OSX_DOK_4

Name: OSX_DOK_4
DOK malicious app (http://blog.checkpoint.com/2017/04/27/osx-malware-catching-wants-read-https-traffic/): Artifact used by this malware

Query:
select * from apps where bundle_name = 'Truesteer.AppStore';
Additional Query Info:
Version: 1.4.5
Platform: darwin
Interval: 3600

JSON:
{
  "queries": {
    "OSX_DOK_4": {
      "query" : "select * from apps where bundle_name = 'Truesteer.AppStore';",
      "interval" : "3600",
      "platform" : "darwin",
      "version": "1.4.5",
      "description" : "DOK malicious app (http://blog.checkpoint.com/2017/04/27/osx-malware-catching-wants-read-https-traffic/)",
      "value" : "Artifact used by this malware"
    }
  }
}

You must be logged in to post a comment.

Proudly powered by WordPress   Premium Style Theme by www.gopiplus.com