e9e2eb114941f9f9157b4fb139e5588665fb89b709df82d4a8346ae66ccf03e1 | Triage

Submit
Reports

Overview

overview

4

Static

static

3

setup.exe

macos-10.15-amd64

4

$PLUGINSDI...er.dll

macos-10.15-amd64

1

$PLUGINSDI...LL.dll

macos-10.15-amd64

4

$PLUGINSDI...LL.dll

macos-10.15-amd64

4

$PLUGINSDI...LS.dll

macos-10.15-amd64

1

$PLUGINSDI...64.exe

macos-10.15-amd64

$PLUGINSDI...64.exe

macos-10.15-amd64

1

$PLUGINSDI...64.sys

macos-10.15-amd64

4

$PLUGINSDI...64.exe

macos-10.15-amd64

4

$PLUGINSDI...64.exe

macos-10.15-amd64

4

$PLUGINSDI...2k.sys

macos-10.15-amd64

1

$PLUGINSDI...xp.sys

macos-10.15-amd64

1

$PLUGINSDI...2k.sys

macos-10.15-amd64

1

$PLUGINSDI...px.dll

macos-10.15-amd64

4

$PLUGINSDI...fs.dll

macos-10.15-amd64

4

$PLUGINSDI...rv.dll

macos-10.15-amd64

4

$PLUGINSDI...20.sys

macos-10.15-amd64

1

$PLUGINSDI...er.sys

macos-10.15-amd64

1

$PLUGINSDI...st.exe

macos-10.15-amd64

1

$PLUGINSDI...as.dll

macos-10.15-amd64

4

$PLUGINSDI...up.exe

macos-10.15-amd64

1

$PLUGINSDI...fs.dll

macos-10.15-amd64

4

$PLUGINSDI...ve.dll

macos-10.15-amd64

1

Plugins/Re...is.dll

macos-10.15-amd64

4

Plugins/dsp_sps.dll

macos-10.15-amd64

1

Plugins/en...ac.dll

macos-10.15-amd64

4

Plugins/enc_flac.dll

macos-10.15-amd64

1

Plugins/enc_lame.dll

macos-10.15-amd64

1

Plugins/en...is.dll

macos-10.15-amd64

Plugins/enc_wav.dll

macos-10.15-amd64

1

Plugins/enc_wma.dll

macos-10.15-amd64

4

Plugins/fr...pe.dll

macos-10.15-amd64

4

Analysis

max time kernel
77s
max time network
125s
platform
macos-10.15_amd64
resource
macos-20240611-en
resource tags

arch:amd64arch:i386image:macos-20240611-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
submitted
04-07-2024 14:03

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

setup.exe

Resource

macos-20240611-en

macos-10.15-amd64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

$PLUGINSDIR/Dialer.dll

Resource

macos-20240611-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

$PLUGINSDIR/KillProcDLL.dll

Resource

macos-20240611-en

macos-10.15-amd64

1 signatures

150 seconds

Behavioral task

behavioral4

Sample

$PLUGINSDIR/LangDLL.dll

Resource

macos-20240611-en

macos-10.15-amd64

1 signatures

150 seconds

Behavioral task

behavioral5

Sample

$PLUGINSDIR/PrimoRedist/PXSDKPLS.dll

Resource

macos-20240611-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

$PLUGINSDIR/PrimoRedist/PxCpyA64.exe

Resource

macos-20240611-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

$PLUGINSDIR/PrimoRedist/PxCpyI64.exe

Resource

macos-20240611-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

$PLUGINSDIR/PrimoRedist/PxHlpa64.sys

Resource

macos-20240611-en

macos-10.15-amd64

1 signatures

150 seconds

Behavioral task

behavioral9

Sample

$PLUGINSDIR/PrimoRedist/PxInsA64.exe

Resource

macos-20240611-en

macos-10.15-amd64

1 signatures

150 seconds

Behavioral task

behavioral10

Sample

$PLUGINSDIR/PrimoRedist/PxInsI64.exe

Resource

macos-20240611-en

macos-10.15-amd64

1 signatures

150 seconds

Behavioral task

behavioral11

Sample

$PLUGINSDIR/PrimoRedist/cdr4_2k.sys

Resource

macos-20240611-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

$PLUGINSDIR/PrimoRedist/cdr4_xp.sys

Resource

macos-20240611-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

$PLUGINSDIR/PrimoRedist/cdralw2k.sys

Resource

macos-20240611-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

$PLUGINSDIR/PrimoRedist/px.dll

Resource

macos-20240611-en

macos-10.15-amd64

1 signatures

150 seconds

Behavioral task

behavioral15

Sample

$PLUGINSDIR/PrimoRedist/pxafs.dll

Resource

macos-20240611-en

macos-10.15-amd64

1 signatures

150 seconds

Behavioral task

behavioral16

Sample

$PLUGINSDIR/PrimoRedist/pxdrv.dll

Resource

macos-20240611-en

macos-10.15-amd64

1 signatures

150 seconds

Behavioral task

behavioral17

Sample

$PLUGINSDIR/PrimoRedist/pxhelp20.sys

Resource

macos-20240611-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

$PLUGINSDIR/PrimoRedist/pxhelper.sys

Resource

macos-20240611-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

$PLUGINSDIR/PrimoRedist/pxhpinst.exe

Resource

macos-20240611-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

$PLUGINSDIR/PrimoRedist/pxmas.dll

Resource

macos-20240611-en

macos-10.15-amd64

1 signatures

150 seconds

Behavioral task

behavioral21

Sample

$PLUGINSDIR/PrimoRedist/pxsetup.exe

Resource

macos-20240611-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

$PLUGINSDIR/PrimoRedist/pxsfs.dll

Resource

macos-20240611-en

macos-10.15-amd64

1 signatures

150 seconds

Behavioral task

behavioral23

Sample

$PLUGINSDIR/PrimoRedist/pxwave.dll

Resource

macos-20240611-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

Plugins/ReplayGainAnalysis.dll

Resource

macos-20240611-en

macos-10.15-amd64

1 signatures

150 seconds

Behavioral task

behavioral25

Sample

Plugins/dsp_sps.dll

Resource

macos-20240611-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

Plugins/enc_fhgaac.dll

Resource

macos-20240611-en

macos-10.15-amd64

1 signatures

150 seconds

Behavioral task

behavioral27

Sample

Plugins/enc_flac.dll

Resource

macos-20240611-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

Plugins/enc_lame.dll

Resource

macos-20240611-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

Plugins/enc_vorbis.dll

Resource

macos-20240611-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

Plugins/enc_wav.dll

Resource

macos-20240611-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

Plugins/enc_wma.dll

Resource

macos-20240611-en

macos-10.15-amd64

1 signatures

150 seconds

Behavioral task

behavioral32

Sample

Plugins/freeform/wacs/freetype/freetype.dll

Resource

macos-20240611-en

macos-10.15-amd64

1 signatures

150 seconds

Report Analysis Logs

General

Target

$PLUGINSDIR/PrimoRedist/pxhelp20.sys
Size

44KB
MD5

e42e3433dbb4cffe8fdd91eab29aea8e
SHA1

6f764c5e20eecd6f3d4154d9d89d2420dd783470
SHA256

20abd8372b242fd356ac143e7eb56f93cfea4988ed1b0c4434cb64c387d7f66c
SHA512

260a2104aef64fd5a276e289e1cbe37502583e94039af41a3803f1c464d78c72def4e911f14312b94c63b28b1f6792a7bd10f23db837daf5a1a9ffd478c40810
SSDEEP

768:UD8M77TDwgA0BdpVVIC8X4tzQq2edfEVxAyDiypP+TsZ0I8V8/L+HbmpmF:Ux73E0/iQz12asV5VUsWI8o0mIF

Score

1^/10

Malware Config

Signatures

Processes

/bin/sh
sh -c "sudo /bin/zsh -c \"/Users/run/\$PLUGINSDIR/PrimoRedist/pxhelp20.sys\""
1⤵
PID:535

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/\$PLUGINSDIR/PrimoRedist/pxhelp20.sys\""
1⤵
PID:535

/usr/bin/sudo
sudo /bin/zsh -c /Users/run//PrimoRedist/pxhelp20.sys
1⤵
PID:535

/bin/zsh
/bin/zsh -c /Users/run//PrimoRedist/pxhelp20.sys
2⤵
PID:536

/Users/run//PrimoRedist/pxhelp20.sys
/Users/run//PrimoRedist/pxhelp20.sys
2⤵
PID:536

/usr/bin/pluginkit
/usr/bin/pluginkit -e ignore -i com.microsoft.OneDrive.FinderSync
1⤵
PID:605

/usr/sbin/spctl
/usr/sbin/spctl --assess --type execute /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/OneDriveUpdaterBCBF2C69/OneDrive.app
1⤵
PID:606

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy