Overview

overview

4

Static

static

1

DOSBox-0.74-3-3.dmg

macos-10.15-amd64

4

DOSBox 0.7...uthors

macos-10.15-amd64

1

DOSBox 0.7...antine

macos-10.15-amd64

1

DOSBox 0.7...ngeLog

macos-10.15-amd64

1

DOSBox 0.7...antine

macos-10.15-amd64

1

DOSBox 0.7...icense

macos-10.15-amd64

1

DOSBox 0.7...antine

macos-10.15-amd64

1

DOSBox 0.74-3-3/News

macos-10.15-amd64

1

DOSBox 0.7...ate#ps

macos-10.15-amd64

1

DOSBox 0.7...antine

macos-10.15-amd64

1

DOSBox 0.7...nrange

macos-10.15-amd64

4

DOSBox 0.7...eindex

macos-10.15-amd64

1

DOSBox 0.7...Me.vbs

macos-10.15-amd64

1

DOSBox 0.7...antine

macos-10.15-amd64

1

DOSBox 0.7...Thanks

macos-10.15-amd64

1

DOSBox 0.7...antine

macos-10.15-amd64

1

DOSBox 0.7...fo.xml

macos-10.15-amd64

1

DOSBox 0.7...ate#ps

macos-10.15-amd64

1

DOSBox 0.7...nrange

macos-10.15-amd64

1

DOSBox 0.7...eindex

macos-10.15-amd64

1

DOSBox 0.7...DOSBox

macos-10.15-amd64

1

DOSBox 0.7...kgInfo

macos-10.15-amd64

1

DOSBox 0.7...x.icns

macos-10.15-amd64

4

DOSBox 0.7...es.xml

macos-10.15-amd64

1

DOSBox 0.7...ts.xml

macos-10.15-amd64

1

DOSBox 0.7...ectory

macos-10.15-amd64

1

DOSBox 0.7...ements

macos-10.15-amd64

1

DOSBox 0.7...ements

macos-10.15-amd64

1

DOSBox 0.7...ents-1

macos-10.15-amd64

1

DOSBox 0.7...nature

macos-10.15-amd64

1

DOSBox 0.7...ate#ps

macos-10.15-amd64

1

Analysis

  • max time kernel
    565s
  • max time network
    584s
  • platform
    macos-10.15_amd64
  • resource
    macos-20241106-en
  • resource tags

    arch:amd64arch:i386image:macos-20241106-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    01-01-2025 00:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    DOSBox-0.74-3-3.dmg

  • Size

    4.0MB

  • MD5

    46ee63676e95c7049f0fd6032ff5923c

  • SHA1

    e32b2c4ab5d6f5430851811765b7176d0bfc4059

  • SHA256

    83493d149318cb7bfe5d68d98d1cd10b003db2f0519374bf06de285dc0bb2768

  • SHA512

    8f7fc8f16ab1cd23d2e9b7ee26ccff1db4b4f898a25ca02adc55cb509d9bc49e3d2b9a3896c00a76d6369bd0663799843fe676b0050f49f7a8a68b186c852e95

  • SSDEEP

    98304:/wCFOglHg0mVl5g3o+zweO+dkFed3EXUhi4+XibG9X5zqZSGtEpw7:oCFi0GzgDdpxEXVXybG9X5zqlEpw7

Score
4/10
evasion

Malware Config

Signatures

  • Resource Forking 1 TTPs 1 IoCs

    Adversaries may abuse resource forks to hide malicious code or executables to evade detection and bypass security applications. A resource fork provides applications a structured way to store resources such as thumbnail images, menu definitions, icons, dialog boxes, and code.

    evasion

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"open /Volumes/DOSBox\\ 0.74-3-3/dosbox.app\""
    1⤵
      PID:501
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"open /Volumes/DOSBox\\ 0.74-3-3/dosbox.app\""
      1⤵
        PID:501
      • /usr/bin/sudo
        sudo /bin/zsh -c "open /Volumes/DOSBox\\ 0.74-3-3/dosbox.app"
        1⤵
          PID:501
          • /bin/zsh
            /bin/zsh -c "open /Volumes/DOSBox\\ 0.74-3-3/dosbox.app"
            2⤵
              PID:502
            • /usr/bin/open
              open "/Volumes/DOSBox 0.74-3-3/dosbox.app"
              2⤵
                PID:502
            • /usr/bin/bzip2
              /usr/bin/bzip2 -f /var/log/wifi.log.0
              1⤵
                PID:503
              • /usr/libexec/xpcproxy
                xpcproxy com.dosbox.dosbox.2332
                1⤵
                  PID:506
                • /Volumes/DOSBox 0.74-3-3/dosbox.app/Contents/MacOS/DOSBox
                  "/Volumes/DOSBox 0.74-3-3/dosbox.app/Contents/MacOS/DOSBox"
                  1⤵
                    PID:506
                  • /usr/libexec/xpcproxy
                    xpcproxy com.apple.universalaccessAuthWarn
                    1⤵
                      PID:510
                    • /System/Library/PrivateFrameworks/UniversalAccess.framework/Versions/A/Resources/universalAccessAuthWarn.app/Contents/MacOS/universalAccessAuthWarn
                      /System/Library/PrivateFrameworks/UniversalAccess.framework/Versions/A/Resources/universalAccessAuthWarn.app/Contents/MacOS/universalAccessAuthWarn launchd -s
                      1⤵
                        PID:510
                      • /usr/libexec/xpcproxy
                        xpcproxy com.apple.sysextd
                        1⤵
                          PID:511
                        • /System/Library/Frameworks/SystemExtensions.framework/Versions/A/Helpers/sysextd
                          /System/Library/Frameworks/SystemExtensions.framework/Versions/A/Helpers/sysextd
                          1⤵
                            PID:511
                          • /usr/libexec/xpcproxy
                            xpcproxy com.apple.audio.AudioComponentRegistrar
                            1⤵
                              PID:512
                            • /System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar
                              /System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar
                              1⤵
                                PID:512
                              • /usr/libexec/xpcproxy
                                xpcproxy com.apple.spindump
                                1⤵
                                  PID:524
                                • /usr/sbin/spindump
                                  /usr/sbin/spindump
                                  1⤵
                                    PID:524
                                  • /usr/libexec/xpcproxy
                                    xpcproxy com.apple.spindump_agent
                                    1⤵
                                      PID:525
                                    • /usr/libexec/spindump_agent
                                      /usr/libexec/spindump_agent
                                      1⤵
                                        PID:525

                                      Network

                                      MITRE ATT&CK Enterprise v15

                                      Replay Monitor

                                      Loading Replay Monitor...

                                      Downloads

                                      • /private/var/db/systemstats/A6EB50E3-1E3F-4C4E-955C-E68639DC392F.microstackshots.XXXXXX.gz
                                        Filesize

                                        5KB

                                        MD5

                                        487c5263b23a0768b4e71476646c9cd4

                                        SHA1

                                        bf70c3c72d62ecc73d040aa4c38b2f85dd106a25

                                        SHA256

                                        e3e8acd0d769fb10ccb5d087453718cc0d798387bca6be0f0583e6949d87cedc

                                        SHA512

                                        8674478feae3266cad3f4991a605d48a5ea0fea5d236b108193ffbe805921956b2bd4ed321d799e61b724b2aa50e3bf6776af9f1c2294d9a8b6c6e9cd7045695

                                        Download Submit

                                      • /var/db/spindump/UUIDToBinaryLocations
                                        Filesize

                                        82KB

                                        MD5

                                        5d8e1edfadc8bcbd4932107e8394611c

                                        SHA1

                                        97648b6094a222c03ecbd690972c7668b4fd8eda

                                        SHA256

                                        27ea4d508b681a0d2b56b69b90d65f7fc1ff930e1359aed3524c8ecf02072dae

                                        SHA512

                                        5fa453ba3f4fdee80ad238cb84960f709519eef7128344facba7038804ce921780544ab094575d4dfe7853bc64f6ca83b250d309b9e3a5bb1e0e4938c86d7b72

                                        Download Submit