ioc[.]one - OSINT Cyber Threat Intelligence Database

macOS用アーティファクト収集ツールと簡易マルウェア解析サンドボックスの実装と利用方法

Show in Graph

Common Information

Type	Value
UUID	37679da1-95e2-47fa-a1a7-62ed60f41e1a
Fingerprint	6ba36e5606890007c45405b8caf34a8096897706de840c45f79082d8384dd36c
Analysis status	DONE
Considered CTI value	1
Text language
Published	Jan. 20, 2020, 11:43 a.m.
Added to db	March 12, 2024, 7:38 p.m.
Last updated	Aug. 31, 2024, 4:51 a.m.
Headline	macOS用アーティファクト収集ツールと簡易マルウェア解析サンドボックスの実装と利用方法
Title	macOS用アーティファクト収集ツールと簡易マルウェア解析サンドボックスの実装と利用方法
Detected Hints/Tags/Attributes	67/2/107

Source URLs

	Redirection	Url
Details	Source	https://jsac.jpcert.or.jp/archive/2020/pdf/JSAC2020_7_kobayashi_jp.pdf

URL Provider

Details	Provider	Source level domain
Details	jpcert.or.jp	jsac.jpcert.or.jp

Attributes

Details	Type	#Events	Value
Details	Domain	15	mac4n6.com
Details	Domain	30	objective-see.com
Details	Domain	1	swiftforensics.com
Details	Domain	3	padawan-4n6.hatenablog.com
Details	Domain	9	www.flaticon.com
Details	Domain	359	com.apple
Details	Domain	1	macosac.py
Details	Domain	53	developer.apple.com
Details	Domain	4127	github.com
Details	Domain	47	www.slideshare.net
Details	Domain	7	commons.wikimedia.org
Details	Domain	8	monitor.app
Details	Domain	184	www.fireeye.com
Details	Domain	1	monitorappconv.py
Details	Domain	1	u0000com.apple
Details	Domain	1	openbsmconv.py
Details	Domain	1	norimaci.py
Details	Domain	1	quicklookuihelper.app
Details	Domain	1	diskimagemounter.app
Details	Domain	5	celastradepro.app
Details	Domain	4	www.celasllc.com
Details	Domain	16	installer.app
Details	Domain	111	www.apple.com
Details	Domain	4	www.mac4n6.com
Details	Domain	1	michaellynn.github.io
Details	Domain	2	bgiparser.py
Details	Domain	1	evernote.app
Details	Domain	5	helper.app
Details	Domain	1	osx.agent.info
Details	Domain	1	blogs.dropbox.com
Details	Domain	5	www.scip.ch
Details	Domain	11	www.synack.com
Details	Domain	172	www.crowdstrike.com
Details	Domain	26	posts.specterops.io
Details	Domain	144	www.fortinet.com
Details	Domain	16	www.netresec.com
Details	Domain	4	www.inetsim.org
Details	File	1	macosac.ini
Details	File	1	backups.backup
Details	File	1	ermacforensics_20191010_171704.dmg
Details	File	1	macosac.py
Details	File	1	artifact_file_stat.csv
Details	File	1	copy_artifact_files.log
Details	File	1	futomaki_zushi_in_201902.jpg
Details	File	1	monitor.html
Details	File	1	monitorappconv.py
Details	File	103	test.txt
Details	File	3	apple.mdw
Details	File	1	openbsmconv.py
Details	File	1	window_5.dat
Details	File	1	monitorapp.py
Details	File	1	norimaci.py
Details	File	1	_timeline.csv
Details	File	1	norimaci_27_dec_19__16_31_100629_timeline.csv
Details	File	5	celastradepro.pl
Details	File	4	service.log
Details	File	2	tmpctp.log
Details	File	24	apple.log
Details	File	6	initems.pl
Details	File	4	ns.key
Details	File	3	ns.obj
Details	File	1	bgiparser.py
Details	File	1	agent.inf
Details	File	1	wardle_shmoocon2018.pdf
Details	File	1	monitoring-system-activi.html
Details	File	2	blog_0x25.html
Details	File	1	blog_0x3c.html
Details	File	2	blog_0x53.html
Details	Github username	1	rurik
Details	Github username	5	mnrkbys
Details	Github username	6	ydkhatri
Details	Github username	2	orlikoski
Details	md5	1	1b85c91207f6c7f009e1f28cc84c295e
Details	sha256	16	e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Details	IPv4	15	1.0.0.3
Details	IPv4	619	0.0.0.0
Details	IPv4	1	172.16.229.50
Details	IPv4	1	172.16.229.131
Details	IPv4	1	172.16.229.51
Details	IPv4	1441	127.0.0.1
Details	Url	1	https://developer.apple.com/documentation/macos_release_notes/macos_catalina_10_15_release_notes
Details	Url	1	https://github.com/rurik/noriben
Details	Url	1	https://www.slideshare.net/bbaskin/bh15-arsenal-noriben
Details	Url	1	https://commons.wikimedia.org/wiki/file:futomaki_zushi_in_201902.jpg
Details	Url	1	https://www.fireeye.com/services/freeware/monitor.html
Details	Url	73	http://www.apple.com/dtds/propertylist-1.0.dtd
Details	Url	1	https://www.mac4n6.com/blog/2016/1/1/manual-analysis-of-nskeyedarchiver-formatted-
Details	Url	1	http://michaellynn.github.io/2015/10
Details	Url	3	https://github.com/mnrkbys/macosac
Details	Url	1	https://github.com/mnrkbys/norimaci
Details	Url	1	https://github.com/mnrkbys/bgiparser
Details	Url	1	https://objective-see.com/talks/wardle_shmoocon2018.pdf
Details	Url	1	https://blogs.dropbox.com/tech/2018/04/4696
Details	Url	1	https://www.scip.ch/en/?labs.20150108
Details	Url	1	https://www.synack.com/blog/monitoring-process-creation-via-the-
Details	Url	1	https://www.mac4n6.com/blog/2016/1/1/manual-analysis-of-
Details	Url	1	http://michaellynn.github.io/2015/10/24/apples-bookmarkdata-exposed
Details	Url	1	https://www.crowdstrike.com/blog/automating-
Details	Url	6	https://github.com/ydkhatri/mac_apt
Details	Url	1	https://posts.specterops.io/introducing-venator-a-
Details	Url	2	https://github.com/orlikoski/cylr
Details	Url	5	https://www.fortinet.com/blog/threat-
Details	Url	2	https://www.netresec.com/?page=polarproxy
Details	Url	1	https://www.inetsim.org
Details	Url	2	https://objective-see.com/blog/blog_0x25.html
Details	Url	1	https://objective-see.com/blog/blog_0x3c.html
Details	Url	2	https://objective-see.com/blog/blog_0x53.html