Writing a File Monitor with Apple's Endpoint Security Framework
Tags
| attack-pattern: | Data Malware - T1587.001 Malware - T1588.001 Tool - T1588.002 |
Common Information
| Type | Value |
|---|---|
| UUID | 03b44b45-5af9-4eb1-8a87-0415704dbc01 |
| Fingerprint | 621844353df78d10 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Sept. 17, 2019, midnight |
| Added to db | Aug. 13, 2023, 2:27 a.m. |
| Last updated | Nov. 12, 2024, 11:51 a.m. |
| Headline | UNKNOWN |
| Title | Writing a File Monitor with Apple's Endpoint Security Framework |
| Detected Hints/Tags/Attributes | 34/1/8 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://objective-see.org/blog/blog_0x48.html |
| Details | Redirection | https://objective-see.com/blog/blog_0x48.html |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 186 | ✔ | Objective-See's Blog | https://objective-see.org/rss.xml | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 359 | com.apple |
|
| Details | Domain | 21 | filemonitor.app |
|
| Details | Domain | 1 | event.create.target |
|
| Details | Domain | 1 | event.write.target |
|
| Details | File | 1 | create.tar |
|
| Details | File | 1 | write.tar |
|
| Details | sha1 | 1 | bd67298030ca90256b3999a118dcf2ffe5352a9e |
|
| Details | Url | 1 | https://developer.apple.com/documentation/endpointsecurity/es_event_type_t?language=objc |