Overview

overview

10

Static

static

10

018edfcb06...kes118

macos-10.15-amd64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    018edfcb069f8dfd338d3420314ed0e2_JaffaCakes118

  • Size

    168KB

  • Sample

    240426-ytkr5aca6y

  • MD5

    018edfcb069f8dfd338d3420314ed0e2

  • SHA1

    056a046db6e8894fbdeac71eb1966ed592c56f6e

  • SHA256

    4ceed05ea9c82dc710fdec1f3aa2a76427accf9a3c2d1edfd9ff5fb822b70342

  • SHA512

    b37ef22f9c97d2f5b98d8a4654a42939f7268b89ce08c533f59375edd44a86eb2a8724efd87940065708f96c59720c0eba1e601b718f32c537e67207b031540a

  • SSDEEP

    3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq960:5SeOQdaZNxtk8cqhSxvHY9

Score
10/10
evilquestexecutionmacospersistence

Malware Config

Targets

    • Target

      018edfcb069f8dfd338d3420314ed0e2_JaffaCakes118

    • Size

      168KB

    • MD5

      018edfcb069f8dfd338d3420314ed0e2

    • SHA1

      056a046db6e8894fbdeac71eb1966ed592c56f6e

    • SHA256

      4ceed05ea9c82dc710fdec1f3aa2a76427accf9a3c2d1edfd9ff5fb822b70342

    • SHA512

      b37ef22f9c97d2f5b98d8a4654a42939f7268b89ce08c533f59375edd44a86eb2a8724efd87940065708f96c59720c0eba1e601b718f32c537e67207b031540a

    • SSDEEP

      3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq960:5SeOQdaZNxtk8cqhSxvHY9

    Score
    5/10
    executionpersistence

    • Launch Agent

      Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.

      persistence
    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

1
T1059

AppleScript

1
T1059.002

System Services

1
T1569

Launchctl

1
T1569.001

Persistence

Create or Modify System Process

1
T1543

Launch Agent

1
T1543.001

Privilege Escalation

Create or Modify System Process

1
T1543

Launch Agent

1
T1543.001

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks