1cb6ad7e145fc1ca37eb9007d2338a68d51a5dd960d99a560f1d1eed218c194a

Submit
Reports

Overview

overview

Static

static

Payload/Sp...ts.pdf

windows7-x64

Payload/Sp...ts.pdf

windows10-2004-x64

Payload/Sp...s/cycc

ubuntu-18.04-amd64

Payload/Sp...s/cycc

debian-9-armhf

Payload/Sp...s/cycc

debian-9-mips

Payload/Sp...s/cycc

debian-9-mipsel

Payload/Sp...ynject

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Payload/Sp....dylib

macos-10.15-amd64

Analysis

max time kernel
79s
max time network
104s
platform
macos-10.15_amd64
resource
macos-20241106-en
resource tags

arch:amd64arch:i386image:macos-20241106-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
submitted
03/12/2024, 12:23

Sharing

Copy URL

Twitter E-mail

Static task

static1

pdf evasion

1 signatures

Behavioral task

behavioral1

Sample

Payload/Spotify.app/Assets.pdf

Resource

win7-20240903-en

discovery

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

Payload/Spotify.app/Assets.pdf

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral3

Sample

Payload/Spotify.app/Frameworks/CydiaSubstrate.framework/Commands/cycc

Resource

ubuntu1804-amd64-20240611-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

Payload/Spotify.app/Frameworks/CydiaSubstrate.framework/Commands/cycc

Resource

debian9-armhf-20240611-en

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

Payload/Spotify.app/Frameworks/CydiaSubstrate.framework/Commands/cycc

Resource

debian9-mipsbe-20240611-en

debian-9-mips

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

Payload/Spotify.app/Frameworks/CydiaSubstrate.framework/Commands/cycc

Resource

debian9-mipsel-20240226-en

debian-9-mipsel

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

Payload/Spotify.app/Frameworks/CydiaSubstrate.framework/Commands/cynject

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

Payload/Spotify.app/Frameworks/CydiaSubstrate.framework/Libraries/SubstrateBootstrap.dylib

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

Payload/Spotify.app/Frameworks/Spotilife.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

Payload/Spotify.app/Frameworks/libswiftAVFoundation.dylib

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

Payload/Spotify.app/Frameworks/libswiftCallKit.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

Payload/Spotify.app/Frameworks/libswiftCloudKit.dylib

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

Payload/Spotify.app/Frameworks/libswiftContacts.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

Payload/Spotify.app/Frameworks/libswiftCore.dylib

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

Payload/Spotify.app/Frameworks/libswiftCoreAudio.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

Payload/Spotify.app/Frameworks/libswiftCoreData.dylib

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

Payload/Spotify.app/Frameworks/libswiftCoreFoundation.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

Payload/Spotify.app/Frameworks/libswiftCoreGraphics.dylib

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

Payload/Spotify.app/Frameworks/libswiftCoreImage.dylib

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

Payload/Spotify.app/Frameworks/libswiftCoreLocation.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

Payload/Spotify.app/Frameworks/libswiftCoreMedia.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

Payload/Spotify.app/Frameworks/libswiftDarwin.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

Payload/Spotify.app/Frameworks/libswiftDispatch.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

Payload/Spotify.app/Frameworks/libswiftFoundation.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

Payload/Spotify.app/Frameworks/libswiftIntents.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

Payload/Spotify.app/Frameworks/libswiftMapKit.dylib

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

Payload/Spotify.app/Frameworks/libswiftMediaPlayer.dylib

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

Payload/Spotify.app/Frameworks/libswiftMetal.dylib

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

Payload/Spotify.app/Frameworks/libswiftNetwork.dylib

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

Payload/Spotify.app/Frameworks/libswiftObjectiveC.dylib

Resource

macos-20241101-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

Payload/Spotify.app/Frameworks/libswiftQuartzCore.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

Payload/Spotify.app/Frameworks/libswiftUIKit.dylib

Resource

macos-20241106-en

macos-10.15-amd64

0 signatures

150 seconds

Report Analysis Logs

General

Target

Payload/Spotify.app/Frameworks/CydiaSubstrate.framework/Commands/cynject
Size

212KB
MD5

8ad8162a530866f3e2dfe470b2346124
SHA1

0e052088721bd335b9a5d9933c87a44662544bbf
SHA256

01175a57da15e7bc71cbbb2afbb56834d955d225c9a19541bc79f3020bb10d06
SHA512

7e6152bf86596c60d4a8ea891684b299f1feb5f6329ea939362997c55e5d0eb5b1a874efecf07bdc7bc3e0df8873adec7fd128b2d214de069b73c2ff39910c2e
SSDEEP

768:yoRzY1Cq9dPFNLU9sdyi1W4R1MWPZdPFNLU9sdyi1W:HuNusd+qNusd

Score

1^/10

Malware Config

Signatures

Processes

/bin/sh
sh -c "sudo /bin/zsh -c \"/Users/run/Payload/Spotify.app/Frameworks/CydiaSubstrate.framework/Commands/cynject\""
1⤵
PID:489

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/Payload/Spotify.app/Frameworks/CydiaSubstrate.framework/Commands/cynject\""
1⤵
PID:489

/usr/bin/sudo
sudo /bin/zsh -c /Users/run/Payload/Spotify.app/Frameworks/CydiaSubstrate.framework/Commands/cynject
1⤵
PID:489
- /bin/zsh
  /bin/zsh -c /Users/run/Payload/Spotify.app/Frameworks/CydiaSubstrate.framework/Commands/cynject
  2⤵
  PID:490
- /Users/run/Payload/Spotify.app/Frameworks/CydiaSubstrate.framework/Commands/cynject
  /Users/run/Payload/Spotify.app/Frameworks/CydiaSubstrate.framework/Commands/cynject
  2⤵
  PID:490

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads