Overview

overview

10

Static

static

10

007f2b13b3...kes118

macos-10.15-amd64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    007f2b13b3b1cee9d8cf8aef94bff47f_JaffaCakes118

  • Size

    168KB

  • Sample

    240426-lp9jgadg3s

  • MD5

    007f2b13b3b1cee9d8cf8aef94bff47f

  • SHA1

    e10cb2974172b1b805ad1ede9ec0a763c8f7fc71

  • SHA256

    4786f97fe5bb45ab97be9989c6f5ecec4728c4088805d96ead8e9fc103176730

  • SHA512

    23f7ab2231346762e84e6cec01fd88bb1c573101356b05ff6eb5af945f63d0f72e0fea3f87bf14fccdf04098f4c8110a5dfd45848fe8f854b40c00d01c0625a2

  • SSDEEP

    3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9Q0:5SeOQdaZNxtk8cqhSxvHY9

Score
10/10
evilquestexecutionmacospersistence

Malware Config

Targets

    • Target

      007f2b13b3b1cee9d8cf8aef94bff47f_JaffaCakes118

    • Size

      168KB

    • MD5

      007f2b13b3b1cee9d8cf8aef94bff47f

    • SHA1

      e10cb2974172b1b805ad1ede9ec0a763c8f7fc71

    • SHA256

      4786f97fe5bb45ab97be9989c6f5ecec4728c4088805d96ead8e9fc103176730

    • SHA512

      23f7ab2231346762e84e6cec01fd88bb1c573101356b05ff6eb5af945f63d0f72e0fea3f87bf14fccdf04098f4c8110a5dfd45848fe8f854b40c00d01c0625a2

    • SSDEEP

      3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9Q0:5SeOQdaZNxtk8cqhSxvHY9

    Score
    5/10
    executionpersistence

    • Launch Agent

      Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.

      persistence
    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

1
T1059

AppleScript

1
T1059.002

System Services

1
T1569

Launchctl

1
T1569.001

Persistence

Create or Modify System Process

1
T1543

Launch Agent

1
T1543.001

Privilege Escalation

Create or Modify System Process

1
T1543

Launch Agent

1
T1543.001

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks