Check out the results from our first round of ATT&CK Evaluations at attackevals.mitre.org!

CallMe

CallMe is a Trojan designed to run on Apple OSX. It is based on a publicly available tool called Tiny SHell. [1]

ID: S0077
Aliases: CallMe
Type: MALWARE
Platforms: macOS

Version: 1.0

Techniques Used

DomainIDNameUse
EnterpriseT1059Command-Line InterfaceCallMe has the capability to create a reverse shell on victims.[1]
EnterpriseT1041Exfiltration Over Command and Control ChannelCallMe exfiltrates data to its C2 server over the same protocol as C2 communications.[1]
EnterpriseT1105Remote File CopyCallMe has the capability to download a file to the victim from the C2 server.[1]
EnterpriseT1032Standard Cryptographic ProtocolCallMe uses AES to encrypt C2 traffic.[1]

Groups

Groups that use this software:

Scarlet Mimic

References