Detecting macOS.GMERA Malware Through Behavioral Inspection
Tags
attack-pattern: Data Code Signing - T1553.002 Launch Agent - T1543.001 Launchd - T1053.004 Malware - T1587.001 Malware - T1588.001 Software - T1592.002 Code Signing - T1116 Hidden Files And Directories - T1158 Launch Agent - T1159 Launch Daemon - T1160 Plist Modification - T1150
Show in Graph
Common Information
Type Value
UUID d9228938-9030-4abd-a253-e28e7da4578f
Fingerprint b5221989a973871b
Analysis status DONE
Considered CTI value 2
Text language
Published Sept. 25, 2019, midnight
Added to db Jan. 30, 2023, 4:33 p.m.
Last updated Nov. 12, 2024, 11:51 a.m.
Headline Detecting macOS.GMERA Malware Through Behavioral Inspection
Title Detecting macOS.GMERA Malware Through Behavioral Inspection
Detected Hints/Tags/Attributes 66/1/11
Source URLs
Redirection Url
Details Source https://labs.sentinelone.com/detecting-macos-gmera-malware-through-behavioral-inspection/
URL Provider
Details Provider Source level domain
Details sentinelone.com labs.sentinelone.com
Attributes
Details Type #Events CTI Value
Details Domain 5 
stockfoli.app
Details Domain 5 
stockfolio.app
Details Domain 39 
run.sh
Details Domain 359 
com.apple
Details Domain 6 
mrt.app
Details File 6 
upd.pl
Details sha256 1 
d2eaeca25dd996e4f34984a0acdc4c2a1dfa3bacf2594802ad20150d52d23d68
Details IPv4 4 
193.37.212.176
Details MITRE ATT&CK Techniques 2 
T1150
Details MITRE ATT&CK Techniques 42 
T1158
Details MITRE ATT&CK Techniques 5 
T1160