Overview

overview

10

Static

static

10

0618127484...kes118

macos-10.15-amd64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0618127484cf7ec021613d572eed5e3b_JaffaCakes118

  • Size

    168KB

  • Sample

    240428-z6938ahd82

  • MD5

    0618127484cf7ec021613d572eed5e3b

  • SHA1

    04855c774e83667bee54de105cfa9d653692afc0

  • SHA256

    2397d21e63637aeea74e50265fcaa1446038b15731224ba622a6c88c7a803ab5

  • SHA512

    098b800306466698bb806ce408b5bc1fb7d713deae4df6e2182fa54330b8f0074c5a6255251d1f3b4ee4cfa8231965462f34d3885705c92c3cdca487afa3da34

  • SSDEEP

    3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9qi0:5SeOQdaZNxtk8cqhSxvHY9

Score
10/10
evilquestexecutionmacospersistence

Malware Config

Targets

    • Target

      0618127484cf7ec021613d572eed5e3b_JaffaCakes118

    • Size

      168KB

    • MD5

      0618127484cf7ec021613d572eed5e3b

    • SHA1

      04855c774e83667bee54de105cfa9d653692afc0

    • SHA256

      2397d21e63637aeea74e50265fcaa1446038b15731224ba622a6c88c7a803ab5

    • SHA512

      098b800306466698bb806ce408b5bc1fb7d713deae4df6e2182fa54330b8f0074c5a6255251d1f3b4ee4cfa8231965462f34d3885705c92c3cdca487afa3da34

    • SSDEEP

      3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9qi0:5SeOQdaZNxtk8cqhSxvHY9

    Score
    5/10
    executionpersistence

    • Launch Agent

      Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.

      persistence
    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

1
T1059

AppleScript

1
T1059.002

System Services

1
T1569

Launchctl

1
T1569.001

Persistence

Create or Modify System Process

1
T1543

Launch Agent

1
T1543.001

Privilege Escalation

Create or Modify System Process

1
T1543

Launch Agent

1
T1543.001

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks