JXA In-memory Execution Via OSAScript (f1408a58-0e94-4165-b80a-da9f96cf6fc3)

Detects possible malicious execution of JXA in-memory via OSAScript

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
JavaScript - T1059.007 (0f4a0c76-ab2d-4cb0-85d3-3f0efb8cba0d)	Attack Pattern	JXA In-memory Execution Via OSAScript (f1408a58-0e94-4165-b80a-da9f96cf6fc3)	Sigma-Rules	1
AppleScript - T1059.002 (37b11151-1776-4f8f-b328-30939fbf2ceb)	Attack Pattern	JXA In-memory Execution Via OSAScript (f1408a58-0e94-4165-b80a-da9f96cf6fc3)	Sigma-Rules	1
JavaScript - T1059.007 (0f4a0c76-ab2d-4cb0-85d3-3f0efb8cba0d)	Attack Pattern	Command and Scripting Interpreter - T1059 (7385dfaf-6886-4229-9ecd-6fd678040830)	Attack Pattern	2
AppleScript - T1059.002 (37b11151-1776-4f8f-b328-30939fbf2ceb)	Attack Pattern	Command and Scripting Interpreter - T1059 (7385dfaf-6886-4229-9ecd-6fd678040830)	Attack Pattern	2