← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
XCSSET Malware Updates with Python 3 to Target macOS Monterey Users
The operators of the XCSSET macOS malware have upped the stakes by making iterative improvements that add support for macOS Monterey by upgrading its source code components to Python 3.
"The malware authors have changed from hiding the primary executable in a fake Xcode.app in the initial versions in 2020 to a fake Mail.app in 2021 and now to a fake Notes.app in 2022," SentinelOne researchers Phil Stokes and Dinesh Devadoss said in a report.
MITRE ATT&CK & Malware Families
Indicators of Compromise (65)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| URL | https://t.co/EmutE0jCbD | — | 2022-08-24 | |
| FileHash-MD5 | 067d023d1644f0db809e40224fc199aa | MD5 of 2a62d6bcac7b0c5e75f561458e934ec45c77699c | 2022-08-24 | |
| FileHash-MD5 | 1ce8099c5bb8fbe715ae7c546c46a526 | MD5 of 127b66afa20a1c42e653ee4f4b64cf1ee3ed637d | 2022-08-24 | |
| FileHash-MD5 | 4eb559fb770409447c28ff35ea4850f3 | MD5 of e4b6c56faa97493dc0f0f7c4fc2196096ef66513 | 2022-08-24 | |
| FileHash-MD5 | 778f321ff786629fe340e515761807b7 | MD5 of f4099a0884d3f1bf5602c8c6ba5265b76d7f4953 | 2022-08-24 | |
| FileHash-MD5 | 831bb51467a90ef8a1c308d0b64e7ce2 | MD5 of bd13d22095d377938c50088e59fa3079143cb0f2 | 2022-08-24 | |
| FileHash-MD5 | 8a241c3815d83ecfad3633bd5d5fbe5f | MD5 of 2a6d37160f21ec13aa6c692a3ca3374db3d35e96 | 2022-08-24 | |
| FileHash-MD5 | a1c343f15a5d0be9766af8b22e4ed452 | MD5 of 263b243df32be6d9d9878c459d2fc6491342d547 | 2022-08-24 | |
| FileHash-MD5 | b10da4c3de468f8d0f2905349f864c60 | MD5 of 1396fdbff38b787d14b1135dcdfc367658669637 | 2022-08-24 | |
| FileHash-MD5 | db32974a24eacde161bfc43b428c46d7 | MD5 of f3a747bf10763d7d8c1cd9ccedd1e25ee195fce3 | 2022-08-24 | |
| FileHash-MD5 | fd60b342f8a30116b9f43cbb97ee3be9 | MD5 of dde87aefcaf788f770e5e1229db4fe73873e1c36 | 2022-08-24 | |
| FileHash-SHA1 | 0e1b2f01441e6e6fc8a48a7871e649d3647828cd | — | 2022-08-24 | |
| FileHash-SHA1 | 127b66afa20a1c42e653ee4f4b64cf1ee3ed637d | — | 2022-08-24 | |
| FileHash-SHA1 | 1396fdbff38b787d14b1135dcdfc367658669637 | — | 2022-08-24 | |
| FileHash-SHA1 | 25f8d7ac99e00c9d69679f2d9aca5954d2609a03 | — | 2022-08-24 | |
| FileHash-SHA1 | 263b243df32be6d9d9878c459d2fc6491342d547 | — | 2022-08-24 | |
| FileHash-SHA1 | 2a2330b13886ffe0e4fe54f7254008490814b5fa | — | 2022-08-24 | |
| FileHash-SHA1 | 2a62d6bcac7b0c5e75f561458e934ec45c77699c | — | 2022-08-24 | |
| FileHash-SHA1 | 2a6d37160f21ec13aa6c692a3ca3374db3d35e96 | — | 2022-08-24 | |
| FileHash-SHA1 | 2dbf06445a294b4f786501ef16ea4aabd8e1ad72 | — | 2022-08-24 | |
| FileHash-SHA1 | 3257a1f540455444a56975e7fd9cdb6f8148b828 | — | 2022-08-24 | |
| FileHash-SHA1 | 3de232d0a42959b20703ebb9d9376b3ef3d3015d | — | 2022-08-24 | |
| FileHash-SHA1 | 3f35fd8306d4a05fadd9095acacd8d5f297a112e | — | 2022-08-24 | |
| FileHash-SHA1 | 4c368635ecfee61a89203f3f0e84bfdd7d85073d | — | 2022-08-24 | |
| FileHash-SHA1 | 4ffb268475e3816b22aadfb147bd7cd2f211e3d5 | — | 2022-08-24 | |
| FileHash-SHA1 | 5b66e4b1556ad03b4bf072d061de0606eabe8603 | — | 2022-08-24 | |
| FileHash-SHA1 | 5e673f4c494c424ae450f2ea5c0b066f912edccb | — | 2022-08-24 | |
| FileHash-SHA1 | 672837de18d0e34f8b2a77bc2646b245671c83dc | — | 2022-08-24 | |
| FileHash-SHA1 | 6c0b4e3e3bac36f3228e69ab1e53884f76f6828b | — | 2022-08-24 | |
| FileHash-SHA1 | 6cf1ec6af6c6102c9d4929b1a83e0a463e737255 | — | 2022-08-24 | |
| FileHash-SHA1 | 73918b840384e485d009632fdf1a396758d7c515 | — | 2022-08-24 | |
| FileHash-SHA1 | 73d9a443933fb0c40dde3065ec77adad35a5c49a | — | 2022-08-24 | |
| FileHash-SHA1 | 760676a2e05d25959dee1f9ffaf3042e5f2e0f31 | — | 2022-08-24 | |
| FileHash-SHA1 | a1449c5fbf8cf126502bd68a8e8d657b3dcfd87a | — | 2022-08-24 | |
| FileHash-SHA1 | a57b73190525a729d821b6aed6849084fc1beddd | — | 2022-08-24 | |
| FileHash-SHA1 | b66dbd55ce42a61cfedd06f31725b7f56d10d548 | — | 2022-08-24 | |
| FileHash-SHA1 | bd13d22095d377938c50088e59fa3079143cb0f2 | — | 2022-08-24 | |
| FileHash-SHA1 | bde20788e2656454052aae9baf2f4d2b7c256c9d | — | 2022-08-24 | |
| FileHash-SHA1 | c2a90c68ad9d93139ebce981a409beae5d7de8bf | — | 2022-08-24 | |
| FileHash-SHA1 | cbf08fae71fcd46cc852fad7502685466c40e168 | — | 2022-08-24 | |
| FileHash-SHA1 | d70f4974bd531af674c5c2da3bc3c7d1a0ac9b54 | — | 2022-08-24 | |
| FileHash-SHA1 | dde87aefcaf788f770e5e1229db4fe73873e1c36 | — | 2022-08-24 | |
| FileHash-SHA1 | e2de10a6b517e298cb2e7da150224dfe7e5717a7 | — | 2022-08-24 | |
| FileHash-SHA1 | e4b6c56faa97493dc0f0f7c4fc2196096ef66513 | — | 2022-08-24 | |
| FileHash-SHA1 | f3a747bf10763d7d8c1cd9ccedd1e25ee195fce3 | — | 2022-08-24 | |
| FileHash-SHA1 | f4099a0884d3f1bf5602c8c6ba5265b76d7f4953 | — | 2022-08-24 | |
| FileHash-SHA1 | fb29c9daa6fdeaa945446fe7cde185d51296dc7d | — | 2022-08-24 | |
| FileHash-SHA1 | fd82b821fa2c23f2b88f64179e3a7a8905c1e40b | — | 2022-08-24 | |
| FileHash-SHA256 | 021f57e1883ba877096b94187fc73c445c21a958ebfe1c57e7e66708fd017396 | SHA256 of dde87aefcaf788f770e5e1229db4fe73873e1c36 | 2022-08-24 | |
| FileHash-SHA256 | 1cbfe068ac39ceb721bfa761ead234ee32e5e8752e09216d36028d6695e426c3 | SHA256 of 263b243df32be6d9d9878c459d2fc6491342d547 | 2022-08-24 | |
| FileHash-SHA256 | 483b2f45a06516439b1dbfedda52f135a4ccdeafd91192e64250305644e5ff48 | SHA256 of 127b66afa20a1c42e653ee4f4b64cf1ee3ed637d | 2022-08-24 | |
| FileHash-SHA256 | 5b1c94b661defea150c09b8c6251fbdbf46e3e8a955e9440c6ee40ab61a353ad | SHA256 of e4b6c56faa97493dc0f0f7c4fc2196096ef66513 | 2022-08-24 | |
| FileHash-SHA256 | aa36a34dca63a833f056accbcb653a91613e8b2283b45cbaed2b18abd47af4e6 | SHA256 of f3a747bf10763d7d8c1cd9ccedd1e25ee195fce3 | 2022-08-24 | |
| FileHash-SHA256 | adb6c0c570494247361ae8f4844af65b87bd32b7a3df3e6c56bb4252511a45bc | SHA256 of 2a62d6bcac7b0c5e75f561458e934ec45c77699c | 2022-08-24 | |
| FileHash-SHA256 | b582c0f91199cc7035a4ae9291749660a0c19eab1f10ee2054fb5f2886d5afbb | SHA256 of bd13d22095d377938c50088e59fa3079143cb0f2 | 2022-08-24 | |
| FileHash-SHA256 | bd5e556be7a8970463103a9d1a78869bff7c4c633a039bb13989a4fc7c887124 | SHA256 of f4099a0884d3f1bf5602c8c6ba5265b76d7f4953 | 2022-08-24 | |
| FileHash-SHA256 | c8e35a33254c23dc2b3773bd0554c4444600648155cf1fd35bee75591a857104 | SHA256 of 1396fdbff38b787d14b1135dcdfc367658669637 | 2022-08-24 | |
| FileHash-SHA256 | e0907f8728808b952c2b0103018fa1394c6a68d136dd3672ff610671333e5290 | SHA256 of 2a6d37160f21ec13aa6c692a3ca3374db3d35e96 | 2022-08-24 | |
| domain | adobefile.ru | — | 2022-08-24 | |
| domain | appledocs.ru | — | 2022-08-24 | |
| domain | gismolow.com | — | 2022-08-24 | |
| domain | gurumades.ru | — | 2022-08-24 | |
| domain | kinksdoc.ru | — | 2022-08-24 | |
| domain | melindas.ru | — | 2022-08-24 | |
| domain | superdocs.ru | — | 2022-08-24 |