OSX_MaMi_Certificate

Name: OSX_MaMi_Certificate
MaMi OSX Malware 2017-01-12 (https://objective-see.com/blog/blog_0x26.html): bogus certificate added to key store by this malware

Query:
select * from certificates where common_name like '%cloudguard.me%' and not_valid_after = '2352216315';
Additional Query Info:
Version: 2.8.0
Platform: darwin
Interval: 3600

JSON:
{
  "queries": {
    "OSX_MaMi_Certificate": {
      "query" : "select * from certificates where common_name like '%cloudguard.me%' and not_valid_after = '2352216315';",
      "interval" : "3600",
      "platform" : "darwin",
      "version": "2.8.0",
      "description" : "MaMi OSX Malware 2017-01-12 (https://objective-see.com/blog/blog_0x26.html)",
      "value" : "bogus certificate added to key store by this malware"
    }
  }
}

You must be logged in to post a comment.

Proudly powered by WordPress   Premium Style Theme by www.gopiplus.com