evilquest | c0c229a4f76e3d700d7d7438834378f1a2128452212ac9a8508576f255cc59be | Triage

Sharing

General

Target

00731aa3fe294d6ae7a3d2c7a9e11430_JaffaCakes118
Size

168KB
Sample

240426-k7amesdd2z
MD5

00731aa3fe294d6ae7a3d2c7a9e11430
SHA1

0e1a53b652f950ba1881b5e9d0207296d1674312
SHA256

c0c229a4f76e3d700d7d7438834378f1a2128452212ac9a8508576f255cc59be
SHA512

a2be0a8d09aa6cd47737b6d2b7caffd9d5977bfeacc4205b3879525715407eb2e66c4b24b3840451fec633fa070c4df8c47161cc1386f55d72e4db269de4088c
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9FZ0:5SeOQdaZNxtk8cqhSxvHY9

Score

10^/10

evilquest execution macos persistence

Malware Config

Targets

- Target
  
  00731aa3fe294d6ae7a3d2c7a9e11430_JaffaCakes118
- Size
  
  168KB
- MD5
  
  00731aa3fe294d6ae7a3d2c7a9e11430
- SHA1
  
  0e1a53b652f950ba1881b5e9d0207296d1674312
- SHA256
  
  c0c229a4f76e3d700d7d7438834378f1a2128452212ac9a8508576f255cc59be
- SHA512
  
  a2be0a8d09aa6cd47737b6d2b7caffd9d5977bfeacc4205b3879525715407eb2e66c4b24b3840451fec633fa070c4df8c47161cc1386f55d72e4db269de4088c
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9FZ0:5SeOQdaZNxtk8cqhSxvHY9
Score

5^/10

execution persistence
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

executionpersistence