ioc[.]one - OSINT Cyber Threat Intelligence Database

From Amos to Poseidon | A SOC Team’s Guide to Detecting macOS Atomic Stealers 2024

Tags

cmtmf-attack-pattern:	Masquerading
country:	Russia
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Applescript - T1059.002 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Software - T1592.002 Applescript - T1155 Browser Extensions - T1176 Masquerading - T1036 Masquerading

Show in Graph

Common Information

Type	Value
UUID	87ceea18-9672-426f-967f-1d003ab005b9
Fingerprint	251501d3af3a069f
Analysis status	DONE
Considered CTI value	-2
Text language
Published	Sept. 12, 2024, midnight
Added to db	Sept. 12, 2024, 8:54 p.m.
Last updated	Nov. 17, 2024, 11:40 p.m.
Headline	From Amos to Poseidon \| A SOC Team’s Guide to Detecting macOS Atomic Stealers 2024
Title	From Amos to Poseidon \| A SOC Team’s Guide to Detecting macOS Atomic Stealers 2024
Detected Hints/Tags/Attributes	47/4/18

Source URLs

	Redirection	Url
Details	Source	https://www.sentinelone.com/blog/from-amos-to-poseidon-a-soc-teams-guide-to-detecting-macos-atomic-stealers-2024/

URL Provider

Details	Provider	Source level domain
Details	sentinelone.com	www.sentinelone.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	234	✔	SentinelOne	https://sentinelone.com/feed/	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	2		events.app
Details	Domain	538		pic.twitter.com
Details	Domain	4128		github.com
Details	File	1		osx_atomic.txt
Details	Github username	4		stamparm
Details	sha1	2		d52b66a041f73845f8545e8efd7b518a914de181
Details	sha1	2		8695ed26aec4b078fc9bd2b109c733ce5edbd736
Details	sha1	2		a748949cc08f4a68c2915a7bee03b59b1d4598a6
Details	sha1	2		fc4246fd2bc0deaf03efad77a6c9c208af7a5864
Details	sha1	2		bdacff3c908127053a7a897b4d362cb4f32f7110
Details	sha1	2		a0d47316c6bc400a9333f5b6bfc8a14fb57d6fca
Details	sha1	2		84c981fec74942150120862ce1036f3147301e6b
Details	sha1	2		465b1fa15758f758c583ce127c2b991aac5c9a98
Details	sha1	2		de67e9c087f01f1f2a19ee9432ed73af0c788430
Details	IPv4	3		45.142.122.92
Details	IPv4	2		41.216.183.214
Details	IPv4	2		89.208.103.185
Details	Url	1		https://github.com/stamparm/maltrail/blob/master/trails/static/malware/osx_atomic.txt