OSX/Jahlav evading scanners detection
OSX/Jahlav new variant shows a little trick to evade AV (security scanners ) detection.
The same trick for the next script …
So it stops here since the last decoded script remains the same except on the IP address value.
Unfortunately, this changes affects the container as well which is the DMG file. Overall, we are not seeing significant change here although it is obvious the author wants to maximize infection.