evilquest | 446127e30333aa9e5cc03b1885359bb12b2e191351de26d349fd938977cb2357 | Triage

Sharing

General

Target

2024-04-12_7fda57fcd30c026b61a5cd9941326b72_adload_evilquest
Size

168KB
Sample

240412-3jlnwsbb21
MD5

7fda57fcd30c026b61a5cd9941326b72
SHA1

2f64a88df304989b35274fa0981d90a8192d4861
SHA256

446127e30333aa9e5cc03b1885359bb12b2e191351de26d349fd938977cb2357
SHA512

32ede210046ff526be4a70456d423fb4c14a261f9eb44c1d9a814e3fad3a39eb4f2f68db0b2f81d92f64598fbc99a1e58cc4ec78ccae6fa791d72be15653363a
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9WX0:5SeOQdaZNxtk8cqhSxvHY9

Score

10^/10

evilquest execution macos persistence

Malware Config

Targets

- Target
  
  2024-04-12_7fda57fcd30c026b61a5cd9941326b72_adload_evilquest
- Size
  
  168KB
- MD5
  
  7fda57fcd30c026b61a5cd9941326b72
- SHA1
  
  2f64a88df304989b35274fa0981d90a8192d4861
- SHA256
  
  446127e30333aa9e5cc03b1885359bb12b2e191351de26d349fd938977cb2357
- SHA512
  
  32ede210046ff526be4a70456d423fb4c14a261f9eb44c1d9a814e3fad3a39eb4f2f68db0b2f81d92f64598fbc99a1e58cc4ec78ccae6fa791d72be15653363a
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9WX0:5SeOQdaZNxtk8cqhSxvHY9
Score

5^/10

execution persistence
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

executionpersistence