General
-
Target
https://bitbucket.org/crypto-oasis-web3/socifi-mvp-v1/src/main/
-
Sample
241113-nhc8ss1cjd
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://bitbucket.org/crypto-oasis-web3/socifi-mvp-v1/src/main/
Resource
macos-20241101-en
Malware Config
Targets
-
-
Target
https://bitbucket.org/crypto-oasis-web3/socifi-mvp-v1/src/main/
Score7/10-
Exfiltration Over Alternative Protocol
Adversaries may steal data by exfiltrating it over an un-encrypted network protocol other than that of the existing command and control channel.
-
File Permission
Adversaries may modify file permissions/attributes to evade access control lists (ACLs) and access protected files.
-
Queries the macOS version information.
An adversary may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture.
-
Legitimate hosting services abused for malware hosting/C2
-
File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity. Malware, tools, or other non-native files dropped or created on a system by an adversary (ex: Ingress Tool Transfer) may leave traces to indicate to what was done within a network and how. Removal of these files can occur.
-
MITRE ATT&CK Enterprise v15
Defense Evasion
File and Directory Permissions Modification
1Linux and Mac File and Directory Permissions Modification
1Hide Artifacts
1Resource Forking
1Indicator Removal
1File Deletion
1