ioc[.]one - OSINT Cyber Threat Intelligence Database

Mac Malware of 2016

Tags

country:

Russia

attack-pattern:

Data Code Signing - T1553.002 Credentials - T1589.001 Exploits - T1587.004 Exploits - T1588.005 Keychain - T1634.001 Keychain - T1555.001 Keychain - T1579 Launch Agent - T1543.001 Launchctl - T1569.001 Login Items - T1547.015 Malware - T1587.001 Malware - T1588.001 Python - T1059.006 Server - T1583.004 Server - T1584.004 Software - T1592.002 Video Capture - T1512 Tool - T1588.002 Code Signing - T1116 Connection Proxy - T1090 Keychain - T1142 Launch Agent - T1159 Launchctl - T1152 Video Capture - T1125

Show in Graph

Common Information

Type	Value
UUID	5ba60b39-6e9d-4c2a-89ca-31631540e08e
Fingerprint	a5248e382cf30ccb
Analysis status	DONE
Considered CTI value	2
Text language
Published	Jan. 1, 2017, midnight
Added to db	Aug. 30, 2024, 11:30 p.m.
Last updated	Nov. 17, 2024, 7:44 p.m.
Headline	UNKNOWN
Title	Mac Malware of 2016
Detected Hints/Tags/Attributes	95/2/43

Source URLs

	Redirection	Url
Details	Redirection	https://objective-see.com/blog/blog_0x16.html
Details	Source	https://objective-see.org/blog/blog_0x16.html

URL Provider

Details	Provider	Source level domain
Details	objective-see.com	objective-see.com
Details	objective-see.org	objective-see.org

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	186	✔	Objective-See's Blog	https://objective-see.org/rss.xml	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	5		transmission.app
Details	Domain	359		com.apple
Details	Domain	19		terminal.app
Details	Domain	4		transmissionbt.com
Details	Domain	2		com.geticloud.icloud.photo
Details	Domain	9		onion.to
Details	Domain	1		xjd6uzkuyonxzrz2.onion
Details	Domain	358		pastebin.com
Details	Domain	4127		github.com
Details	Domain	1		advancedmaccleaner.com
Details	Domain	4		opener.app
Details	Domain	1		www.macfileopener.org
Details	Domain	1		macfileopener.com
Details	Domain	3		2025.app
Details	Domain	11		preview.app
Details	File	6		general.rtf
Details	File	8		xprotect.pl
Details	File	20		screenshot.jpg
Details	File	9		license.rtf
Details	File	4		sync.dae
Details	File	4		mon.pl
Details	File	1		photo.pl
Details	File	2		integritycheck.pl
Details	File	2		timegrabber.pl
Details	File	2		usercontent.pl
Details	File	1		apple.php
Details	File	10		public.key
Details	File	1		api_post.php
Details	File	130		info.pl
Details	File	3		launchservices-134501.css
Details	File	1		storeuserd.pl
Details	File	10		apple.doc
Details	File	3		roskosmos_2015-2025.pdf
Details	File	6		updates.pl
Details	Github username	2		b374k
Details	md5	1		d1e52e9d2452e1810279527aa1a83c8b
Details	md5	1		df8a73a0813c422465564c913e760d87
Details	sha1	1		15bd408e435dc1a1509911cfd8c312f46ed54226
Details	IPv4	1441		127.0.0.1
Details	Threat Actor Identifier - APT	783		APT28
Details	Url	1		http://pastebin.com/api/api_post.php
Details	Url	1		https://github.com/b374k/b374k
Details	Url	1		http://macfileopener.com