Resubmissions

16-06-2024 09:27

240616-le39psyaqa 3

16-06-2024 09:23

240616-lcyw7syajb 3

16-06-2024 09:18

240616-k9pt5axhjh 3

16-06-2024 09:08

240616-k397gs1frq 8

16-06-2024 09:08

240616-k3ytfs1frj 1

16-06-2024 09:07

240616-k3mq7axfkd 1

16-06-2024 09:06

240616-k27d7s1fpk 1

16-06-2024 08:56

240616-kvz2jsxdla 4

16-06-2024 08:53

240616-ktts5sxcrd 3

16-06-2024 08:53

240616-ktgtks1ejn 1

General

  • Target

    jfxrt.pack

  • Size

    4.8MB

  • Sample

    240616-k397gs1frq

  • MD5

    8dfebf0b78c6e3bf5aa5002ca9a6da1a

  • SHA1

    1edee53b9e0af5d767d0051c2beccc474035024f

  • SHA256

    0840d659560e62fcc41cd42dec9d7aedb8359f606097b540806452ca8ad05e21

  • SHA512

    f9bf6e9558b52969ec152fbfebc239c1bcb7e4343b3dc58da5e7cac015d1fe75f255bd9ceb3fdeb86b2c05be62c62b552a25c94aba4091df3eaf163cf91da444

  • SSDEEP

    49152:uCTbVLrqgbejNIJqcdTok/EWCdomwkX/YmYybyROodO0rW:1nTB/EmmwkX/YL2yRdS

Malware Config

Targets

    • Target

      jfxrt.pack

    • Size

      4.8MB

    • MD5

      8dfebf0b78c6e3bf5aa5002ca9a6da1a

    • SHA1

      1edee53b9e0af5d767d0051c2beccc474035024f

    • SHA256

      0840d659560e62fcc41cd42dec9d7aedb8359f606097b540806452ca8ad05e21

    • SHA512

      f9bf6e9558b52969ec152fbfebc239c1bcb7e4343b3dc58da5e7cac015d1fe75f255bd9ceb3fdeb86b2c05be62c62b552a25c94aba4091df3eaf163cf91da444

    • SSDEEP

      49152:uCTbVLrqgbejNIJqcdTok/EWCdomwkX/YmYybyROodO0rW:1nTB/EmmwkX/YL2yRdS

    Score
    8/10
    • Path Permission

      Adversaries may modify directory permissions/attributes to evade access control lists (ACLs) and access protected files.

    • Gatekeeper Bypass

      Adversaries may modify file attributes and subvert Gatekeeper functionality to evade user prompts and execute untrusted programs. Gatekeeper is a set of technologies that act as layer of Apples security model to ensure only trusted applications are executed on a host.

    • File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity. Malware, tools, or other non-native files dropped or created on a system by an adversary (ex: Ingress Tool Transfer) may leave traces to indicate to what was done within a network and how. Removal of these files can occur.

MITRE ATT&CK Enterprise v15

Tasks