Skip to content

Hide Navigation Hide TOC

iKitten - S0278 (2cfe8a26-5be7-4a09-8915-ea3d9e787513)

iKitten is a macOS exfiltration agent (Citation: objsee mac malware 2017).

Cluster A Galaxy A Cluster B Galaxy B Level
System Network Configuration Discovery - T1016 (707399d6-ab3e-4963-9315-d9d3818cd6a0) Attack Pattern iKitten - S0278 (2cfe8a26-5be7-4a09-8915-ea3d9e787513) Malware 1
iKitten - S0278 (2cfe8a26-5be7-4a09-8915-ea3d9e787513) Malware GUI Input Capture - T1056.002 (a2029942-0a85-4947-b23c-ca434698171d) Attack Pattern 1
iKitten - S0278 (2cfe8a26-5be7-4a09-8915-ea3d9e787513) Malware Archive via Utility - T1560.001 (00f90846-cbd1-4fc5-9233-df5c2bf2a662) Attack Pattern 1
iKitten - S0278 (2cfe8a26-5be7-4a09-8915-ea3d9e787513) Malware RC Scripts - T1037.004 (dca670cf-eeec-438f-8185-fd959d9ef211) Attack Pattern 1
Keychain - T1555.001 (1eaebf46-e361-4437-bc23-d5d65a3b92e3) Attack Pattern iKitten - S0278 (2cfe8a26-5be7-4a09-8915-ea3d9e787513) Malware 1
Process Discovery - T1057 (8f4a33ec-8b1f-4b80-a2f6-642b2e479580) Attack Pattern iKitten - S0278 (2cfe8a26-5be7-4a09-8915-ea3d9e787513) Malware 1
iKitten - S0278 (2cfe8a26-5be7-4a09-8915-ea3d9e787513) Malware Hidden Files and Directories - T1564.001 (ec8fc7e2-b356-455c-8db5-2e37be158e7d) Attack Pattern 1
GUI Input Capture - T1056.002 (a2029942-0a85-4947-b23c-ca434698171d) Attack Pattern Input Capture - T1056 (bb5a00de-e086-4859-a231-fa793f6797e2) Attack Pattern 2
Archive Collected Data - T1560 (53ac20cd-aca3-406e-9aa0-9fc7fdc60a5a) Attack Pattern Archive via Utility - T1560.001 (00f90846-cbd1-4fc5-9233-df5c2bf2a662) Attack Pattern 2
RC Scripts - T1037.004 (dca670cf-eeec-438f-8185-fd959d9ef211) Attack Pattern Boot or Logon Initialization Scripts - T1037 (03259939-0b57-482f-8eb5-87c0e0d54334) Attack Pattern 2
Keychain - T1555.001 (1eaebf46-e361-4437-bc23-d5d65a3b92e3) Attack Pattern Credentials from Password Stores - T1555 (3fc9b85a-2862-4363-a64d-d692e3ffbee0) Attack Pattern 2
Hidden Files and Directories - T1564.001 (ec8fc7e2-b356-455c-8db5-2e37be158e7d) Attack Pattern Hide Artifacts - T1564 (22905430-4901-4c2a-84f6-98243cb173f8) Attack Pattern 2