f67722ca1162917313772c74d4ca27855757b36f75945501a421f18d5a7ff0eb | Triage

Analysis

max time kernel
27s
max time network
149s
platform
macos-10.15_amd64
resource
macos-20241101-en
resource tags

arch:amd64arch:i386image:macos-20241101-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
submitted
12/02/2025, 06:03 UTC

Sharing

Report Analysis Logs

General

Target

sample.macho
Size

14.0MB
MD5

d3985e1abb572390a2ed92fc6597a8b2
SHA1

7e3540e89a98ea8478d5b592a72128243f923e92
SHA256

f67722ca1162917313772c74d4ca27855757b36f75945501a421f18d5a7ff0eb
SHA512

d6a09799616320f48f50d1747b5a75c646029a4a1eeb984654a3e83ec5be685a3a33b397e0315f33749a56ca68b133f5da72ff42386a0de4ef70939e232de460
SSDEEP

98304:8BjBNY45hUaBrTPY4N6xR0oVmcE7PGv6nuCC2k0Lwfs:8RkKTP2yoV+7ECC2f

Score

7^/10

Malware Config

Signatures

Unexpected DNS network traffic destination 2 IoCs

Network traffic to other servers than the configured DNS servers was detected on the DNS port.

description	ioc
Destination IP	147.124.216.248
Destination IP	147.124.216.248

/bin/sh
sh -c "sudo /bin/zsh -c \"/Users/run/sample.macho\""
1⤵
PID:469

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/sample.macho\""
1⤵
PID:469

/usr/bin/sudo
sudo /bin/zsh -c /Users/run/sample.macho
1⤵
PID:469
- /bin/zsh
  /bin/zsh -c /Users/run/sample.macho
  2⤵
  PID:470
- /Users/run/sample.macho
  /Users/run/sample.macho
  2⤵
  PID:470

/usr/libexec/xpcproxy
xpcproxy com.apple.nsurlstoraged
1⤵
PID:474

/usr/libexec/nsurlstoraged
/usr/libexec/nsurlstoraged --privileged
1⤵
PID:474

Network

No results found

147.124.216.248:53

688 B
11
147.124.216.248:53

512 B
8

No results found

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/var/db/nsurlstoraged/dafsaData.bin

Filesize
54KB

MD5
64f469698e53d0c828b7f90acd306082

SHA1
bcc041b3849e1b0b4104ffeb46002207eeac54f3

SHA256
d74d0e429343f5e1b3e0b9437e048917c4343a30cff068739ea898bad8e37ffd

SHA512
a8334d1304f2fbd32cfd0ca35c289a45c450746cf3be57170cbbe87b723b1910c2e950a73c1fb82de9dc5ed623166d339a05fec3d78b861a9254dc2cb51fab5f

Download Submit