Analysis

  • max time kernel
    77s
  • max time network
    104s
  • platform
    macos-10.15_amd64
  • resource
    macos-20241106-en
  • resource tags

    arch:amd64arch:i386image:macos-20241106-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    03/12/2024, 12:23

General

  • Target

    Payload/Spotify.app/Frameworks/Spotilife.dylib

  • Size

    677KB

  • MD5

    cfbbc524163a24b4c75689d557c17d7d

  • SHA1

    c85044d17073d7eea01e2f5f67a98b0c460af18d

  • SHA256

    7808ae6b69d33d7d4aceddb96a9e7eb54c77de91b5ba40abad5fb10f26ec42d9

  • SHA512

    4a11be5b0b25c088cfe274b5a5a6e65a2af51cb44c7d764f01f1c6b58460853ced96f61fea703b86a4a740315aa60388be96d3ec4f78f0574d1d82cf44ddd04c

  • SSDEEP

    6144:yOvotKiLJlQtJCkgNDTXLDgeRF2Cm87OYbuG+E7A69JBGkEEwLzoqojBYLIyP/Pa:8JvN4W9jBi+zSmz

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/Payload/Spotify.app/Frameworks/Spotilife.dylib\""
    1⤵
      PID:499
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/Payload/Spotify.app/Frameworks/Spotilife.dylib\""
      1⤵
        PID:499
      • /usr/bin/sudo
        sudo /bin/zsh -c /Users/run/Payload/Spotify.app/Frameworks/Spotilife.dylib
        1⤵
          PID:499
          • /bin/zsh
            /bin/zsh -c /Users/run/Payload/Spotify.app/Frameworks/Spotilife.dylib
            2⤵
              PID:500
            • /Users/run/Payload/Spotify.app/Frameworks/Spotilife.dylib
              /Users/run/Payload/Spotify.app/Frameworks/Spotilife.dylib
              2⤵
                PID:500

            Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads