Overview

overview

4

Static

static

1

Yaagl HSR..../Yaagl

macos-10.15-amd64

1

Yaagl HSR....erized

ubuntu-18.04-amd64

3

Yaagl HSR....erized

debian-9-armhf

3

Yaagl HSR....erized

debian-9-mips

3

Yaagl HSR....erized

debian-9-mipsel

3

Yaagl HSR....ces.js

windows10-2004-x64

3

Yaagl HSR....ces.js

windows11-21h2-x64

3

Yaagl HSR....7z/7zz

macos-10.15-amd64

4

Yaagl HSR....aria2c

macos-10.15-amd64

4

Yaagl HSR....patchz

macos-10.15-amd64

4

Yaagl HSR....delta3

macos-10.15-amd64

4

Analysis

  • max time kernel
    71s
  • max time network
    103s
  • platform
    macos-10.15_amd64
  • resource
    macos-20250410-en
  • resource tags

    arch:amd64arch:i386image:macos-20250410-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    08/05/2025, 08:02

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Yaagl HSR.app/Contents/Resources/sidecar/7z/7zz

  • Size

    5.0MB

  • MD5

    a9c17a27dea8ae6d13e452c3f8d27aeb

  • SHA1

    027d4c0fb3802cb99a056067649b9aa923f21bb3

  • SHA256

    10bba361f87be5882e362df8f283646fb5fff1a7f63246149a5809be286897f5

  • SHA512

    20b49005e2cdeb0e01a61934e4dbf8d23255597ae3f4c9b0daa0c8dd6a456affed8b3e5e6ff695a8d3011af7f3b42e65af4231a97821f452fd63d29f8a72fffd

  • SSDEEP

    98304:gtfGlTtbFK3FEiKI3q+Ez0TKGvGLRWa1gSYL/xz+trKIcVwmlpT23jrb2YJgsG:gtfco2z0TKUUHws

Score
4/10
defense_evasion

Malware Config

Signatures

  • Resource Forking 1 TTPs 4 IoCs

    Adversaries may abuse resource forks to hide malicious code or executables to evade detection and bypass security applications. A resource fork provides applications a structured way to store resources such as thumbnail images, menu definitions, icons, dialog boxes, and code.

    defense_evasion

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/Yaagl HSR.app/Contents/Resources/sidecar/7z/7zz\""
    1⤵
      PID:475
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/Yaagl HSR.app/Contents/Resources/sidecar/7z/7zz\""
      1⤵
        PID:475
      • /usr/bin/sudo
        sudo /bin/zsh -c "/Users/run/Yaagl HSR.app/Contents/Resources/sidecar/7z/7zz"
        1⤵
          PID:475
          • /bin/zsh
            /bin/zsh -c "/Users/run/Yaagl HSR.app/Contents/Resources/sidecar/7z/7zz"
            2⤵
              PID:476
            • /Users/run/Yaagl
              /Users/run/Yaagl HSR.app/Contents/Resources/sidecar/7z/7zz
              2⤵
                PID:476

            Network

                  MITRE ATT&CK Enterprise v16

                  Replay Monitor

                  Loading Replay Monitor...

                  Downloads

                  OSZAR »