Overview

overview

10

Static

static

10

2024-04-07...lquest

macos-10.15-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-04-07_55c99e0e864f768bdfc16356f047c2fb_adload_evilquest

  • Size

    182KB

  • Sample

    240407-d8b4bacf36

  • MD5

    55c99e0e864f768bdfc16356f047c2fb

  • SHA1

    0aa9854546b29b996d769e939e4d7a9544dc235a

  • SHA256

    67e59730ede81cd86504205ed650018529b6af21e6f00da90da95f1beb8e1317

  • SHA512

    5013c835f960c570340f79229c6e5c39ca86a76709faed1d51171b0666cd8ff476432d5565fea283e53963c0a9e11a9993a176c1df6cd6a23ceaf93f359330d8

  • SSDEEP

    3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9SI04Gd:5SeOQdaZNxtk8cqhSxvHY9XGd

Score
10/10
evilquestbackdoorexecutionmacospersistence

Malware Config

Targets

    • Target

      2024-04-07_55c99e0e864f768bdfc16356f047c2fb_adload_evilquest

    • Size

      182KB

    • MD5

      55c99e0e864f768bdfc16356f047c2fb

    • SHA1

      0aa9854546b29b996d769e939e4d7a9544dc235a

    • SHA256

      67e59730ede81cd86504205ed650018529b6af21e6f00da90da95f1beb8e1317

    • SHA512

      5013c835f960c570340f79229c6e5c39ca86a76709faed1d51171b0666cd8ff476432d5565fea283e53963c0a9e11a9993a176c1df6cd6a23ceaf93f359330d8

    • SSDEEP

      3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9SI04Gd:5SeOQdaZNxtk8cqhSxvHY9XGd

    Score
    10/10
    evilquestbackdoorexecutionpersistence

    • EvilQuest

      EvilQuest family.

      backdoorevilquest

    • EvilQuest payload

    • Launch Agent

      Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.

      persistence

    • Launch Daemon

      Adversaries may create or modify Launch Daemons to execute malicious payloads as part of persistence. Launch Daemons are plist files used to interact with Launchd, the service management framework used by macOS.

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks