evilquest | 928f2a2c1659dbbcfcfbeaefe0b34e0e76c30fa02f3675921f943d579254eaa3 | Triage

Submit
Reports

Overview

overview

Static

static

2024-02-05...lquest

macos-10.15-amd64

Sharing

General

Target

2024-02-05_129e29893ae8b05d2cc0625a3c35bf92_adload_evilquest
Size

182KB
Sample

240205-rqrypsbgck
MD5

129e29893ae8b05d2cc0625a3c35bf92
SHA1

35809187921985575ba5c2e694d44d339cb13434
SHA256

928f2a2c1659dbbcfcfbeaefe0b34e0e76c30fa02f3675921f943d579254eaa3
SHA512

ab3219c548340a5ce9e6167c51f0e915f255b18863120f1fd3c32e3bc6e7a6cc83c60fd18fd2425fb8c8273a6ad30ff2c500044d8417ce16444c52b0b81ea6c5
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9F04Gd:5SeOQdaZNxtk8cqhSxvHY9lGd

Score

10^/10

evilquest backdoor execution macos persistence

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

2024-02-05_129e29893ae8b05d2cc0625a3c35bf92_adload_evilquest

Resource

macos-20231201-en

evilquest backdoor execution persistence

macos-10.15-amd64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-02-05_129e29893ae8b05d2cc0625a3c35bf92_adload_evilquest
- Size
  
  182KB
- MD5
  
  129e29893ae8b05d2cc0625a3c35bf92
- SHA1
  
  35809187921985575ba5c2e694d44d339cb13434
- SHA256
  
  928f2a2c1659dbbcfcfbeaefe0b34e0e76c30fa02f3675921f943d579254eaa3
- SHA512
  
  ab3219c548340a5ce9e6167c51f0e915f255b18863120f1fd3c32e3bc6e7a6cc83c60fd18fd2425fb8c8273a6ad30ff2c500044d8417ce16444c52b0b81ea6c5
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9F04Gd:5SeOQdaZNxtk8cqhSxvHY9lGd
Score

10^/10

evilquest backdoor execution persistence
- EvilQuest
  EvilQuest family.
  backdoor evilquest
- EvilQuest payload
- Launch Agent
  persistence
- Launch Daemon
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Launch Daemon

Privilege Escalation

Create or Modify System Process

Launch Agent

Launch Daemon

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evilquestbackdoorexecutionpersistence

© 2018-2024

Terms | Privacy