Overview

overview

8

Static

static

1

jsm_sas.rbxm

macos-10.15-amd64

8

Resubmissions

28-08-2024 00:19

240828-amfylaxhja 1

28-08-2024 00:19

240828-al8bfsxgrd 1

28-08-2024 00:04

240828-actrpszakp 8

28-08-2024 00:01

240828-aa6cqaxerd 5

27-08-2024 23:49

240827-3t17bsxdpe 7

27-08-2024 23:36

240827-3lzzasydrr 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    jsm_sas.rbxm

  • Size

    592KB

  • Sample

    240828-actrpszakp

  • MD5

    8868b47dca5975929f896e93d0c7d52c

  • SHA1

    65783e973c97fd74d9d4ae131a77edb5e69ab909

  • SHA256

    c88161c58bfec207c4a9da9598d24a6a4cdc83e81a123bf3c38c188f03bfad62

  • SHA512

    e8388afb220b48d9a6fa8d32cc652258307ddfb39fdfcf5e9d5a631f23ff6ab005c3be371d1d2e015e1db8a4fa1b5cf306e52f4f77c075da58316aaa245223f3

  • SSDEEP

    12288:WLaIb4s0L6cI58hGQDcrPyavp7R1R0Fb7ptJLZilvQbp:WLaV1e0cPyE7R1wb7o8

Score
8/10
discoveryevasionmacos

Malware Config

Targets

    • Target

      jsm_sas.rbxm

    • Size

      592KB

    • MD5

      8868b47dca5975929f896e93d0c7d52c

    • SHA1

      65783e973c97fd74d9d4ae131a77edb5e69ab909

    • SHA256

      c88161c58bfec207c4a9da9598d24a6a4cdc83e81a123bf3c38c188f03bfad62

    • SHA512

      e8388afb220b48d9a6fa8d32cc652258307ddfb39fdfcf5e9d5a631f23ff6ab005c3be371d1d2e015e1db8a4fa1b5cf306e52f4f77c075da58316aaa245223f3

    • SSDEEP

      12288:WLaIb4s0L6cI58hGQDcrPyavp7R1R0Fb7ptJLZilvQbp:WLaV1e0cPyE7R1wb7o8

    Score
    8/10
    discoveryevasion

    • Path Permission

      Adversaries may modify directory permissions/attributes to evade access control lists (ACLs) and access protected files.

      evasion

    • Gatekeeper Bypass

      Adversaries may modify file attributes and subvert Gatekeeper functionality to evade user prompts and execute untrusted programs. Gatekeeper is a set of technologies that act as layer of Apples security model to ensure only trusted applications are executed on a host.

      evasion

    • Legitimate hosting services abused for malware hosting/C2

    • File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity. Malware, tools, or other non-native files dropped or created on a system by an adversary (ex: Ingress Tool Transfer) may leave traces to indicate to what was done within a network and how. Removal of these files can occur.

      evasion
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks