Overview

overview

10

Static

static

10

00142ebaac...kes118

macos-10.15-amd64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    00142ebaac470f73a4158b306a0dc786_JaffaCakes118

  • Size

    168KB

  • Sample

    240425-zytq9seh83

  • MD5

    00142ebaac470f73a4158b306a0dc786

  • SHA1

    dedab2c9fc19367083175d91995ac3c4b65d3027

  • SHA256

    0c94d80613801d155bce76c512eff3d1049742600f261a8d31b8c2ae731e8959

  • SHA512

    2e5a799e472a4103cdb5f319e27fa4aa9f0a683c6c40f1577fa42a5dd47657dddf3e53e4393ba938528698d006a51c05ab8f52ec00510864ae11ff4e9f9d6c3d

  • SSDEEP

    3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq960:5SeOQdaZNxtk8cqhSxvHY9

Score
10/10
evilquestexecutionmacospersistence

Malware Config

Targets

    • Target

      00142ebaac470f73a4158b306a0dc786_JaffaCakes118

    • Size

      168KB

    • MD5

      00142ebaac470f73a4158b306a0dc786

    • SHA1

      dedab2c9fc19367083175d91995ac3c4b65d3027

    • SHA256

      0c94d80613801d155bce76c512eff3d1049742600f261a8d31b8c2ae731e8959

    • SHA512

      2e5a799e472a4103cdb5f319e27fa4aa9f0a683c6c40f1577fa42a5dd47657dddf3e53e4393ba938528698d006a51c05ab8f52ec00510864ae11ff4e9f9d6c3d

    • SSDEEP

      3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq960:5SeOQdaZNxtk8cqhSxvHY9

    Score
    5/10
    executionpersistence

    • Launch Agent

      Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.

      persistence
    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

1
T1059

AppleScript

1
T1059.002

System Services

1
T1569

Launchctl

1
T1569.001

Persistence

Create or Modify System Process

1
T1543

Launch Agent

1
T1543.001

Privilege Escalation

Create or Modify System Process

1
T1543

Launch Agent

1
T1543.001

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks