evilquest | a0ea0e00b8ee8854592b53698ff6f65459aed05410b2e7080bdfd63681c928b0 | Triage

Submit
Reports

Overview

overview

Static

static

2024-03-07...lquest

macos-10.15-amd64

Sharing

General

Target

2024-03-07_ad79d73d5883f116fb5fafacf5adfe5c_adload_evilquest
Size

168KB
Sample

240307-2jwcnaga38
MD5

ad79d73d5883f116fb5fafacf5adfe5c
SHA1

79b9393d5180cfa38afb5e80e35fdedbeaca2c85
SHA256

a0ea0e00b8ee8854592b53698ff6f65459aed05410b2e7080bdfd63681c928b0
SHA512

3108c3290efffc08be378db816a13ebb6db0463c5b6abe5fd2dd77ae8463a170c6b514fc6849c11a9d012937e6d9760c7be78ded9319034db08d1ddbd9cd483c
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9P0:5SeOQdaZNxtk8cqhSxvHY9

Score

10^/10

evilquest backdoor execution macos persistence

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

2024-03-07_ad79d73d5883f116fb5fafacf5adfe5c_adload_evilquest

Resource

macos-20240214-en

evilquest backdoor execution persistence

macos-10.15-amd64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-03-07_ad79d73d5883f116fb5fafacf5adfe5c_adload_evilquest
- Size
  
  168KB
- MD5
  
  ad79d73d5883f116fb5fafacf5adfe5c
- SHA1
  
  79b9393d5180cfa38afb5e80e35fdedbeaca2c85
- SHA256
  
  a0ea0e00b8ee8854592b53698ff6f65459aed05410b2e7080bdfd63681c928b0
- SHA512
  
  3108c3290efffc08be378db816a13ebb6db0463c5b6abe5fd2dd77ae8463a170c6b514fc6849c11a9d012937e6d9760c7be78ded9319034db08d1ddbd9cd483c
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9P0:5SeOQdaZNxtk8cqhSxvHY9
Score

10^/10

evilquest backdoor execution persistence
- EvilQuest
  EvilQuest family.
  backdoor evilquest
- EvilQuest payload
- Launch Agent
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evilquestbackdoorexecutionpersistence

© 2018-2025

Terms | Privacy