Overview

overview

7

Static

static

1

090

macos-10.15-amd64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    090

  • Size

    5.8MB

  • Sample

    240403-he1a9sab9s

  • MD5

    a64e89866983fa9b60020bf38cfd3814

  • SHA1

    95f71894eec20f9727ff1311ad078de38ae4e774

  • SHA256

    27158886ab064880aa5d5196248f2ad4b20b38bbb1321f72bca17351165ea3e5

  • SHA512

    5c79c63263b06bb407f57b0fd662194296372f9f88338b854216fecbd5ff0040ecac9efb59918183a4afb412d7411dcc6f2b7a82165528a8d7beb53cde9cc891

  • SSDEEP

    49152:y54zOdrCXYrr7Nm2agKtILKGvArod8Dvlb9I0Q54zOdrCXYrr7Nm2agKtILKGvAT:

Score
7/10
discoveryevasionexecutionmacos

Malware Config

Targets

    • Target

      090

    • Size

      5.8MB

    • MD5

      a64e89866983fa9b60020bf38cfd3814

    • SHA1

      95f71894eec20f9727ff1311ad078de38ae4e774

    • SHA256

      27158886ab064880aa5d5196248f2ad4b20b38bbb1321f72bca17351165ea3e5

    • SHA512

      5c79c63263b06bb407f57b0fd662194296372f9f88338b854216fecbd5ff0040ecac9efb59918183a4afb412d7411dcc6f2b7a82165528a8d7beb53cde9cc891

    • SSDEEP

      49152:y54zOdrCXYrr7Nm2agKtILKGvArod8Dvlb9I0Q54zOdrCXYrr7Nm2agKtILKGvAT:

    Score
    7/10
    discoveryevasionexecution

    • File Permission

      Adversaries may modify file permissions/attributes to evade access control lists (ACLs) and access protected files.

      evasion

    • File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity. Malware, tools, or other non-native files dropped or created on a system by an adversary (ex: Ingress Tool Transfer) may leave traces to indicate to what was done within a network and how. Removal of these files can occur.

      evasion
    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

1
T1059

Unix Shell

1
T1059.004

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

1
T1222

Linux and Mac File and Directory Permissions Modification

1
T1222.002

Indicator Removal

1
T1070

File Deletion

1
T1070.004

Credential Access

Discovery

File and Directory Discovery

1
T1083

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks