Overview

overview

10

Static

static

10

2024-03-31...lquest

macos-10.15-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-03-31_204151930f024dbf555c643c639c4f64_adload_evilquest

  • Size

    389KB

  • Sample

    240331-nnf7msaf5z

  • MD5

    204151930f024dbf555c643c639c4f64

  • SHA1

    f69c7d28132deb9b471d6dddb5f1591e8da0a2d6

  • SHA256

    a39f80c93b646d9e94ad659142475ff307a4509e6f9d0d67441d188c58c4b14b

  • SHA512

    318794bb4c8cff70ab608e8bfd8ab2131d2d83d7bb9cc2b9923b3c2f57197e3c922ff56e8a418717c18649b55d7ac6e2a0686bcc3414ba94aa7fbf18992ef63e

  • SSDEEP

    6144:5SeOQdaZNxtk8cqhSxvHY9BnjCIQwa6QXbYRPuCnfL08Y/ok5XM7mM6QS7MkBh:5LOQdaDxq8cqavHYjWIDaJXcl/nfg801

Score
10/10
evilquestbackdoorexecutionmacospersistence

Malware Config

Targets

    • Target

      2024-03-31_204151930f024dbf555c643c639c4f64_adload_evilquest

    • Size

      389KB

    • MD5

      204151930f024dbf555c643c639c4f64

    • SHA1

      f69c7d28132deb9b471d6dddb5f1591e8da0a2d6

    • SHA256

      a39f80c93b646d9e94ad659142475ff307a4509e6f9d0d67441d188c58c4b14b

    • SHA512

      318794bb4c8cff70ab608e8bfd8ab2131d2d83d7bb9cc2b9923b3c2f57197e3c922ff56e8a418717c18649b55d7ac6e2a0686bcc3414ba94aa7fbf18992ef63e

    • SSDEEP

      6144:5SeOQdaZNxtk8cqhSxvHY9BnjCIQwa6QXbYRPuCnfL08Y/ok5XM7mM6QS7MkBh:5LOQdaDxq8cqavHYjWIDaJXcl/nfg801

    Score
    10/10
    evilquestbackdoorexecutionpersistence

    • EvilQuest

      EvilQuest family.

      backdoorevilquest

    • EvilQuest payload

    • Launch Agent

      Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.

      persistence

    • Launch Daemon

      Adversaries may create or modify Launch Daemons to execute malicious payloads as part of persistence. Launch Daemons are plist files used to interact with Launchd, the service management framework used by macOS.

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks