evilquest | 22b941cca5a789c7acef022b2d8556dfdf3ca4ac0f2ad00aa3de19c7909f29e4 | Triage

Submit
Reports

Overview

overview

Static

static

2024-02-05...lquest

macos-10.15-amd64

Sharing

General

Target

2024-02-05_6eec3e253e708a65cf1ba1fae4cd30e2_adload_evilquest
Size

168KB
Sample

240205-d9mansbehp
MD5

6eec3e253e708a65cf1ba1fae4cd30e2
SHA1

63d7cd49e05ec38ab7794be6363782d3a1cca386
SHA256

22b941cca5a789c7acef022b2d8556dfdf3ca4ac0f2ad00aa3de19c7909f29e4
SHA512

fef3c5d2fad89597894af1bfb55a48b085c658d0af737390e78852e123f42e7893dae5fe743a5eaada1e6303a095329ada388dbf7889ac5baccd1bd7b2274f56
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9c0:5SeOQdaZNxtk8cqhSxvHY9

Score

10^/10

evilquest backdoor execution macos persistence

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

2024-02-05_6eec3e253e708a65cf1ba1fae4cd30e2_adload_evilquest

Resource

macos-20231201-en

evilquest backdoor execution persistence

macos-10.15-amd64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-02-05_6eec3e253e708a65cf1ba1fae4cd30e2_adload_evilquest
- Size
  
  168KB
- MD5
  
  6eec3e253e708a65cf1ba1fae4cd30e2
- SHA1
  
  63d7cd49e05ec38ab7794be6363782d3a1cca386
- SHA256
  
  22b941cca5a789c7acef022b2d8556dfdf3ca4ac0f2ad00aa3de19c7909f29e4
- SHA512
  
  fef3c5d2fad89597894af1bfb55a48b085c658d0af737390e78852e123f42e7893dae5fe743a5eaada1e6303a095329ada388dbf7889ac5baccd1bd7b2274f56
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9c0:5SeOQdaZNxtk8cqhSxvHY9
Score

10^/10

evilquest backdoor execution persistence
- EvilQuest
  EvilQuest family.
  backdoor evilquest
- EvilQuest payload
- Launch Agent
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evilquestbackdoorexecutionpersistence

© 2018-2024

Terms | Privacy