evilquest | 6b28687c58bff8c038a61097110887dd47af94c40daa6ab612c805c6b8734364 | Triage

Submit
Reports

Overview

overview

Static

static

2024-02-05...lquest

macos-10.15-amd64

Sharing

General

Target

2024-02-05_af4519e45c94cf82518e26a4dbac939d_adload_evilquest
Size

182KB
Sample

240205-r4ekjaacf8
MD5

af4519e45c94cf82518e26a4dbac939d
SHA1

889ea3955a3304e06b60bb399b0ef874db812065
SHA256

6b28687c58bff8c038a61097110887dd47af94c40daa6ab612c805c6b8734364
SHA512

27733ce0000c0b3f78823653ebfdadb3609e42da32a4bfb558a844968b33cdd6d21fdd5c3a2687124855712a60230721cac938b146111a3a3d9010fe13a408ee
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9F0wl9:5SeOQdaZNxtk8cqhSxvHY957

Score

10^/10

evilquest backdoor execution macos persistence

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

2024-02-05_af4519e45c94cf82518e26a4dbac939d_adload_evilquest

Resource

macos-20231201-en

evilquest backdoor execution persistence

macos-10.15-amd64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-02-05_af4519e45c94cf82518e26a4dbac939d_adload_evilquest
- Size
  
  182KB
- MD5
  
  af4519e45c94cf82518e26a4dbac939d
- SHA1
  
  889ea3955a3304e06b60bb399b0ef874db812065
- SHA256
  
  6b28687c58bff8c038a61097110887dd47af94c40daa6ab612c805c6b8734364
- SHA512
  
  27733ce0000c0b3f78823653ebfdadb3609e42da32a4bfb558a844968b33cdd6d21fdd5c3a2687124855712a60230721cac938b146111a3a3d9010fe13a408ee
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9F0wl9:5SeOQdaZNxtk8cqhSxvHY957
Score

10^/10

evilquest backdoor execution persistence
- EvilQuest
  EvilQuest family.
  backdoor evilquest
- EvilQuest payload
- Launch Agent
  persistence
- Launch Daemon
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Launch Daemon

Privilege Escalation

Create or Modify System Process

Launch Agent

Launch Daemon

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evilquestbackdoorexecutionpersistence

© 2018-2024

Terms | Privacy