Overview

overview

10

Static

static

10

00731aa3fe...kes118

macos-10.15-amd64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    00731aa3fe294d6ae7a3d2c7a9e11430_JaffaCakes118

  • Size

    168KB

  • Sample

    240426-k7amesdd2z

  • MD5

    00731aa3fe294d6ae7a3d2c7a9e11430

  • SHA1

    0e1a53b652f950ba1881b5e9d0207296d1674312

  • SHA256

    c0c229a4f76e3d700d7d7438834378f1a2128452212ac9a8508576f255cc59be

  • SHA512

    a2be0a8d09aa6cd47737b6d2b7caffd9d5977bfeacc4205b3879525715407eb2e66c4b24b3840451fec633fa070c4df8c47161cc1386f55d72e4db269de4088c

  • SSDEEP

    3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9FZ0:5SeOQdaZNxtk8cqhSxvHY9

Score
10/10
evilquestexecutionmacospersistence

Malware Config

Targets

    • Target

      00731aa3fe294d6ae7a3d2c7a9e11430_JaffaCakes118

    • Size

      168KB

    • MD5

      00731aa3fe294d6ae7a3d2c7a9e11430

    • SHA1

      0e1a53b652f950ba1881b5e9d0207296d1674312

    • SHA256

      c0c229a4f76e3d700d7d7438834378f1a2128452212ac9a8508576f255cc59be

    • SHA512

      a2be0a8d09aa6cd47737b6d2b7caffd9d5977bfeacc4205b3879525715407eb2e66c4b24b3840451fec633fa070c4df8c47161cc1386f55d72e4db269de4088c

    • SSDEEP

      3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9FZ0:5SeOQdaZNxtk8cqhSxvHY9

    Score
    5/10
    executionpersistence

    • Launch Agent

      Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.

      persistence
    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

1
T1059

AppleScript

1
T1059.002

System Services

1
T1569

Launchctl

1
T1569.001

Persistence

Create or Modify System Process

1
T1543

Launch Agent

1
T1543.001

Privilege Escalation

Create or Modify System Process

1
T1543

Launch Agent

1
T1543.001

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks