Overview

overview

10

Static

static

10

0170498d31...kes118

macos-10.15-amd64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0170498d31b64b36b4775d74c46f8c5d_JaffaCakes118

  • Size

    168KB

  • Sample

    240426-xljz7aaa39

  • MD5

    0170498d31b64b36b4775d74c46f8c5d

  • SHA1

    ee92e85722a763ade957bd638b9935220d55eb2d

  • SHA256

    328834cc827571866ba7779d69b1821685d079bfce0955a43575994979cea243

  • SHA512

    e2b5a2aa22ab832c7297e65bed1b03daef1bf1b4a12404bf710448a43d7ffb2de3126dc360b6841cfb70b1d23d3062be6043eef1930f0dcc82ceb4e2e113eb9d

  • SSDEEP

    3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9L0:5SeOQdaZNxtk8cqhSxvHY9

Score
10/10
evilquestexecutionmacospersistence

Malware Config

Targets

    • Target

      0170498d31b64b36b4775d74c46f8c5d_JaffaCakes118

    • Size

      168KB

    • MD5

      0170498d31b64b36b4775d74c46f8c5d

    • SHA1

      ee92e85722a763ade957bd638b9935220d55eb2d

    • SHA256

      328834cc827571866ba7779d69b1821685d079bfce0955a43575994979cea243

    • SHA512

      e2b5a2aa22ab832c7297e65bed1b03daef1bf1b4a12404bf710448a43d7ffb2de3126dc360b6841cfb70b1d23d3062be6043eef1930f0dcc82ceb4e2e113eb9d

    • SSDEEP

      3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9L0:5SeOQdaZNxtk8cqhSxvHY9

    Score
    5/10
    executionpersistence

    • Launch Agent

      Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.

      persistence
    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

1
T1059

AppleScript

1
T1059.002

System Services

1
T1569

Launchctl

1
T1569.001

Persistence

Create or Modify System Process

1
T1543

Launch Agent

1
T1543.001

Privilege Escalation

Create or Modify System Process

1
T1543

Launch Agent

1
T1543.001

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks