FADE DEAD | Adventures in Reversing Malicious Run-Only AppleScripts - SentinelLabs
Tags
Common Information
| Type | Value |
|---|---|
| UUID | 8c82f315-18dd-4e13-b486-e9a1b00eb092 |
| Fingerprint | a443ab032d7d870f |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Jan. 11, 2021, midnight |
| Added to db | Sept. 26, 2022, 9:30 a.m. |
| Last updated | Nov. 17, 2024, 5:57 p.m. |
| Headline | FADE DEAD | Adventures in Reversing Malicious Run-Only AppleScripts |
| Title | FADE DEAD | Adventures in Reversing Malicious Run-Only AppleScripts - SentinelLabs |
| Detected Hints/Tags/Attributes | 0/0/23 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 8 | monitor.app |
|
| Details | Domain | 359 | com.apple |
|
| Details | Domain | 1 | apple.google |
|
| Details | Domain | 1 | apple.yahoo |
|
| Details | Domain | 2 | events.app |
|
| Details | Domain | 1 | disassembly.py |
|
| Details | Domain | 1 | disassembler.py |
|
| Details | Domain | 19 | terminal.app |
|
| Details | Domain | 1 | www.budaybu10000.com |
|
| Details | Domain | 1 | www.emoneyspace.com |
|
| Details | Domain | 1 | com.apple.cm |
|
| Details | Domain | 1 | ssl.zip |
|
| Details | Domain | 1 | office4mac.app.zip |
|
| Details | Domain | 1 | install-lol.app.zip |
|
| Details | Domain | 3 | com.apple.yahoo |
|
| Details | Domain | 1 | www.wodaywo65465182.com |
|
| Details | Domain | 1 | wodaywo.com |
|
| Details | Domain | 111 | www.apple.com |
|
| Details | Domain | 2 | wwww.yahoo.com |
|
| Details | Domain | 16 | www.anquanke.com |
|
| Details | Domain | 1 | www.codetd.com |
|
| Details | Domain | 2 | www.tr0y.wang |
|
| Details | Domain | 124 | www.sentinelone.com |