Overview

overview

10

Static

static

10

02c0320702...kes118

macos-10.15-amd64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    02c0320702f67d3fcd4cf75dc0e56d2f_JaffaCakes118

  • Size

    337KB

  • Sample

    240427-jla6dseb49

  • MD5

    02c0320702f67d3fcd4cf75dc0e56d2f

  • SHA1

    6b6735f0f6d08666d55e47ae1b08e5afb1b34c30

  • SHA256

    334db6529592bb3c8a26fd62bbdc00b94c60a96ef6f5f3361e1cb932a37dbdba

  • SHA512

    163beec7bb1ec9ff5e42e81c6265984f144af3d3e0ff4bf67fb1e1d56f5f87c5f7b5f50611bce776855b65e23eea183c784680998ed140e3521bbfe4f675b9d5

  • SSDEEP

    6144:5SeOQdaZNxtk8cqhSxvHY9xSeOQdaZNxtk8cqhSxvHY9:5LOQdaDxq8cqavHY/LOQdaDxq8cqavHY

Score
10/10
evilquestexecutionmacospersistence

Malware Config

Targets

    • Target

      02c0320702f67d3fcd4cf75dc0e56d2f_JaffaCakes118

    • Size

      337KB

    • MD5

      02c0320702f67d3fcd4cf75dc0e56d2f

    • SHA1

      6b6735f0f6d08666d55e47ae1b08e5afb1b34c30

    • SHA256

      334db6529592bb3c8a26fd62bbdc00b94c60a96ef6f5f3361e1cb932a37dbdba

    • SHA512

      163beec7bb1ec9ff5e42e81c6265984f144af3d3e0ff4bf67fb1e1d56f5f87c5f7b5f50611bce776855b65e23eea183c784680998ed140e3521bbfe4f675b9d5

    • SSDEEP

      6144:5SeOQdaZNxtk8cqhSxvHY9xSeOQdaZNxtk8cqhSxvHY9:5LOQdaDxq8cqavHY/LOQdaDxq8cqavHY

    Score
    5/10
    executionpersistence

    • Launch Agent

      Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.

      persistence
    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

1
T1059

AppleScript

1
T1059.002

System Services

1
T1569

Launchctl

1
T1569.001

Persistence

Create or Modify System Process

1
T1543

Launch Agent

1
T1543.001

Privilege Escalation

Create or Modify System Process

1
T1543

Launch Agent

1
T1543.001

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks