Overview

overview

10

Static

static

10

2024-12-27...ekoobe

macos-10.15-amd64

1

Analysis

  • max time kernel
    81s
  • max time network
    127s
  • platform
    macos-10.15_amd64
  • resource
    macos-20241106-en
  • resource tags

    arch:amd64arch:i386image:macos-20241106-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    27-12-2024 20:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-12-27_ec725928287c0e42749b6da0c6bc5a10_adload_evilquest_rekoobe

  • Size

    337KB

  • MD5

    ec725928287c0e42749b6da0c6bc5a10

  • SHA1

    a5ff3a6bdbb6e1b60c3330bf84cea74fabc83338

  • SHA256

    3e01fe2a4b62f0e51e5bb354b2ce7891eb674a442d3bac76425affc48eb97c7c

  • SHA512

    5591c1c04eb3a8d0fb0bb2b812cf96ed8fcfcc5ab76ca3403c2681329fe8c851234495b1ea2247eed789133ec5b12da7519026463de053700dfe80e3a04b3772

  • SSDEEP

    6144:5SeOQdaZNxtk8cqhSxvHY9PSeOQdaZNxtk8cqhSxvHY9:5LOQdaDxq8cqavHYBLOQdaDxq8cqavHY

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/2024-12-27_ec725928287c0e42749b6da0c6bc5a10_adload_evilquest_rekoobe\""
    1⤵
      PID:463
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/2024-12-27_ec725928287c0e42749b6da0c6bc5a10_adload_evilquest_rekoobe\""
      1⤵
        PID:463
      • /usr/bin/sudo
        sudo /bin/zsh -c /Users/run/2024-12-27_ec725928287c0e42749b6da0c6bc5a10_adload_evilquest_rekoobe
        1⤵
          PID:463
          • /bin/zsh
            /bin/zsh -c /Users/run/2024-12-27_ec725928287c0e42749b6da0c6bc5a10_adload_evilquest_rekoobe
            2⤵
              PID:465
            • /Users/run/2024-12-27_ec725928287c0e42749b6da0c6bc5a10_adload_evilquest_rekoobe
              /Users/run/2024-12-27_ec725928287c0e42749b6da0c6bc5a10_adload_evilquest_rekoobe
              2⤵
                PID:465
            • /bin/sh
              sh -c "sysctl -n hw.ncpu"
              1⤵
                PID:466
              • /bin/bash
                sh -c "sysctl -n hw.ncpu"
                1⤵
                  PID:466
                • /usr/sbin/sysctl
                  sysctl -n hw.ncpu
                  1⤵
                    PID:466

                  Network

                  MITRE ATT&CK Matrix

                  Replay Monitor

                  Loading Replay Monitor...

                  Downloads