Antivirus Evasion on OSX
Tags
| attack-pattern: | Malware - T1587.001 Malware - T1588.001 Software - T1592.002 |
Common Information
| Type | Value |
|---|---|
| UUID | f67612f3-b91d-451a-a459-58416bd4e147 |
| Fingerprint | f1d51557d328dc70 |
| Analysis status | IN_PROGRESS |
| Considered CTI value | 0 |
| Text language | |
| Published | March 21, 2019, 11:33 p.m. |
| Added to db | Jan. 18, 2023, 9:30 p.m. |
| Last updated | Nov. 17, 2024, 11:40 p.m. |
| Headline | danielsauder |
| Title | Antivirus Evasion on OSX |
| Detected Hints/Tags/Attributes | 17/1/9 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://danielsauder.com/2019/03/21/antivirus-evasion-on-osx/ |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | obamapacman.com |
|
| Details | Domain | 4128 | github.com |
|
| Details | File | 1 | bitdefender-whitepaper-apt-mac-a4-en-en-web.pdf |
|
| Details | Github username | 3 | govolution |
|
| Details | IPv4 | 1 | 192.168.2.111 |
|
| Details | Threat Actor Identifier - APT | 783 | APT28 |
|
| Details | Url | 1 | http://obamapacman.com/2009/08/russia-president-dmitry-medvedev-mac-user-kremlin |
|
| Details | Url | 1 | https://github.com/govolution/avepoc/blob/master/osx64_sc_binder.c |
|
| Details | Url | 1 | https://github.com/govolution/avetosx |