Overview

overview

10

Static

static

10

02f1e48610...kes118

macos-10.15-amd64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    02f1e486102a748834029c76a4c311c8_JaffaCakes118

  • Size

    168KB

  • Sample

    240427-lhdhfsgd3s

  • MD5

    02f1e486102a748834029c76a4c311c8

  • SHA1

    b4e56fd319885bae6a9e066cad69f6588e0b16bd

  • SHA256

    4d08bf69996200e5179da77df49075e3cb7590ad5fbc6c15d8f47e08e2b8d9b8

  • SHA512

    494fa1a0a55e890566729a883a7d3857223eacca977f624900667c7c632b84ecfb4061aac52ee751932047f29fcd80cfb333fbc9909f999348a20f12f24d9727

  • SSDEEP

    3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq93Z0:5SeOQdaZNxtk8cqhSxvHY9

Score
10/10
evilquestexecutionmacospersistence

Malware Config

Targets

    • Target

      02f1e486102a748834029c76a4c311c8_JaffaCakes118

    • Size

      168KB

    • MD5

      02f1e486102a748834029c76a4c311c8

    • SHA1

      b4e56fd319885bae6a9e066cad69f6588e0b16bd

    • SHA256

      4d08bf69996200e5179da77df49075e3cb7590ad5fbc6c15d8f47e08e2b8d9b8

    • SHA512

      494fa1a0a55e890566729a883a7d3857223eacca977f624900667c7c632b84ecfb4061aac52ee751932047f29fcd80cfb333fbc9909f999348a20f12f24d9727

    • SSDEEP

      3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq93Z0:5SeOQdaZNxtk8cqhSxvHY9

    Score
    5/10
    executionpersistence

    • Launch Agent

      Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.

      persistence
    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

1
T1059

AppleScript

1
T1059.002

System Services

1
T1569

Launchctl

1
T1569.001

Persistence

Create or Modify System Process

1
T1543

Launch Agent

1
T1543.001

Privilege Escalation

Create or Modify System Process

1
T1543

Launch Agent

1
T1543.001

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks