evilquest | 31713adac874ff763558bf8574101523171d97e88d25478978ff59e6a9a1d920 | Triage

Sharing

General

Target

0095fcb2ca39c6c0a51baf727c88f82a_JaffaCakes118
Size

168KB
Sample

240426-msh2csef8y
MD5

0095fcb2ca39c6c0a51baf727c88f82a
SHA1

8e8119f8ebc17e0ee5694a227a48b8758bd81bdb
SHA256

31713adac874ff763558bf8574101523171d97e88d25478978ff59e6a9a1d920
SHA512

de78f5ec0b7a02fe99ce66b11f9dd03a6946d5370a4cdb1da65e61a748e800b499a0c89dcdee9e587ce994f99852529894f73dc5e07dfb7e6be89790405861b4
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9ed0:5SeOQdaZNxtk8cqhSxvHY9

Score

10^/10

evilquest execution macos persistence

Malware Config

Targets

- Target
  
  0095fcb2ca39c6c0a51baf727c88f82a_JaffaCakes118
- Size
  
  168KB
- MD5
  
  0095fcb2ca39c6c0a51baf727c88f82a
- SHA1
  
  8e8119f8ebc17e0ee5694a227a48b8758bd81bdb
- SHA256
  
  31713adac874ff763558bf8574101523171d97e88d25478978ff59e6a9a1d920
- SHA512
  
  de78f5ec0b7a02fe99ce66b11f9dd03a6946d5370a4cdb1da65e61a748e800b499a0c89dcdee9e587ce994f99852529894f73dc5e07dfb7e6be89790405861b4
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9ed0:5SeOQdaZNxtk8cqhSxvHY9
Score

5^/10

execution persistence
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

executionpersistence