evilquest | b72b9bc8d983a774f12aa904a32f8f735c5c1e5f98c76a20fe71b22543c6efb5 | Triage

Submit
Reports

Overview

overview

Static

static

2024-03-29...lquest

macos-10.15-amd64

Sharing

General

Target

2024-03-29_cebae058155cf3ca039881d839d9908c_adload_evilquest
Size

168KB
Sample

240329-kjh9nadc5s
MD5

cebae058155cf3ca039881d839d9908c
SHA1

82d117039c0d122249f00d7e4f43f8c63d2d19f6
SHA256

b72b9bc8d983a774f12aa904a32f8f735c5c1e5f98c76a20fe71b22543c6efb5
SHA512

378b0738e73248bdbadb7f225dc2427016a628589a01899b62b028aef9042fd6f7651335b3aa54d7754b8bced1ad4c9f9b0a5cae236cc1ae32aab2996fbba281
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9X0:5SeOQdaZNxtk8cqhSxvHY9

Score

10^/10

evilquest backdoor execution macos persistence

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

2024-03-29_cebae058155cf3ca039881d839d9908c_adload_evilquest

Resource

macos-20240214-en

evilquest backdoor execution persistence

macos-10.15-amd64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-03-29_cebae058155cf3ca039881d839d9908c_adload_evilquest
- Size
  
  168KB
- MD5
  
  cebae058155cf3ca039881d839d9908c
- SHA1
  
  82d117039c0d122249f00d7e4f43f8c63d2d19f6
- SHA256
  
  b72b9bc8d983a774f12aa904a32f8f735c5c1e5f98c76a20fe71b22543c6efb5
- SHA512
  
  378b0738e73248bdbadb7f225dc2427016a628589a01899b62b028aef9042fd6f7651335b3aa54d7754b8bced1ad4c9f9b0a5cae236cc1ae32aab2996fbba281
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9X0:5SeOQdaZNxtk8cqhSxvHY9
Score

10^/10

evilquest backdoor execution persistence
- EvilQuest
  EvilQuest family.
  backdoor evilquest
- EvilQuest payload
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

evilquestbackdoorexecutionpersistence

© 2018-2024

Terms | Privacy