General
-
Target
sample
-
Size
19KB
-
Sample
240620-vg12sssdjq
-
MD5
7030b1e40adabfa91ee52c81c65257cc
-
SHA1
1920af0169c52de492edb199db45430148c2eed4
-
SHA256
d87360c3a4286dab91df70eca55e4b4f6520069fc5f1595272fcdd3f37f5af3e
-
SHA512
68ef5523ec85925bcbb5ecac16a1eba9f17463014a11745fb8ef351486f2a7a9db4fced14b4989d1e9d07707c88470a394c6477af0ebf69771dd25a10b0cd5e4
-
SSDEEP
384:I/kFspY1ocy454lbGaNsvhpNe9su3K2fa2hOwV0b0QfcNxCqcR1:I/kR1ocy4iEa+JpNasd2hOwSb0GYxQR1
Malware Config
Targets
-
-
Target
sample
-
Size
19KB
-
MD5
7030b1e40adabfa91ee52c81c65257cc
-
SHA1
1920af0169c52de492edb199db45430148c2eed4
-
SHA256
d87360c3a4286dab91df70eca55e4b4f6520069fc5f1595272fcdd3f37f5af3e
-
SHA512
68ef5523ec85925bcbb5ecac16a1eba9f17463014a11745fb8ef351486f2a7a9db4fced14b4989d1e9d07707c88470a394c6477af0ebf69771dd25a10b0cd5e4
-
SSDEEP
384:I/kFspY1ocy454lbGaNsvhpNe9su3K2fa2hOwV0b0QfcNxCqcR1:I/kR1ocy4iEa+JpNasd2hOwSb0GYxQR1
Score8/10-
Path Permission
Adversaries may modify directory permissions/attributes to evade access control lists (ACLs) and access protected files.
-
Gatekeeper Bypass
Adversaries may modify file attributes and subvert Gatekeeper functionality to evade user prompts and execute untrusted programs. Gatekeeper is a set of technologies that act as layer of Apples security model to ensure only trusted applications are executed on a host.
-
File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity. Malware, tools, or other non-native files dropped or created on a system by an adversary (ex: Ingress Tool Transfer) may leave traces to indicate to what was done within a network and how. Removal of these files can occur.
-
MITRE ATT&CK Enterprise v15
Defense Evasion
File and Directory Permissions Modification
1Linux and Mac File and Directory Permissions Modification
1Hide Artifacts
1Resource Forking
1Indicator Removal
1File Deletion
1Subvert Trust Controls
1Gatekeeper Bypass
1