Overview

overview

10

Static

static

10

089c3701f9...kes118

macos-10.15-amd64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    089c3701f9aa97c25a2c6accc64b3107_JaffaCakes118

  • Size

    168KB

  • Sample

    240430-awvhcafd5x

  • MD5

    089c3701f9aa97c25a2c6accc64b3107

  • SHA1

    1dd641b2e527163a1bfe116522d5baf59523d80d

  • SHA256

    4bfc272a5d4c11e6b3226dd65160f43ee1f30ede12fa483ae8d530c43ac71286

  • SHA512

    75c842ec6a27a8d785f610ffb84399db4f5dc75f53c7d1e50a3ecc2e7ac90b5b43f659f3993da4d4ee8d78be2eaf77e44034992d9c1fa7d11f66e50e857fe98c

  • SSDEEP

    3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq94b0:5SeOQdaZNxtk8cqhSxvHY9

Score
10/10
evilquestexecutionmacospersistence

Malware Config

Targets

    • Target

      089c3701f9aa97c25a2c6accc64b3107_JaffaCakes118

    • Size

      168KB

    • MD5

      089c3701f9aa97c25a2c6accc64b3107

    • SHA1

      1dd641b2e527163a1bfe116522d5baf59523d80d

    • SHA256

      4bfc272a5d4c11e6b3226dd65160f43ee1f30ede12fa483ae8d530c43ac71286

    • SHA512

      75c842ec6a27a8d785f610ffb84399db4f5dc75f53c7d1e50a3ecc2e7ac90b5b43f659f3993da4d4ee8d78be2eaf77e44034992d9c1fa7d11f66e50e857fe98c

    • SSDEEP

      3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq94b0:5SeOQdaZNxtk8cqhSxvHY9

    Score
    5/10
    executionpersistence

    • Launch Agent

      Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.

      persistence

    • Launch Daemon

      Adversaries may create or modify Launch Daemons to execute malicious payloads as part of persistence. Launch Daemons are plist files used to interact with Launchd, the service management framework used by macOS.

      persistence
    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

1
T1059

AppleScript

1
T1059.002

System Services

1
T1569

Launchctl

1
T1569.001

Persistence

Create or Modify System Process

2
T1543

Launch Agent

1
T1543.001

Launch Daemon

1
T1543.004

Privilege Escalation

Create or Modify System Process

2
T1543

Launch Agent

1
T1543.001

Launch Daemon

1
T1543.004

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks