A Malicious OS X Cocktail Served from a Tainted Bottle
Show in Graph
Image Description
Common Information
Type Value
UUID 2c0ec834-7b65-4b39-9ff0-6e585dbe6a6c
Fingerprint d190f2d70a3424f03c5c5a7b2db34ad6b2aeac244bb2d9eb5c003edad3fa8757
Analysis status DONE
Considered CTI value 0
Text language
Published Oct. 9, 2016, 10:43 a.m.
Added to db April 16, 2024, 7:48 p.m.
Last updated Aug. 31, 2024, 12:13 a.m.
Headline A Malicious OS X Cocktail Served from a Tainted Bottle
Title A Malicious OS X Cocktail Served from a Tainted Bottle
Detected Hints/Tags/Attributes 60/2/27
Source URLs
Redirection Url
Details Source https://www.virusbulletin.com/uploads/pdf/conference_slides/2016/Kalnai_Jirkal-vb-2016-malicious-osx-cocktail.pdf
URL Provider
Details Provider Source level domain
Details virusbulletin.com www.virusbulletin.com
Attributes
Details Type #Events CTI Value
Details Domain 6 
eset.cz
Details Domain 1 
lclebb6kvohlkcml.onion.link
Details Domain 2 
lclebb6kvohlkcml.onion.nu
Details Domain 2 
bmacyzmea723xyaz.onion.link
Details Domain 2 
bmacyzmea723xyaz.onion.nu
Details Domain 2 
nejdtkok7oz5kjoc.onion.link
Details Domain 2 
nejdtkok7oz5kjoc.onion.nu
Details Domain 359 
com.apple
Details Domain 2 
g5wcesdfjzne7255.onion
Details Domain 2 
r2elajikcosf7zee.onion
Details Domain 1 
t4f2cocitdpqa7tv.onion
Details Domain 4134 
github.com
Details Domain 2 
convert.py
Details Domain 262 
www.welivesecurity.com
Details Email 3 
peter.kalnai@eset.cz
Details Email 1 
jirkal@eset.cz
Details File 6 
general.rtf
Details File 1 
licence.rtf
Details File 4 
sync.dae
Details File 4 
mon.pl
Details File 2 
convert.py
Details Github username 10 
volatilityfoundation
Details Url 1 
https://github.com/volatilityfoundation/profiles/tree/master/mac
Details Url 1 
https://github.com/volatilityfoundation/volatility/wiki/mac-command-reference
Details Url 1 
http://www.welivesecurity.com/2016/07/06/new-osxkeydnap-
Details Url 1 
http://www.welivesecurity.com/2016/08/30/osxkeydnap-spreads-via-
Details Url 1 
http://www.welivesecurity.com/2016/03/07/new-mac-ransomware-