a01e5c559ca7fc149420a26d46f13575b3e01daa19f2bdea0d9723c04ea1db35 | Triage

Resubmissions

12-10-2024 03:46

241012-ebxt7awcpm 10

12-10-2024 03:33

241012-d4fwps1cne 7

12-10-2024 03:32

241012-d347xavgqj 8

12-10-2024 03:32

241012-d3m9dsvgnl 7

Sharing

General

Target

2024-10-12_37e70a501e43c8f4beb5ead5537b217c_cryptolocker
Size

48KB
Sample

241012-d347xavgqj
MD5

37e70a501e43c8f4beb5ead5537b217c
SHA1

1258c1a191d81f9cc473690ef0c43d8d26ff29a5
SHA256

a01e5c559ca7fc149420a26d46f13575b3e01daa19f2bdea0d9723c04ea1db35
SHA512

7459d4787848912f1eba0749298952011df4e8696581b2cddc9af918605203b0b5c3e0f7f6e87c669a6fa70dae3d0b0d99ce2fca821928124d4603eaf0c0d82d
SSDEEP

768:P6LsoEEeegiZPvEhHS5+Mh/QtOOtEvwDpjBpaD3TUogs/VXpAPcV:P6QFElP6k+MRQMOtEvwDpjBQpVX1

Score

8^/10

discovery evasion macos

Malware Config

Targets

- Target
  
  2024-10-12_37e70a501e43c8f4beb5ead5537b217c_cryptolocker
- Size
  
  48KB
- MD5
  
  37e70a501e43c8f4beb5ead5537b217c
- SHA1
  
  1258c1a191d81f9cc473690ef0c43d8d26ff29a5
- SHA256
  
  a01e5c559ca7fc149420a26d46f13575b3e01daa19f2bdea0d9723c04ea1db35
- SHA512
  
  7459d4787848912f1eba0749298952011df4e8696581b2cddc9af918605203b0b5c3e0f7f6e87c669a6fa70dae3d0b0d99ce2fca821928124d4603eaf0c0d82d
- SSDEEP
  
  768:P6LsoEEeegiZPvEhHS5+Mh/QtOOtEvwDpjBpaD3TUogs/VXpAPcV:P6QFElP6k+MRQMOtEvwDpjBQpVX1
Score

8^/10

discovery evasion
- Path Permission
  Adversaries may modify directory permissions/attributes to evade access control lists (ACLs) and access protected files.
  evasion
- Gatekeeper Bypass
  Adversaries may modify file attributes and subvert Gatekeeper functionality to evade user prompts and execute untrusted programs. Gatekeeper is a set of technologies that act as layer of Apples security model to ensure only trusted applications are executed on a host.
  evasion
- File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity. Malware, tools, or other non-native files dropped or created on a system by an adversary (ex: Ingress Tool Transfer) may leave traces to indicate to what was done within a network and how. Removal of these files can occur.
  evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Linux and Mac File and Directory Permissions Modification

Hide Artifacts

Resource Forking

Indicator Removal

File Deletion

Subvert Trust Controls

Gatekeeper Bypass

Credential Access

Discovery

File and Directory Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion