Overview

overview

10

Static

static

10

021313f4c0...kes118

macos-10.15-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    021313f4c02734a3f996a29e2b1fd0fa_JaffaCakes118

  • Size

    168KB

  • Sample

    240427-bk7tzagf8x

  • MD5

    021313f4c02734a3f996a29e2b1fd0fa

  • SHA1

    cb28038a2adbb6ac7b1cb32ec2a470a1093262d0

  • SHA256

    54bdd383d38bd528df8b9aabba4fc64b04abad9f2b2253036e53842e12f729d7

  • SHA512

    a3a660d89364c5b5c8f06be8b04fcb96b0356825a7cc8ec4bff74927409398a1236263e8e325fe6d8af5ca7235dbb7ba718a23234fa7dd63c18f32c0b668aac5

  • SSDEEP

    3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9R0:5SeOQdaZNxtk8cqhSxvHY9

Score
10/10
evilquestbackdoorevasionexecutionmacospersistence

Malware Config

Targets

    • Target

      021313f4c02734a3f996a29e2b1fd0fa_JaffaCakes118

    • Size

      168KB

    • MD5

      021313f4c02734a3f996a29e2b1fd0fa

    • SHA1

      cb28038a2adbb6ac7b1cb32ec2a470a1093262d0

    • SHA256

      54bdd383d38bd528df8b9aabba4fc64b04abad9f2b2253036e53842e12f729d7

    • SHA512

      a3a660d89364c5b5c8f06be8b04fcb96b0356825a7cc8ec4bff74927409398a1236263e8e325fe6d8af5ca7235dbb7ba718a23234fa7dd63c18f32c0b668aac5

    • SSDEEP

      3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9R0:5SeOQdaZNxtk8cqhSxvHY9

    Score
    10/10
    evilquestbackdoorevasionexecutionpersistence

    • EvilQuest

      EvilQuest family.

      backdoorevilquest

    • EvilQuest payload

    • Launch Agent

      Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.

      persistence
    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

1
T1059

AppleScript

1
T1059.002

System Services

1
T1569

Launchctl

1
T1569.001

Persistence

Create or Modify System Process

1
T1543

Launch Agent

1
T1543.001

Privilege Escalation

Create or Modify System Process

1
T1543

Launch Agent

1
T1543.001

Defense Evasion

Hide Artifacts

1
T1564

Resource Forking

1
T1564.009

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks