evilquest | 092681010fbf6c1e9de789b513ea8194c18b5017de49f1fe62a4e3109c62f03a | Triage

Submit
Reports

Overview

overview

Static

static

004f32f06e...kes118

macos-10.15-amd64

Sharing

General

Target

004f32f06ebfcfee51eeefb49a659c87_JaffaCakes118
Size

168KB
Sample

240426-jnabwaca97
MD5

004f32f06ebfcfee51eeefb49a659c87
SHA1

8a89f63e9749eacec648753e9fa9f789bccdb6be
SHA256

092681010fbf6c1e9de789b513ea8194c18b5017de49f1fe62a4e3109c62f03a
SHA512

31cfb4bee2a352c74fa16b116bd2218e40e27ef3416494b7b2fa49db54035987c998e40ea8271c6b69cdcd096d3b62b92ea791a8646a4aedbdfcddddca50118c
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9BY0:5SeOQdaZNxtk8cqhSxvHY9B

Score

10^/10

evilquest backdoor evasion execution macos persistence

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

004f32f06ebfcfee51eeefb49a659c87_JaffaCakes118

Resource

macos-20240410-en

evilquest backdoor evasion execution persistence

macos-10.15-amd64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  004f32f06ebfcfee51eeefb49a659c87_JaffaCakes118
- Size
  
  168KB
- MD5
  
  004f32f06ebfcfee51eeefb49a659c87
- SHA1
  
  8a89f63e9749eacec648753e9fa9f789bccdb6be
- SHA256
  
  092681010fbf6c1e9de789b513ea8194c18b5017de49f1fe62a4e3109c62f03a
- SHA512
  
  31cfb4bee2a352c74fa16b116bd2218e40e27ef3416494b7b2fa49db54035987c998e40ea8271c6b69cdcd096d3b62b92ea791a8646a4aedbdfcddddca50118c
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9BY0:5SeOQdaZNxtk8cqhSxvHY9B
Score

10^/10

evilquest backdoor evasion execution persistence
- EvilQuest
  EvilQuest family.
  backdoor evilquest
- EvilQuest payload
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Hide Artifacts

Resource Forking

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evilquestbackdoorevasionexecutionpersistence

© 2018-2024

Terms | Privacy