fakelockbit | a997d2e17a012e432d92db0de69ef7780413f9d8c5125e13b161506a19382cda | Triage

Resubmissions

28/12/2024, 10:20

241228-mdf88axqhm 10

28/12/2024, 10:17

241228-mbmm8axqgp 10

Sharing

General

Target

malware.zip
Size

1.3MB
Sample

241228-mdf88axqhm
MD5

d4b51d22015a4d6b25018e6201497b4d
SHA1

43e257d00daaf50a411626ede25b079580bb1ed2
SHA256

a997d2e17a012e432d92db0de69ef7780413f9d8c5125e13b161506a19382cda
SHA512

91399dfcfbcdd57a394d2144048b9e1837db8052d9ce0ec6b355242b64906976290b789ba8a74129380c4dd80adb6e6f3864d305a5e97e6e66a87f598f2fce74
SSDEEP

24576:jEP85aWIOd3RFdGlIYeHTpwou01c7ZaU4lGTayC0u5Lr75TfzkUW90TVgJn:wP85aWpYlAHf11QEU4lWay4rRxW252

Score

10^/10

fakelockbit evasion execution macos persistence

Malware Config

Targets

- Target
  
  e02b3309c0b6a774a4d940369633e395b4c374dc3e6aaa64410cc33b0dcd67ac
- Size
  
  3.0MB
- MD5
  
  8b26b29569c5d912d1d46e0de6a84edc
- SHA1
  
  367362b4ab6384833752b6936c296f3746859b82
- SHA256
  
  e02b3309c0b6a774a4d940369633e395b4c374dc3e6aaa64410cc33b0dcd67ac
- SHA512
  
  66d31cb407e9b784cef915fdb5ca9d10d1e071b94708f5f09966fb2b2f829f85bcc6fe760693bddd5485169016adf172910c77df27b99709422f1f060712ba56
- SSDEEP
  
  49152:ZguJx3jLj7BBmM5EW6djOp7b9rZpgcMiw04Z:px3LEfjA9NHwZZ
Score

5^/10

evasion execution persistence
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Hide Artifacts

Resource Forking

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionexecutionpersistence