Endpoint Security Self-Protection on MacOS - MDSec
Tags
| attack-pattern: | Data Hooking - T1617 Malware - T1587.001 Malware - T1588.001 Python - T1059.006 Software - T1592.002 Hooking - T1179 Hypervisor - T1062 Hooking |
Common Information
| Type | Value |
|---|---|
| UUID | ca76ebdc-bf58-4696-b1e8-934698ca9806 |
| Fingerprint | 7ebb9117bea78405 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Aug. 13, 2018, 2:35 p.m. |
| Added to db | Jan. 18, 2023, 11:28 p.m. |
| Last updated | Nov. 15, 2024, 2:39 p.m. |
| Headline | Endpoint Security Self-Protection on MacOS |
| Title | Endpoint Security Self-Protection on MacOS - MDSec |
| Detected Hints/Tags/Attributes | 44/1/11 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | plugin.process.gdb-remote.target |
|
| Details | Domain | 359 | com.apple |
|
| Details | Domain | 1 | antivirusformac.app |
|
| Details | File | 1 | gdb-remote.tar |
|
| Details | File | 1 | x86_64_target_definition.py |
|
| Details | File | 2 | kernel.py |
|
| Details | File | 130 | info.pl |
|
| Details | File | 1 | authhelpertool.pl |
|
| Details | File | 1 | upgrade.pl |
|
| Details | File | 17 | agent.pl |
|
| Details | File | 1 | antivirusformac.pl |