OSX/Proton.B: A brief analysis, at 6 miles up
Tags
Common Information
| Type | Value |
|---|---|
| UUID | d0e15be6-bf9c-4828-97fa-99bf4a468af0 |
| Fingerprint | 97701ddb2d5300ce |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Oct. 5, 2017, midnight |
| Added to db | Nov. 6, 2023, 6:28 p.m. |
| Last updated | Nov. 17, 2024, 5:57 p.m. |
| Headline | UNKNOWN |
| Title | OSX/Proton.B: A brief analysis, at 6 miles up |
| Detected Hints/Tags/Attributes | 58/1/49 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Redirection | https://objective-see.com/blog/blog_0x1F.html |
| Details | Source | https://objective-see.org/blog/blog_0x1F.html |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 186 | ✔ | Objective-See's Blog | https://objective-see.org/rss.xml | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 4 | handbrake.app |
|
| Details | Domain | 3 | handbrake.fr |
|
| Details | Domain | 359 | com.apple |
|
| Details | Domain | 2 | handbrake.cc |
|
| Details | Domain | 1 | handbrake.biz |
|
| Details | Domain | 1 | ls.handbrake.biz |
|
| Details | Domain | 111 | www.apple.com |
|
| Details | Domain | 2 | proton.zip |
|
| Details | Domain | 11 | script.google.com |
|
| Details | Domain | 4 | cr.zip |
|
| Details | Domain | 2 | ff.zip |
|
| Details | Domain | 2 | mozilla.sh |
|
| Details | Domain | 2 | sf.zip |
|
| Details | Domain | 2 | op.zip |
|
| Details | Domain | 3 | kc.zip |
|
| Details | Domain | 2 | handbrakestore.com |
|
| Details | Domain | 2 | luwenxdsnhgfxckcjgxvtugj.com |
|
| Details | Domain | 2 | 6gmvshjdfpfbeqktpsde5xav.com |
|
| Details | Domain | 2 | kjfnbfhu7ndudgzhxpwnnqkc.com |
|
| Details | Domain | 2 | yaxw8dsbttpwrwlq3h6uc9eq.com |
|
| Details | Domain | 2 | qrtfvfysk4bdcwwwe9pxmqe9.com |
|
| Details | Domain | 2 | fyamakgtrrjt9vrwhmc76v38.com |
|
| Details | Domain | 2 | kcdjzquvhsua6hlfbmjzkzsb.com |
|
| Details | Domain | 2 | ypu4vwlenkpt29f95etrqllq.com |
|
| Details | Domain | 2 | au.pub |
|
| Details | File | 130 | info.pl |
|
| Details | File | 2 | proton.zip |
|
| Details | File | 6 | str.txt |
|
| Details | File | 4 | cr.zip |
|
| Details | File | 2 | cr_def.zip |
|
| Details | File | 2 | ff.zip |
|
| Details | File | 60 | cookies.sql |
|
| Details | File | 15 | formhistory.sql |
|
| Details | File | 64 | logins.json |
|
| Details | File | 2 | sf.zip |
|
| Details | File | 2 | op.zip |
|
| Details | File | 3 | kc.zip |
|
| Details | File | 2 | gnu_pw.zip |
|
| Details | File | 2 | info_.pl |
|
| Details | File | 2 | au.pub |
|
| Details | File | 3 | activity_agent.pl |
|
| Details | sha1 | 2 | a8ea82ee767091098b0e275a80d25d3bc79e0cea |
|
| Details | sha256 | 1 | 128814f2b057aef1dd3e00f3749aed2a81e5ed03737311f2b1faab4ab2e6e2fe |
|
| Details | IPv4 | 295 | 8.8.8.8 |
|
| Details | Url | 73 | http://www.apple.com/dtds/propertylist-1.0.dtd |
|
| Details | Url | 2 | https://script.google.com/macros/s/akfycbyd5acbanwi2yn0xhfrbyzs4qmq1vucmvgvvhul5xqs9hkayjy/exec |
|
| Details | Url | 1 | https://script.google.com/macros/s |
|
| Details | Url | 1 | https://handbrake.biz/rsa |
|
| Details | Yara rule | 8 | rule Macho {
meta:
description = "private rule to match Mach-O binaries"
condition:
uint32(0) == 0xfeedface or uint32(0) == 0xcefaedfe or uint32(0) == 0xfeedfacf or uint32(0) == 0xcffaedfe or uint32(0) == 0xcafebabe or uint32(0) == 0xbebafeca
} |