Overview

overview

10

Static

static

10

sample.macho

macos-10.15-amd64

7

Analysis

  • max time kernel
    1s
  • max time network
    149s
  • platform
    macos-10.15_amd64
  • resource
    macos-20241106-en
  • resource tags

    arch:amd64arch:i386image:macos-20241106-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    12-02-2025 06:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    sample.macho

  • Size

    14.0MB

  • MD5

    d3985e1abb572390a2ed92fc6597a8b2

  • SHA1

    7e3540e89a98ea8478d5b592a72128243f923e92

  • SHA256

    f67722ca1162917313772c74d4ca27855757b36f75945501a421f18d5a7ff0eb

  • SHA512

    d6a09799616320f48f50d1747b5a75c646029a4a1eeb984654a3e83ec5be685a3a33b397e0315f33749a56ca68b133f5da72ff42386a0de4ef70939e232de460

  • SSDEEP

    98304:8BjBNY45hUaBrTPY4N6xR0oVmcE7PGv6nuCC2k0Lwfs:8RkKTP2yoV+7ECC2f

Score
7/10

Malware Config

Signatures

  • Unexpected DNS network traffic destination 2 IoCs

    Network traffic to other servers than the configured DNS servers was detected on the DNS port.

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/sample.macho\""
    1⤵
      PID:476
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/sample.macho\""
      1⤵
        PID:476
      • /usr/bin/sudo
        sudo /bin/zsh -c /Users/run/sample.macho
        1⤵
          PID:476
          • /bin/zsh
            /bin/zsh -c /Users/run/sample.macho
            2⤵
              PID:478
            • /Users/run/sample.macho
              /Users/run/sample.macho
              2⤵
                PID:478

            Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads