Analysis

  • max time kernel
    79s
  • max time network
    104s
  • platform
    macos-10.15_amd64
  • resource
    macos-20241106-en
  • resource tags

    arch:amd64arch:i386image:macos-20241106-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    03/12/2024, 12:23

General

  • Target

    Payload/Spotify.app/Frameworks/CydiaSubstrate.framework/Commands/cynject

  • Size

    212KB

  • MD5

    8ad8162a530866f3e2dfe470b2346124

  • SHA1

    0e052088721bd335b9a5d9933c87a44662544bbf

  • SHA256

    01175a57da15e7bc71cbbb2afbb56834d955d225c9a19541bc79f3020bb10d06

  • SHA512

    7e6152bf86596c60d4a8ea891684b299f1feb5f6329ea939362997c55e5d0eb5b1a874efecf07bdc7bc3e0df8873adec7fd128b2d214de069b73c2ff39910c2e

  • SSDEEP

    768:yoRzY1Cq9dPFNLU9sdyi1W4R1MWPZdPFNLU9sdyi1W:HuNusd+qNusd

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/Payload/Spotify.app/Frameworks/CydiaSubstrate.framework/Commands/cynject\""
    1⤵
      PID:489
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/Payload/Spotify.app/Frameworks/CydiaSubstrate.framework/Commands/cynject\""
      1⤵
        PID:489
      • /usr/bin/sudo
        sudo /bin/zsh -c /Users/run/Payload/Spotify.app/Frameworks/CydiaSubstrate.framework/Commands/cynject
        1⤵
          PID:489
          • /bin/zsh
            /bin/zsh -c /Users/run/Payload/Spotify.app/Frameworks/CydiaSubstrate.framework/Commands/cynject
            2⤵
              PID:490
            • /Users/run/Payload/Spotify.app/Frameworks/CydiaSubstrate.framework/Commands/cynject
              /Users/run/Payload/Spotify.app/Frameworks/CydiaSubstrate.framework/Commands/cynject
              2⤵
                PID:490

            Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads