evilquest | 3971b47aaee4685fb25e142d6ffa4012d16353fb379e8030c952ec8aab9a44c7 | Triage

Submit
Reports

Overview

overview

Static

static

01215226bf...kes118

macos-10.15-amd64

Sharing

General

Target

01215226bf408f3c71fcc7fd67fe00d4_JaffaCakes118
Size

168KB
Sample

240426-tb2kpsfa36
MD5

01215226bf408f3c71fcc7fd67fe00d4
SHA1

5d7cc9ee01aecf22d362b3e085d46a543ac81002
SHA256

3971b47aaee4685fb25e142d6ffa4012d16353fb379e8030c952ec8aab9a44c7
SHA512

ef7e2c1eb313536a531ec3cfe39542fab06666a021127249d4bf1bc51bef036b6421f7c908e6bb1be78d48ef76e2e00ad62bfea14993c5bc1031a5de96e51222
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9L0:5SeOQdaZNxtk8cqhSxvHY9

Score

10^/10

evilquest backdoor evasion execution macos persistence

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

01215226bf408f3c71fcc7fd67fe00d4_JaffaCakes118

Resource

macos-20240410-en

evilquest backdoor evasion execution persistence

macos-10.15-amd64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  01215226bf408f3c71fcc7fd67fe00d4_JaffaCakes118
- Size
  
  168KB
- MD5
  
  01215226bf408f3c71fcc7fd67fe00d4
- SHA1
  
  5d7cc9ee01aecf22d362b3e085d46a543ac81002
- SHA256
  
  3971b47aaee4685fb25e142d6ffa4012d16353fb379e8030c952ec8aab9a44c7
- SHA512
  
  ef7e2c1eb313536a531ec3cfe39542fab06666a021127249d4bf1bc51bef036b6421f7c908e6bb1be78d48ef76e2e00ad62bfea14993c5bc1031a5de96e51222
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9L0:5SeOQdaZNxtk8cqhSxvHY9
Score

10^/10

evilquest backdoor evasion execution persistence
- EvilQuest
  EvilQuest family.
  backdoor evilquest
- EvilQuest payload
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Hide Artifacts

Resource Forking

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evilquestbackdoorevasionexecutionpersistence

© 2018-2024

Terms | Privacy