evilquest | 64a8295fa9d8080ac894f3d5f40993b502fdb5887bdbbe7a1d98163026506ef5 | Triage

Sharing

General

Target

029f80ed204a2586fa3294a45911f978_JaffaCakes118
Size

168KB
Sample

240427-g5qdbade7y
MD5

029f80ed204a2586fa3294a45911f978
SHA1

3a413fe4ef416bb222467962225d2c7072b62a86
SHA256

64a8295fa9d8080ac894f3d5f40993b502fdb5887bdbbe7a1d98163026506ef5
SHA512

2c58ac58b14440c332f2ea479f93f3d3eedcd1a396320378acef7d57919649efe62c3d3a64c6606dd84ae91c792392e993dc30feeaaec762a8f763144d012b4b
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9w0:5SeOQdaZNxtk8cqhSxvHY9

Score

10^/10

evilquest evasion execution macos persistence

Malware Config

Targets

- Target
  
  029f80ed204a2586fa3294a45911f978_JaffaCakes118
- Size
  
  168KB
- MD5
  
  029f80ed204a2586fa3294a45911f978
- SHA1
  
  3a413fe4ef416bb222467962225d2c7072b62a86
- SHA256
  
  64a8295fa9d8080ac894f3d5f40993b502fdb5887bdbbe7a1d98163026506ef5
- SHA512
  
  2c58ac58b14440c332f2ea479f93f3d3eedcd1a396320378acef7d57919649efe62c3d3a64c6606dd84ae91c792392e993dc30feeaaec762a8f763144d012b4b
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9w0:5SeOQdaZNxtk8cqhSxvHY9
Score

5^/10

evasion execution persistence
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
- Launch Daemon
  Adversaries may create or modify Launch Daemons to execute malicious payloads as part of persistence. Launch Daemons are plist files used to interact with Launchd, the service management framework used by macOS.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Launch Daemon

Privilege Escalation

Create or Modify System Process

Launch Agent

Launch Daemon

Defense Evasion

Hide Artifacts

Resource Forking

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionexecutionpersistence