Resubmissions

12-04-2024 22:19

240412-18gecsac7x 10

12-04-2024 22:16

240412-16splsac4w 10

General

  • Target

    Mixed In Key 8.dmg

  • Size

    10.4MB

  • Sample

    240412-18gecsac7x

  • MD5

    58680abd58baca826c2029f32e5b78b3

  • SHA1

    98040c4d358a6fb9fed970df283a9b25f0ab393b

  • SHA256

    b34738e181a6119f23e930476ae949fc0c7c4ded6efa003019fa946c4e5b287a

  • SHA512

    be852ea2a0ce7a119392f6f28033dfcec27ac897f3479767287da8e5b2babd2cff95b94c399e64d5f219fbef3508a3a2f2b2f4346e057ddce416353825994d28

  • SSDEEP

    196608:1kBu2wBiw00Bsqbxxf15AS2710A8O2RgXuHueFrs/7M+49/jhHh/:ig2whsQr5ASEcO28enS/7J4tT/

Malware Config

Targets

    • Target

      Mixed In Key 8.dmg

    • Size

      10.4MB

    • MD5

      58680abd58baca826c2029f32e5b78b3

    • SHA1

      98040c4d358a6fb9fed970df283a9b25f0ab393b

    • SHA256

      b34738e181a6119f23e930476ae949fc0c7c4ded6efa003019fa946c4e5b287a

    • SHA512

      be852ea2a0ce7a119392f6f28033dfcec27ac897f3479767287da8e5b2babd2cff95b94c399e64d5f219fbef3508a3a2f2b2f4346e057ddce416353825994d28

    • SSDEEP

      196608:1kBu2wBiw00Bsqbxxf15AS2710A8O2RgXuHueFrs/7M+49/jhHh/:ig2whsQr5ASEcO28enS/7J4tT/

    • EvilQuest

      EvilQuest family.

    • EvilQuest payload

    • Compromise Client Software Binary

      Adversaries may modify client software binaries to establish persistent access to systems. Client software enables users to access services provided by a server.

    • File Permission

      Adversaries may modify file permissions/attributes to evade access control lists (ACLs) and access protected files.

    • Installer Packages

      Adversaries may establish persistence and elevate privileges by using an installer to trigger the execution of malicious content. Installer packages are OS specific and contain the resources an operating system needs to install applications on a system.

    • Launch Daemon

      Adversaries may create or modify Launch Daemons to execute malicious payloads as part of persistence. Launch Daemons are plist files used to interact with Launchd, the service management framework used by macOS.

MITRE ATT&CK Enterprise v15

Tasks