Cody Thomas developed Apfell, an open-source macOS post-exploitation framework, in 2018 and evolved into Mythic, a cross-platform framework that addresses the limitations of existing tools.  Mythic provides a unified interface for managing agents written in various languages for different platforms, which allows for flexibility and customization, enabling the creation of agents with specific functionalities.  Currently, the official Mythic repository houses over two dozen agents, where the Loki agent employs a modified djb2 hashing algorithm to obscure API functions and commands, which involves using a different magic number (2231) compared to the original Havoc agent.  The hash value is calculated by iterating through the string, shifting the value left by 5 bits, adding the original hash value, and then adding the current character, which makes it more difficult to analyze and identify the agent’s behavior. An example of the data sent before encryption by the July version of Loki, with the UUID visible on the right The Loki loader, a piece of malware, sends encrypted information about the infected system to a command-and-control server.

Source: GBHackers