Overview

overview

10

Static

static

10

88ElUKogRKGiq.exe

windows7-x64

10

88ElUKogRKGiq.exe

windows10-2004-x64

10

88ElUKogRKGiq.exe

macos-10.15-amd64

1

Analysis

  • max time kernel
    45s
  • max time network
    122s
  • platform
    macos-10.15_amd64
  • resource
    macos-20241101-en
  • resource tags

    arch:amd64arch:i386image:macos-20241101-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    02-02-2025 14:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    88ElUKogRKGiq.exe

  • Size

    1.1MB

  • MD5

    98bc6986b35fa731860febb8f60de8fb

  • SHA1

    b985bdb9d2f2d6ac3085ca5f176f0a0d880bb31e

  • SHA256

    841ac24e73d5991bc0e7249257bda26329a9242829cf0e502e267725816fa2cb

  • SHA512

    92724f813370fffa7fe60ba35547e1282f2b1b521a45e6bac9bd42943c5a64519863b0c78fc9a0a38d71577b1e5e5d7a61754f6c921ec962c6b4b84e76db8e7c

  • SSDEEP

    24576:P2G/nvxW3WB0A5wH9WpcT5neONb8GM2IgYg:PbA3TA5kWIzM2P

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/88ElUKogRKGiq.exe\""
    1⤵
      PID:473
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/88ElUKogRKGiq.exe\""
      1⤵
        PID:473
      • /usr/bin/sudo
        sudo /bin/zsh -c /Users/run/88ElUKogRKGiq.exe
        1⤵
          PID:473
          • /bin/zsh
            /bin/zsh -c /Users/run/88ElUKogRKGiq.exe
            2⤵
              PID:474
            • /Users/run/88ElUKogRKGiq.exe
              /Users/run/88ElUKogRKGiq.exe
              2⤵
                PID:474
            • /usr/libexec/xpcproxy
              xpcproxy com.apple.sysmond
              1⤵
                PID:485
              • /usr/libexec/sysmond
                /usr/libexec/sysmond
                1⤵
                  PID:485
                • /usr/libexec/xpcproxy
                  xpcproxy com.apple.PerformanceAnalysis.animationperfd
                  1⤵
                    PID:508
                  • /System/Library/PrivateFrameworks/PerformanceAnalysis.framework/Versions/A/XPCServices/com.apple.PerformanceAnalysis.animationperfd.xpc/Contents/MacOS/com.apple.PerformanceAnalysis.animationperfd
                    /System/Library/PrivateFrameworks/PerformanceAnalysis.framework/Versions/A/XPCServices/com.apple.PerformanceAnalysis.animationperfd.xpc/Contents/MacOS/com.apple.PerformanceAnalysis.animationperfd
                    1⤵
                      PID:508

                    Network

                    MITRE ATT&CK Matrix

                    Replay Monitor

                    Loading Replay Monitor...

                    Downloads