-20240611-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

Payload/Spotify.app/Frameworks/CydiaSubstrate.framework/Commands/cycc

Resource

debian9-armhf-20240611-en

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

Payload/Spotify.app/Frameworks/CydiaSubstrate.framework/Commands/cycc

Resource

debian9-mipsbe-20240611-en

debian-9-mips

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

Payload/Spotify.app/Frameworks/CydiaSubstrate.framework/Commands/cycc

Resource

debian9-mipsel-20240226-en

debian-9-mipsel

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

Payload/Spotify.app/Frameworks/CydiaSubstrate.framework/Commands/cynject

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

Payload/Spotify.app/Frameworks/CydiaSubstrate.framework/Libraries/SubstrateBootstrap.dylib

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

Payload/Spotify.app/Frameworks/Spotilife.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

Payload/Spotify.app/Frameworks/libswiftAVFoundation.dylib

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

Payload/Spotify.app/Frameworks/libswiftCallKit.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

Payload/Spotify.app/Frameworks/libswiftCloudKit.dylib

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

Payload/Spotify.app/Frameworks/libswiftContacts.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

Payload/Spotify.app/Frameworks/libswiftCore.dylib

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

Payload/Spotify.app/Frameworks/libswiftCoreAudio.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

Payload/Spotify.app/Frameworks/libswiftCoreData.dylib

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

Payload/Spotify.app/Frameworks/libswiftCoreFoundation.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

Payload/Spotify.app/Frameworks/libswiftCoreGraphics.dylib

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

Payload/Spotify.app/Frameworks/libswiftCoreImage.dylib

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

Payload/Spotify.app/Frameworks/libswiftCoreLocation.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

Payload/Spotify.app/Frameworks/libswiftCoreMedia.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

Payload/Spotify.app/Frameworks/libswiftDarwin.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

Payload/Spotify.app/Frameworks/libswiftDispatch.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

Payload/Spotify.app/Frameworks/libswiftFoundation.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

Payload/Spotify.app/Frameworks/libswiftIntents.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

Payload/Spotify.app/Frameworks/libswiftMapKit.dylib

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

Payload/Spotify.app/Frameworks/libswiftMediaPlayer.dylib

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

Payload/Spotify.app/Frameworks/libswiftMetal.dylib

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

Payload/Spotify.app/Frameworks/libswiftNetwork.dylib

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

Payload/Spotify.app/Frameworks/libswiftObjectiveC.dylib

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

Payload/Spotify.app/Frameworks/libswiftQuartzCore.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

Payload/Spotify.app/Frameworks/libswiftUIKit.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Report Analysis Logs

General

Target

Payload/Spotify.app/Frameworks/libswiftDispatch.dylib
Size

210KB
MD5

6f1f82c45299bd7fd8769244c5f079d7
SHA1

7c2c4ee6da2dfe360155dbc8064563905bf5d7d2
SHA256

acb859e03234963633b273f58a53aac92225bad210b4ee22d5b1b97653d29384
SHA512

0e0f68a0b6b7e39e91549b7d0dcfc113aacbcafa5cbe80e11894c34fe48f7807db88fa1ed2c4f9dd063d742b56471d7399630866022424217870474debbeaf2e
SSDEEP

3072:9KK81QQWTEz7YXtk5IDJqiuQZ8CDozc+wNqTo:01+u2874+po

Score

1^/10

Malware Config

Signatures

Processes

/bin/sh
sh -c "sudo /bin/zsh -c \"/Users/run/Payload/Spotify.app/Frameworks/libswiftDispatch.dylib\""
1⤵
PID:499

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/Payload/Spotify.app/Frameworks/libswiftDispatch.dylib\""
1⤵
PID:499

/usr/bin/sudo
sudo /bin/zsh -c /Users/run/Payload/Spotify.app/Frameworks/libswiftDispatch.dylib
1⤵
PID:499
- /bin/zsh
  /bin/zsh -c /Users/run/Payload/Spotify.app/Frameworks/libswiftDispatch.dylib
  2⤵
  PID:500
- /Users/run/Payload/Spotify.app/Frameworks/libswiftDispatch.dylib
  /Users/run/Payload/Spotify.app/Frameworks/libswiftDispatch.dylib
  2⤵
  PID:500

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads