11 строки
364 B
Plaintext
11 строки
364 B
Plaintext
// Backdoor processes associated with OceanLotus Mac Malware Backdoor
|
|
// References:
|
|
// https://blog.trendmicro.com/trendlabs-security-intelligence/new-macos-backdoor-linked-to-oceanlotus-found/
|
|
//
|
|
// OS platforms: Macintosh
|
|
DeviceProcessEvents
|
|
| where Timestamp > ago(14d)
|
|
| where FileName in~ ("screenassistantd","spellagentd")
|
|
| top 100 by Timestamp
|
|
|