General
-
Target
discord-logo-white.png
-
Size
27KB
-
Sample
240711-lvhmyatekb
-
MD5
1627e128a21aa255f7976af8e399807d
-
SHA1
1c0be17809a5914089abbba4aed7a9881bd6a47b
-
SHA256
19b5a3fa4cffac513be768aa47e16a5a5c29c81eb75db1086ada8dbff1cb5706
-
SHA512
43049c09287f66959cf2659814776f8b186f11af996b746020b4d556b68c7b88a85d225302d63a084037d4009863c33dd0deb620a0a01622b90a966984d62baa
-
SSDEEP
768:HmT1lSP8deug99bRXJySdThUgr4QXGFTHYNZ1vsV/AJ:HmT13ITJycGgr4tFbYhvsO
Malware Config
Targets
-
-
Target
discord-logo-white.png
-
Size
27KB
-
MD5
1627e128a21aa255f7976af8e399807d
-
SHA1
1c0be17809a5914089abbba4aed7a9881bd6a47b
-
SHA256
19b5a3fa4cffac513be768aa47e16a5a5c29c81eb75db1086ada8dbff1cb5706
-
SHA512
43049c09287f66959cf2659814776f8b186f11af996b746020b4d556b68c7b88a85d225302d63a084037d4009863c33dd0deb620a0a01622b90a966984d62baa
-
SSDEEP
768:HmT1lSP8deug99bRXJySdThUgr4QXGFTHYNZ1vsV/AJ:HmT13ITJycGgr4tFbYhvsO
Score8/10-
Path Permission
Adversaries may modify directory permissions/attributes to evade access control lists (ACLs) and access protected files.
-
Gatekeeper Bypass
Adversaries may modify file attributes and subvert Gatekeeper functionality to evade user prompts and execute untrusted programs. Gatekeeper is a set of technologies that act as layer of Apples security model to ensure only trusted applications are executed on a host.
-
File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity. Malware, tools, or other non-native files dropped or created on a system by an adversary (ex: Ingress Tool Transfer) may leave traces to indicate to what was done within a network and how. Removal of these files can occur.
-
MITRE ATT&CK Enterprise v15
Execution
Command and Scripting Interpreter
1JavaScript
1System Services
1Launchctl
1