evilquest | 5297cb270c07f8ef444c844a7dfc505a182db276fe442083270dc6ac20ecaf4d | Triage

Submit
Reports

Overview

overview

Static

static

01b76a68f8...kes118

macos-10.15-amd64

Sharing

General

Target

01b76a68f8d4fb92f79a6a1093ad1e3f_JaffaCakes118
Size

168KB
Sample

240426-1g1zpade6x
MD5

01b76a68f8d4fb92f79a6a1093ad1e3f
SHA1

0156159924b3caa482f9eba6e62c63a49d867bb9
SHA256

5297cb270c07f8ef444c844a7dfc505a182db276fe442083270dc6ac20ecaf4d
SHA512

525ce2abfaf0a2cc19bb89b37eaba916043a902f50dee56dcb15842ddc99de908f37fbdae14bcd779bdd067db4078094d0ca7e831cfd59a3ca613634622611fc
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9S0:5SeOQdaZNxtk8cqhSxvHY9

Score

10^/10

evilquest backdoor evasion execution macos persistence

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

01b76a68f8d4fb92f79a6a1093ad1e3f_JaffaCakes118

Resource

macos-20240410-en

evilquest backdoor evasion execution persistence

macos-10.15-amd64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  01b76a68f8d4fb92f79a6a1093ad1e3f_JaffaCakes118
- Size
  
  168KB
- MD5
  
  01b76a68f8d4fb92f79a6a1093ad1e3f
- SHA1
  
  0156159924b3caa482f9eba6e62c63a49d867bb9
- SHA256
  
  5297cb270c07f8ef444c844a7dfc505a182db276fe442083270dc6ac20ecaf4d
- SHA512
  
  525ce2abfaf0a2cc19bb89b37eaba916043a902f50dee56dcb15842ddc99de908f37fbdae14bcd779bdd067db4078094d0ca7e831cfd59a3ca613634622611fc
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9S0:5SeOQdaZNxtk8cqhSxvHY9
Score

10^/10

evilquest backdoor evasion execution persistence
- EvilQuest
  EvilQuest family.
  backdoor evilquest
- EvilQuest payload
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Hide Artifacts

Resource Forking

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evilquestbackdoorevasionexecutionpersistence

© 2018-2024

Terms | Privacy