1cb6ad7e145fc1ca37eb9007d2338a68d51a5dd960d99a560f1d1eed218c194a

Submit
Reports

Overview

overview

Static

static

Payload/Sp...ts.pdf

windows7-x64

Payload/Sp...ts.pdf

windows10-2004-x64

Payload/Sp...s/cycc

ubuntu-18.04-amd64

Payload/Sp...s/cycc

debian-9-armhf

Payload/Sp...s/cycc

debian-9-mips

Payload/Sp...s/cycc

debian-9-mipsel

Payload/Sp...ynject

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Analysis

max time kernel
77s
max time network
103s
platform
macos-10.15_amd64
resource
macos-20241106-en
resource tags

arch:amd64arch:i386image:macos-20241106-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
submitted
03/12/2024, 12:23

Sharing

Copy URL

Twitter E-mail

Static task

static1

pdf evasion

1 signatures

Behavioral task

behavioral1

Sample

Payload/Spotify.app/Assets.pdf

Resource

win7-20240903-en

discovery

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

Payload/Spotify.app/Assets.pdf

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral3

Sample

Payload/Spotify.app/Frameworks/CydiaSubstrate.framework/Commands/cycc

Resource

ubuntu1804-amd64-20240611-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

Payload/Spotify.app/Frameworks/CydiaSubstrate.framework/Commands/cycc

Resource

debian9-armhf-20240611-en

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

Payload/Spotify.app/Frameworks/CydiaSubstrate.framework/Commands/cycc

Resource

debian9-mipsbe-20240611-en

debian-9-mips

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

Payload/Spotify.app/Frameworks/CydiaSubstrate.framework/Commands/cycc

Resource

debian9-mipsel-20240226-en

debian-9-mipsel

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

Payload/Spotify.app/Frameworks/CydiaSubstrate.framework/Commands/cynject

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

Payload/Spotify.app/Frameworks/CydiaSubstrate.framework/Libraries/SubstrateBootstrap.dylib

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

Payload/Spotify.app/Frameworks/Spotilife.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

Payload/Spotify.app/Frameworks/libswiftAVFoundation.dylib

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

Payload/Spotify.app/Frameworks/libswiftCallKit.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

Payload/Spotify.app/Frameworks/libswiftCloudKit.dylib

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

Payload/Spotify.app/Frameworks/libswiftContacts.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

Payload/Spotify.app/Frameworks/libswiftCore.dylib

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

Payload/Spotify.app/Frameworks/libswiftCoreAudio.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

Payload/Spotify.app/Frameworks/libswiftCoreData.dylib

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

Payload/Spotify.app/Frameworks/libswiftCoreFoundation.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

Payload/Spotify.app/Frameworks/libswiftCoreGraphics.dylib

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

Payload/Spotify.app/Frameworks/libswiftCoreImage.dylib

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

Payload/Spotify.app/Frameworks/libswiftCoreLocation.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

Payload/Spotify.app/Frameworks/libswiftCoreMedia.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

Payload/Spotify.app/Frameworks/libswiftDarwin.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

Payload/Spotify.app/Frameworks/libswiftDispatch.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

Payload/Spotify.app/Frameworks/libswiftFoundation.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

Payload/Spotify.app/Frameworks/libswiftIntents.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

Payload/Spotify.app/Frameworks/libswiftMapKit.dylib

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

Payload/Spotify.app/Frameworks/libswiftMediaPlayer.dylib

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

Payload/Spotify.app/Frameworks/libswiftMetal.dylib

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

Payload/Spotify.app/Frameworks/libswiftNetwork.dylib

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

Payload/Spotify.app/Frameworks/libswiftObjectiveC.dylib

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

Payload/Spotify.app/Frameworks/libswiftQuartzCore.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

Payload/Spotify.app/Frameworks/libswiftUIKit.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Report Analysis Logs

General

Target

Payload/Spotify.app/Frameworks/libswiftIntents.dylib
Size

101KB
MD5

aa08826611437e661f7a08bcc67dac26
SHA1

150de436db939269c3acfab9a337cf6e931499ce
SHA256

22634ca0a19179838c088c212d082d649fa3aa0f5bb45161603c508ffce68d15
SHA512

b6d5efc82279521f6a6a94d3a98e14a9783d13c485bccda9eb43ad46d7ee25d0dec2ce68b2fd0b1332feb5a4bd64ebd3edf4151f3723ddc8e98938f0b8f952ca
SSDEEP

1536:U+VIOlipr3aQr9Ut7M6Tyia77VR7773i6TT907x77dLwPotsDDpCNppYKLhAF0/:j3tgQbwPNH

Score

1^/10

Malware Config

Signatures

Processes

/bin/sh
sh -c "sudo /bin/zsh -c \"/Users/run/Payload/Spotify.app/Frameworks/libswiftIntents.dylib\""
1⤵
PID:489

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/Payload/Spotify.app/Frameworks/libswiftIntents.dylib\""
1⤵
PID:489

/usr/bin/sudo
sudo /bin/zsh -c /Users/run/Payload/Spotify.app/Frameworks/libswiftIntents.dylib
1⤵
PID:489
- /bin/zsh
  /bin/zsh -c /Users/run/Payload/Spotify.app/Frameworks/libswiftIntents.dylib
  2⤵
  PID:490
- /Users/run/Payload/Spotify.app/Frameworks/libswiftIntents.dylib
  /Users/run/Payload/Spotify.app/Frameworks/libswiftIntents.dylib
  2⤵
  PID:490

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads