Overview

overview

10

Static

static

10

2024-12-16...ekoobe

macos-10.15-amd64

1

Analysis

  • max time kernel
    2s
  • max time network
    102s
  • platform
    macos-10.15_amd64
  • resource
    macos-20241106-en
  • resource tags

    arch:amd64arch:i386image:macos-20241106-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    16-12-2024 17:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-12-16_1b10e5b90f947db8fe0e832aea4550ec_adload_evilquest_rekoobe

  • Size

    168KB

  • MD5

    1b10e5b90f947db8fe0e832aea4550ec

  • SHA1

    582fb719af3d12bc1cfcd42d9f231b00f8c13b6f

  • SHA256

    cb35b035fe963f70a2a09b6741655a5f0d38ad73a76e259b1e0ae124dd5191e1

  • SHA512

    74ec650d1e371a08200c83bc11509006338894809997db60a8fa2935f138af01dedd12f7d11efbd5e37baa587e497ae51419c7afd0597543df4d9bdb33279977

  • SSDEEP

    3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9hI0:5SeOQdaZNxtk8cqhSxvHY9h

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/2024-12-16_1b10e5b90f947db8fe0e832aea4550ec_adload_evilquest_rekoobe\""
    1⤵
      PID:476
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/2024-12-16_1b10e5b90f947db8fe0e832aea4550ec_adload_evilquest_rekoobe\""
      1⤵
        PID:476
      • /usr/bin/sudo
        sudo /bin/zsh -c /Users/run/2024-12-16_1b10e5b90f947db8fe0e832aea4550ec_adload_evilquest_rekoobe
        1⤵
          PID:476
          • /bin/zsh
            /bin/zsh -c /Users/run/2024-12-16_1b10e5b90f947db8fe0e832aea4550ec_adload_evilquest_rekoobe
            2⤵
              PID:478
            • /Users/run/2024-12-16_1b10e5b90f947db8fe0e832aea4550ec_adload_evilquest_rekoobe
              /Users/run/2024-12-16_1b10e5b90f947db8fe0e832aea4550ec_adload_evilquest_rekoobe
              2⤵
                PID:478
            • /bin/sh
              sh -c "sysctl -n hw.ncpu"
              1⤵
                PID:479
              • /bin/bash
                sh -c "sysctl -n hw.ncpu"
                1⤵
                  PID:479
                • /usr/sbin/sysctl
                  sysctl -n hw.ncpu
                  1⤵
                    PID:479

                  Network

                  MITRE ATT&CK Matrix

                  Replay Monitor

                  Loading Replay Monitor...

                  Downloads