Overview

overview

10

Static

static

10

0036f2327c...kes118

macos-10.15-amd64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0036f2327c98163dc7972788a23eca6d_JaffaCakes118

  • Size

    168KB

  • Sample

    240426-hjm7habb27

  • MD5

    0036f2327c98163dc7972788a23eca6d

  • SHA1

    a31e81761a11fae8dab1918c151118a6c7c3ebc9

  • SHA256

    37e46f36cecec3414d419fe6c51cd31d28d50f2b28babd05f1300db262fd2889

  • SHA512

    66159879b34e44f54feb003f2034501c22aea289ecc576b26524ddf1aceaa8c888a250135d7ce7aa73db9d553f40a2e62452f57e343f7f92ad3085f6ce12d1ec

  • SSDEEP

    3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9VR2N0:5SeOQdaZNxtk8cqhSxvHY92

Score
10/10
evilquestexecutionmacospersistence

Malware Config

Targets

    • Target

      0036f2327c98163dc7972788a23eca6d_JaffaCakes118

    • Size

      168KB

    • MD5

      0036f2327c98163dc7972788a23eca6d

    • SHA1

      a31e81761a11fae8dab1918c151118a6c7c3ebc9

    • SHA256

      37e46f36cecec3414d419fe6c51cd31d28d50f2b28babd05f1300db262fd2889

    • SHA512

      66159879b34e44f54feb003f2034501c22aea289ecc576b26524ddf1aceaa8c888a250135d7ce7aa73db9d553f40a2e62452f57e343f7f92ad3085f6ce12d1ec

    • SSDEEP

      3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9VR2N0:5SeOQdaZNxtk8cqhSxvHY92

    Score
    5/10
    executionpersistence

    • Launch Agent

      Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.

      persistence
    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

1
T1059

AppleScript

1
T1059.002

System Services

1
T1569

Launchctl

1
T1569.001

Persistence

Create or Modify System Process

1
T1543

Launch Agent

1
T1543.001

Privilege Escalation

Create or Modify System Process

1
T1543

Launch Agent

1
T1543.001

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks