evilquest | c61f174615469ed5f75da6bdf0b329c256e27729b0ff0facd8b790e0bad4bb98 | Triage

Submit
Reports

Overview

overview

Static

static

2024-03-08...lquest

macos-10.15-amd64

Sharing

General

Target

2024-03-08_1d97e70b42e21d2b944bd1f3828fbb6c_adload_evilquest
Size

168KB
Sample

240308-h9jl1aac44
MD5

1d97e70b42e21d2b944bd1f3828fbb6c
SHA1

2f9b71559c07a1df658d5f189fe73e90c623df0e
SHA256

c61f174615469ed5f75da6bdf0b329c256e27729b0ff0facd8b790e0bad4bb98
SHA512

ac3d07acce18c2010a6d76caa387512db75967b865f54886ac951d6adcc9236eb3192239886bde2ac4a83ea7043453fab04850f65aeb8c6b21e44447adaefbb6
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9T3W0:5SeOQdaZNxtk8cqhSxvHY9

Score

10^/10

evilquest backdoor execution macos persistence

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

2024-03-08_1d97e70b42e21d2b944bd1f3828fbb6c_adload_evilquest

Resource

macos-20240214-en

evilquest backdoor execution persistence

macos-10.15-amd64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-03-08_1d97e70b42e21d2b944bd1f3828fbb6c_adload_evilquest
- Size
  
  168KB
- MD5
  
  1d97e70b42e21d2b944bd1f3828fbb6c
- SHA1
  
  2f9b71559c07a1df658d5f189fe73e90c623df0e
- SHA256
  
  c61f174615469ed5f75da6bdf0b329c256e27729b0ff0facd8b790e0bad4bb98
- SHA512
  
  ac3d07acce18c2010a6d76caa387512db75967b865f54886ac951d6adcc9236eb3192239886bde2ac4a83ea7043453fab04850f65aeb8c6b21e44447adaefbb6
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9T3W0:5SeOQdaZNxtk8cqhSxvHY9
Score

10^/10

evilquest backdoor execution persistence
- EvilQuest
  EvilQuest family.
  backdoor evilquest
- EvilQuest payload
- Launch Agent
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evilquestbackdoorexecutionpersistence

© 2018-2025

Terms | Privacy