Overview

overview

10

Static

static

10

2025-03-08...ekoobe

macos-10.15-amd64

1

Analysis

  • max time kernel
    150s
  • max time network
    108s
  • platform
    macos-10.15_amd64
  • resource
    macos-20241106-en
  • resource tags

    arch:amd64arch:i386image:macos-20241106-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    08/03/2025, 01:17 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2025-03-08_2cb9465d048f06d296869452df280d07_adload_lckmac_poet-rat_rekoobe

  • Size

    3.0MB

  • MD5

    2cb9465d048f06d296869452df280d07

  • SHA1

    d0931b1e412d38c061e0a0829d50d24e75bd79c2

  • SHA256

    31059bd23ea23f951173448224a234779f7d156af2a3e05ba1ed6ca5969d1449

  • SHA512

    3ab6a6679cd0f145cd4d671336b66f67ae854960c85452e298926b2f01934256639d3ae6edf21087aa74dfaac88720feaf198d1d9e66b5123156c72545638492

  • SSDEEP

    49152:ZguJx3jLj7BBmM5EW6djOp7b9rZpgcMiw04Zp:px3LEfjA9NHwZZp

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/2025-03-08_2cb9465d048f06d296869452df280d07_adload_lckmac_poet-rat_rekoobe\""
    1⤵
      PID:462
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/2025-03-08_2cb9465d048f06d296869452df280d07_adload_lckmac_poet-rat_rekoobe\""
      1⤵
        PID:462
      • /usr/bin/sudo
        sudo /bin/zsh -c /Users/run/2025-03-08_2cb9465d048f06d296869452df280d07_adload_lckmac_poet-rat_rekoobe
        1⤵
          PID:462
          • /bin/zsh
            /bin/zsh -c /Users/run/2025-03-08_2cb9465d048f06d296869452df280d07_adload_lckmac_poet-rat_rekoobe
            2⤵
              PID:464
            • /Users/run/2025-03-08_2cb9465d048f06d296869452df280d07_adload_lckmac_poet-rat_rekoobe
              /Users/run/2025-03-08_2cb9465d048f06d296869452df280d07_adload_lckmac_poet-rat_rekoobe
              2⤵
                PID:464
            • /usr/libexec/xpcproxy
              xpcproxy com.apple.quicklook.satellite.EEE57363-0BAC-4D63-ADD0-000CF2D2EBED 468
              1⤵
                PID:470
              • /System/Library/Frameworks/QuickLook.framework/Versions/A/XPCServices/QuickLookSatellite.xpc/Contents/MacOS/QuickLookSatellite
                /System/Library/Frameworks/QuickLook.framework/Versions/A/XPCServices/QuickLookSatellite.xpc/Contents/MacOS/QuickLookSatellite
                1⤵
                  PID:470
                • /usr/libexec/xpcproxy
                  xpcproxy com.apple.colorsync.useragent
                  1⤵
                    PID:509
                  • /System/Library/Frameworks/ColorSync.framework/Support/colorsync.useragent
                    /System/Library/Frameworks/ColorSync.framework/Support/colorsync.useragent
                    1⤵
                      PID:509

                    Network

                    MITRE ATT&CK Matrix

                    Replay Monitor

                    Loading Replay Monitor...

                    Downloads

                    • /Users/run/Desktop/encrypted_master_key.txt
                      Filesize

                      692B

                      MD5

                      dd30c15e3645f50ef0a3ad7ad41d6c11

                      SHA1

                      6218fbab539ae485c61e40778abcc45bea9f87f1

                      SHA256

                      38f25acb19dc4e4697bf978efe93ee20f2c4eaac7ba15f82b8409a0de07b5a80

                      SHA512

                      392747341db1c2fae37ad9e719c46f81d85f00bfe2fd28fb99e6f2cee096d6e32273694e5f150d1ec332988c41d8565209f469c2a81f167cb9e9646c2fed35d8

                      Download Submit

                    We care about your privacy.

                    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.