evilquest | 40640f5d77dbdf121d54759bd70d5b83f8328bb1e43dbbafb550a05f379f024c | Triage

Sharing

General

Target

0053abe0aa6a3147ca23d69564217896_JaffaCakes118
Size

168KB
Sample

240426-jv3xrscc2s
MD5

0053abe0aa6a3147ca23d69564217896
SHA1

7d53ff0cdbaef47c5f9db976a8d851b71c9aff62
SHA256

40640f5d77dbdf121d54759bd70d5b83f8328bb1e43dbbafb550a05f379f024c
SHA512

cea912246d708dbfc486be216990c25d487b5a309a832ade3bb712b92d4aba2c6b58571a84fb339d97411746683c4409726b769ae283fce680efe99a3de0274d
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9jI0:5SeOQdaZNxtk8cqhSxvHY9j

Score

10^/10

evilquest execution macos persistence

Malware Config

Targets

- Target
  
  0053abe0aa6a3147ca23d69564217896_JaffaCakes118
- Size
  
  168KB
- MD5
  
  0053abe0aa6a3147ca23d69564217896
- SHA1
  
  7d53ff0cdbaef47c5f9db976a8d851b71c9aff62
- SHA256
  
  40640f5d77dbdf121d54759bd70d5b83f8328bb1e43dbbafb550a05f379f024c
- SHA512
  
  cea912246d708dbfc486be216990c25d487b5a309a832ade3bb712b92d4aba2c6b58571a84fb339d97411746683c4409726b769ae283fce680efe99a3de0274d
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9jI0:5SeOQdaZNxtk8cqhSxvHY9j
Score

5^/10

execution persistence
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

executionpersistence