S0281macOS

S0281Dok

Platforms
1
ATT&CK
14.1
References
4

Description

[Dok](https://attack.mitre.org/software/S0281) is a Trojan application disguised as a .zip file that is able to collect user credentials and install a malicious proxy server to redirect a user's network traffic (i.e. [Adversary-in-the-Middle](https://attack.mitre.org/techniques/T1557)).(Citation: objsee mac malware 2017)(Citation: hexed osx.dok analysis 2019)(Citation: CheckPoint Dok)

Platforms· 1

macOS

Uses1

TypeTargetConfidenceTier
TechniqueAdversary-in-the-Middlet155795%live

References

  1. https://attack.mitre.org/software/S0281
  2. https://objective-see.com/blog/blog_0x25.html
  3. http://www.hexed.in/2019/07/osxdok-analysis.html
  4. https://blog.checkpoint.com/2017/04/27/osx-malware-catching-wants-read-https-traffic/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
Komplex
Software
XAgentOSX
Software
MacSpy
Software
OSX_OCEANLOTUS.D
Software
iKitten
Software
Doki
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.