Overview

overview

10

Static

static

10

debb03ea54...kes118

macos-10.15-amd64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    debb03ea54bfe8e6262a1582ebba7420_JaffaCakes118

  • Size

    37KB

  • Sample

    240913-xwpnestdkl

  • MD5

    debb03ea54bfe8e6262a1582ebba7420

  • SHA1

    39012aa1786dc154d4a112b253ead9ba743f7faa

  • SHA256

    fda08c9f865ac8cb19152239af67766523e39bc7c707ca61ea554c9674af6eb0

  • SHA512

    c7bfdaec42df736ef1dca12212f8981443d472ff2eda229b8fe71f5279704018eb7f8021a43906b35d4c54846690b81a3cb7f2f4c3616bad4b64139ef334ea27

  • SSDEEP

    768:uymfskL7ksQ+i2evRtFL1wA9y8W+FfjAd40uSRf1yC://W7kqihFD+ofjy40N1

Score
10/10
kaitenmacospersistenceprivilege_escalation

Malware Config

Targets

    • Target

      debb03ea54bfe8e6262a1582ebba7420_JaffaCakes118

    • Size

      37KB

    • MD5

      debb03ea54bfe8e6262a1582ebba7420

    • SHA1

      39012aa1786dc154d4a112b253ead9ba743f7faa

    • SHA256

      fda08c9f865ac8cb19152239af67766523e39bc7c707ca61ea554c9674af6eb0

    • SHA512

      c7bfdaec42df736ef1dca12212f8981443d472ff2eda229b8fe71f5279704018eb7f8021a43906b35d4c54846690b81a3cb7f2f4c3616bad4b64139ef334ea27

    • SSDEEP

      768:uymfskL7ksQ+i2evRtFL1wA9y8W+FfjAd40uSRf1yC://W7kqihFD+ofjy40N1

    Score
    6/10
    persistenceprivilege_escalation

    • RC Scripts

      Adversaries may establish persistence by modifying RC scripts which are executed during a Unix-like systems startup. These files allow system administrators to map and start custom services at startup for different run levels.

      persistenceprivilege_escalation
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks