f0031f9d7f25d4d29581879f62565a5a565995899adc60213f9e218147c78593

General

Target

MuMuInstaller_3.1.7.0_gw-overseas12_all_1712735105.exe
Size

5.3MB
MD5

fbd9ad001bb2719f574c0705c5de05fb
SHA1

d07e77a490ad677935ac8213b88237e94440e791
SHA256

f0031f9d7f25d4d29581879f62565a5a565995899adc60213f9e218147c78593
SHA512

5724e3f858ae7ea92ba4ce325f3f8f4b90ecc6d7c19476e2888c4b09f0913463191b977f71314300918cceb0a6ae0b80e29d3c70891e8aeb9314da233a929e96
SSDEEP

98304:oeZOuRuvqAgef1ndGaX6tJJQv2FKA75OpVclc02vDRZTEB:1ZOPNdo3u0jc02vVZoB

Score

1^/10

Malware Config

Signatures

/bin/sh
sh -c "sudo /bin/zsh -c \"/Users/run/MuMuInstaller_3.1.7.0_gw-overseas12_all_1712735105.exe\""
1⤵
PID:464

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/MuMuInstaller_3.1.7.0_gw-overseas12_all_1712735105.exe\""
1⤵
PID:464

/usr/bin/sudo
sudo /bin/zsh -c /Users/run/MuMuInstaller_3.1.7.0_gw-overseas12_all_1712735105.exe
1⤵
PID:464
- /bin/zsh
  /bin/zsh -c /Users/run/MuMuInstaller_3.1.7.0_gw-overseas12_all_1712735105.exe
  2⤵
  PID:466
- /Users/run/MuMuInstaller_3.1.7.0_gw-overseas12_all_1712735105.exe
  /Users/run/MuMuInstaller_3.1.7.0_gw-overseas12_all_1712735105.exe
  2⤵
  PID:466

/usr/libexec/xpcproxy
xpcproxy com.apple.Safari.2028
1⤵
PID:491

/Applications/Safari.app/Contents/MacOS/Safari
/Applications/Safari.app/Contents/MacOS/Safari
1⤵
PID:491

/usr/libexec/xpcproxy
xpcproxy com.apple.Safari.History
1⤵
PID:492

/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History
/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History
1⤵
PID:492

/usr/libexec/xpcproxy
xpcproxy com.apple.WebKit.WebContent.931F1E0B-1DA7-49BC-A548-C334E6CE985E 491
1⤵
PID:493

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
1⤵
PID:493

/usr/libexec/xpcproxy
xpcproxy com.apple.SafariLaunchAgent
1⤵
PID:498

/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent
/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent
1⤵
PID:498

/usr/libexec/xpcproxy
xpcproxy com.apple.WebKit.WebContent.829E0B48-AEE5-498B-A057-6F86E1A57E82 491
1⤵
PID:499

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
1⤵
PID:499

/usr/libexec/xpcproxy
xpcproxy com.apple.Safari.SearchHelper 491
1⤵
PID:503

/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.SearchHelper.xpc/Contents/MacOS/com.apple.Safari.SearchHelper
/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.SearchHelper.xpc/Contents/MacOS/com.apple.Safari.SearchHelper
1⤵
PID:503

/usr/libexec/xpcproxy
xpcproxy com.apple.Safari.SafeBrowsing.Service
1⤵
PID:504

/System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service
/System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service
1⤵
PID:504

/usr/libexec/xpcproxy
xpcproxy com.apple.WebKit.WebContent.30644D18-684E-4BAB-9AFB-E63ED9CCCF2E 491
1⤵
PID:505

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
1⤵
PID:505

/usr/libexec/xpcproxy
xpcproxy com.apple.WebKit.WebContent.E0511E7D-44AE-42BF-97E3-59CB994A2B29 491
1⤵
PID:507

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
1⤵
PID:507

/usr/libexec/xpcproxy
xpcproxy com.apple.PerformanceAnalysis.animationperfd
1⤵
PID:513

/System/Library/PrivateFrameworks/PerformanceAnalysis.framework/Versions/A/XPCServices/com.apple.PerformanceAnalysis.animationperfd.xpc/Contents/MacOS/com.apple.PerformanceAnalysis.animationperfd
/System/Library/PrivateFrameworks/PerformanceAnalysis.framework/Versions/A/XPCServices/com.apple.PerformanceAnalysis.animationperfd.xpc/Contents/MacOS/com.apple.PerformanceAnalysis.animationperfd
1⤵
PID:513

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/Users/run/Library/Safari/Favicon Cache/favicons/2529545429CE075A4E64DE7DAA3D4C27

Filesize
5KB

MD5
f3418a443e7d841097c714d69ec4bcb8

SHA1
49263695f6b0cdd72f45cf1b775e660fdc36c606

SHA256
6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770

SHA512
82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

Download Submit
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/malware,osx,url_expression

Filesize
255KB

MD5
94917b354fdd95a7a2f5298a06beacf2

SHA1
c852ea972e31a9d5d86e78fefd0ee4f5004eaab5

SHA256
4e30f9d6a986425429e280cd6d8cb0088c58816bffedba1087542f7292fff0d8

SHA512
2bc4c246907812b450a7d1c5987f236f1de6fe76a1b70ee8043bb44abe4220ce86bc9cca11fc9e97a8998f55f24c43f17e59f42e103f4f7d00d9e81629e77032

Download Submit
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/social_engineering,osx,url_expression

Filesize
17.5MB

MD5
d0edba726e87db76bb779c8f952bb258

SHA1
d2b6ec68cbf6e8e68c1f9084b2bc20f0f921c293

SHA256
dc0662564ab1967603406ff37b33dd5a33939329536f58843faddc2ef7aed0a7

SHA512
7322219e6029039a9eca4e1a983107aa0aa98b2bc290345c3bac9f4305935052c69dde031310ed4553c26b5847d4a6632c04a3901b4e0e507f3db1b482f049b8

Download Submit
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/unwanted_software,osx,url_expression

Filesize
106KB

MD5
9ec20b3e1d445335d8a6c3ba4e6d5f9e

SHA1
6e573c2c11d6c7af35785d6b639dc5c22fe19830

SHA256
d9fa2a926c02c3e91e244da46c81f20d238dba1fad7b47ab2afad5ea2b27578b

SHA512
b9c5379c43e214c2d497cad57a9ad0d5316988cafca681db065159b43b51a7b5a743bf7c7164f9d2e95e780faafb3bd7954676f6c68bc646e8679565f7f161ec

Download Submit
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari//mds/mdsDirectory.db

Filesize
47KB

MD5
0e4a0d1ceb2af6f0f8d0167ce77be2d3

SHA1
414ba4c1dc5fc8bf53d550e296fd6f5ad669918c

SHA256
cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030

SHA512
1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

Download Submit
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari//mds/mdsObject.db

Filesize
4KB

MD5
d3a1859e6ec593505cc882e6def48fc8

SHA1
f8e6728e3e9de477a75706faa95cead9ce13cb32

SHA256
3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c

SHA512
ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads