Overview

overview

10

Static

static

10

01037ffe96...kes118

macos-10.15-amd64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    01037ffe96982d453294eb8d27754b9b_JaffaCakes118

  • Size

    168KB

  • Sample

    240426-r8jeaadh69

  • MD5

    01037ffe96982d453294eb8d27754b9b

  • SHA1

    e78108f6c40b05d3e6fc62e098faf5508381cfa6

  • SHA256

    34d09ed736082bbd607843032b88c36bcb747167ca3c40a8a24de6e08475da63

  • SHA512

    d4307371f85e3f4fdf91f2ff3f80beb710ea048a8d914ddfe17f3edda921b8a122ec48370188b1b8a004574243e376e4731c572f36e162e681f1ac38001507f1

  • SSDEEP

    3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9+B0:5SeOQdaZNxtk8cqhSxvHY9+

Score
10/10
evilquestexecutionmacospersistence

Malware Config

Targets

    • Target

      01037ffe96982d453294eb8d27754b9b_JaffaCakes118

    • Size

      168KB

    • MD5

      01037ffe96982d453294eb8d27754b9b

    • SHA1

      e78108f6c40b05d3e6fc62e098faf5508381cfa6

    • SHA256

      34d09ed736082bbd607843032b88c36bcb747167ca3c40a8a24de6e08475da63

    • SHA512

      d4307371f85e3f4fdf91f2ff3f80beb710ea048a8d914ddfe17f3edda921b8a122ec48370188b1b8a004574243e376e4731c572f36e162e681f1ac38001507f1

    • SSDEEP

      3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9+B0:5SeOQdaZNxtk8cqhSxvHY9+

    Score
    5/10
    executionpersistence

    • Launch Agent

      Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.

      persistence
    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

1
T1059

AppleScript

1
T1059.002

System Services

1
T1569

Launchctl

1
T1569.001

Persistence

Create or Modify System Process

1
T1543

Launch Agent

1
T1543.001

Privilege Escalation

Create or Modify System Process

1
T1543

Launch Agent

1
T1543.001

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks