evilquest | 04c8309b1b63cdc0918936aa4f1b27407a5256fafa3bd21833b95e1a2aef3fe3 | Triage

Sharing

General

Target

01a4529312354cf7bb86f1499958aee1_JaffaCakes118
Size

337KB
Sample

240426-zpbt4ach2v
MD5

01a4529312354cf7bb86f1499958aee1
SHA1

cce153822666ec5489c582b4632bd679cd5a9fec
SHA256

04c8309b1b63cdc0918936aa4f1b27407a5256fafa3bd21833b95e1a2aef3fe3
SHA512

4cd8845a2ea0e6f4168e12ac8ac448d1953ba378ee1795c4ddce48f1aaa5a05e5872f1ff05aa267997212c70e4dcb3f54a12d65a817fefe425f8d087d28664da
SSDEEP

6144:5SeOQdaZNxtk8cqhSxvHY93SeOQdaZNxtk8cqhSxvHY9sF:5LOQdaDxq8cqavHYhLOQdaDxq8cqavHz

Score

10^/10

evilquest execution macos persistence

Malware Config

Targets

- Target
  
  01a4529312354cf7bb86f1499958aee1_JaffaCakes118
- Size
  
  337KB
- MD5
  
  01a4529312354cf7bb86f1499958aee1
- SHA1
  
  cce153822666ec5489c582b4632bd679cd5a9fec
- SHA256
  
  04c8309b1b63cdc0918936aa4f1b27407a5256fafa3bd21833b95e1a2aef3fe3
- SHA512
  
  4cd8845a2ea0e6f4168e12ac8ac448d1953ba378ee1795c4ddce48f1aaa5a05e5872f1ff05aa267997212c70e4dcb3f54a12d65a817fefe425f8d087d28664da
- SSDEEP
  
  6144:5SeOQdaZNxtk8cqhSxvHY93SeOQdaZNxtk8cqhSxvHY9sF:5LOQdaDxq8cqavHYhLOQdaDxq8cqavHz
Score

5^/10

execution persistence
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

executionpersistence