OSX_Keydnap

Name: OSX_Keydnap
(http://www.welivesecurity.com/2016/07/06/new-osxkeydnap-malware-hungry-credentials): Artifact used by this malware

Query:
select * from launchd where name IN ('com.apple.iCloud.sync.daemon', 'com.geticloud.icloud.photo');
Additional Query Info:
Version: 1.4.5
Platform: darwin
Interval: 3600

JSON:
{
  "queries": {
    "OSX_Keydnap": {
      "query" : "select * from launchd where name IN ('com.apple.iCloud.sync.daemon', 'com.geticloud.icloud.photo');",
      "interval" : "3600",
      "platform" : "darwin",
      "version": "1.4.5",
      "description" : "(http://www.welivesecurity.com/2016/07/06/new-osxkeydnap-malware-hungry-credentials)",
      "value" : "Artifact used by this malware"
    }
  }
}

You must be logged in to post a comment.

Proudly powered by WordPress   Premium Style Theme by www.gopiplus.com