Overview

overview

10

Static

static

10

2024-04-12...lquest

macos-10.15-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-04-12_b1d9795de8f92a836113d1d0a098a56b_adload_evilquest

  • Size

    177KB

  • Sample

    240412-3laz6sbb6t

  • MD5

    b1d9795de8f92a836113d1d0a098a56b

  • SHA1

    4e975e5f40cf4798f08945973bda65d4a6e3a793

  • SHA256

    75fc0061c6a215bb620dd1a21b575a04cf11fec277ad2adaf484c207fd06f3b5

  • SHA512

    83ca6f43ee800112df37829a7fc82585b4d32d415de91022c87ea941e79d27f569f101d925a51676a3c61007bbdb3b263512c4995267f5eb74c68d8b5600d1a1

  • SSDEEP

    3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9WX07:5SeOQdaZNxtk8cqhSxvHY9V

Score
10/10
evilquestbackdoorexecutionmacospersistence

Malware Config

Targets

    • Target

      2024-04-12_b1d9795de8f92a836113d1d0a098a56b_adload_evilquest

    • Size

      177KB

    • MD5

      b1d9795de8f92a836113d1d0a098a56b

    • SHA1

      4e975e5f40cf4798f08945973bda65d4a6e3a793

    • SHA256

      75fc0061c6a215bb620dd1a21b575a04cf11fec277ad2adaf484c207fd06f3b5

    • SHA512

      83ca6f43ee800112df37829a7fc82585b4d32d415de91022c87ea941e79d27f569f101d925a51676a3c61007bbdb3b263512c4995267f5eb74c68d8b5600d1a1

    • SSDEEP

      3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9WX07:5SeOQdaZNxtk8cqhSxvHY9V

    Score
    10/10
    evilquestbackdoorexecutionpersistence

    • EvilQuest

      EvilQuest family.

      backdoorevilquest

    • EvilQuest payload

    • Launch Agent

      Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.

      persistence

    • Launch Daemon

      Adversaries may create or modify Launch Daemons to execute malicious payloads as part of persistence. Launch Daemons are plist files used to interact with Launchd, the service management framework used by macOS.

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks