evilquest | 09ceae976562d266e835d03ede4cf0c784c3a1678fa2599f1afd74a35100e869 | Triage

Sharing

General

Target

0232f79e2741d193d55c47d7d7d8c72c_JaffaCakes118
Size

168KB
Sample

240427-ctqgqahb35
MD5

0232f79e2741d193d55c47d7d7d8c72c
SHA1

98f49a033c88cc1cba0c9123970b714e4bccadf3
SHA256

09ceae976562d266e835d03ede4cf0c784c3a1678fa2599f1afd74a35100e869
SHA512

7504d50f1b3e625c52e4d4870f3570f828ecfe3cabd989b6ff41eaf7cb1f81b39dc632212db4286e1b1b5ac636f7e2c54bd27e89db9d3973c3657ade8b489ebf
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq90JS0:5SeOQdaZNxtk8cqhSxvHY9

Score

10^/10

evilquest execution macos persistence

Malware Config

Targets

- Target
  
  0232f79e2741d193d55c47d7d7d8c72c_JaffaCakes118
- Size
  
  168KB
- MD5
  
  0232f79e2741d193d55c47d7d7d8c72c
- SHA1
  
  98f49a033c88cc1cba0c9123970b714e4bccadf3
- SHA256
  
  09ceae976562d266e835d03ede4cf0c784c3a1678fa2599f1afd74a35100e869
- SHA512
  
  7504d50f1b3e625c52e4d4870f3570f828ecfe3cabd989b6ff41eaf7cb1f81b39dc632212db4286e1b1b5ac636f7e2c54bd27e89db9d3973c3657ade8b489ebf
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq90JS0:5SeOQdaZNxtk8cqhSxvHY9
Score

5^/10

execution persistence
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

executionpersistence