MOVP II - 4.1 - Leveraging Process Cross-View Analysis for Mac Rootkit Detection
Tags
attack-pattern: Launchd - T1053.004 Malware - T1587.001 Malware - T1588.001 Python - T1059.006 Tool - T1588.002 Rootkit - T1014 Sudo - T1169 Rootkit
Show in Graph
Common Information
Type Value
UUID 957ac3b8-09a7-496e-956c-7978aa85b270
Fingerprint 233add072c44a711
Analysis status DONE
Considered CTI value 0
Text language
Published June 5, 2013, 9:35 a.m.
Added to db Jan. 18, 2023, 10:44 p.m.
Last updated Nov. 12, 2024, 11:51 a.m.
Headline Volatility Labs
Title MOVP II - 4.1 - Leveraging Process Cross-View Analysis for Mac Rootkit Detection
Detected Hints/Tags/Attributes 19/1/4
Source URLs
Redirection Url
Details Source https://volatility-labs.blogspot.com/2013/06/movp-ii-41-leveraging-process-cross.html
URL Provider
Details Provider Source level domain
Details blogspot.com volatility-labs.blogspot.com
Attributes
Details Type #Events CTI Value
Details Domain 89 
vol.py
Details Domain 359 
com.apple
Details File 85 
vol.py
Details File 10 
apple.doc