Overview

overview

8

Static

static

1

Electron.html

macos-10.15-amd64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Electron

  • Size

    1KB

  • Sample

    250220-p3l7wavqgj

  • MD5

    8a8c21962af9ddaf5cb015c66560cf8d

  • SHA1

    557c1e59774b35c1171b0647da76d71c4249d397

  • SHA256

    6671f285c727eabd46d8fab8ab4646e478627a5c8f8fc67e7291533bceb5e903

  • SHA512

    585a0374cfcbe2f01e5f1a7d30a40f7db4396887a4dfb9d4a8f9b34a099f760fea8156529e87ab4389a447491e5fbb1629fa10c2b267995ea707b64d2e27424b

Score
8/10
defense_evasiondiscoverymacos

Malware Config

Targets

    • Target

      Electron

    • Size

      1KB

    • MD5

      8a8c21962af9ddaf5cb015c66560cf8d

    • SHA1

      557c1e59774b35c1171b0647da76d71c4249d397

    • SHA256

      6671f285c727eabd46d8fab8ab4646e478627a5c8f8fc67e7291533bceb5e903

    • SHA512

      585a0374cfcbe2f01e5f1a7d30a40f7db4396887a4dfb9d4a8f9b34a099f760fea8156529e87ab4389a447491e5fbb1629fa10c2b267995ea707b64d2e27424b

    Score
    8/10
    defense_evasiondiscovery

    • Path Permission

      Adversaries may modify directory permissions/attributes to evade access control lists (ACLs) and access protected files.

      defense_evasion

    • Gatekeeper Bypass

      Adversaries may modify file attributes and subvert Gatekeeper functionality to evade user prompts and execute untrusted programs. Gatekeeper is a set of technologies that act as layer of Apples security model to ensure only trusted applications are executed on a host.

      defense_evasion

    • File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity. Malware, tools, or other non-native files dropped or created on a system by an adversary (ex: Ingress Tool Transfer) may leave traces to indicate to what was done within a network and how. Removal of these files can occur.

      defense_evasion
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks