Overview

overview

10

Static

static

10

02a30918b9...kes118

macos-10.15-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    02a30918b9a27c71b18f190da71b5a0a_JaffaCakes118

  • Size

    168KB

  • Sample

    240427-hak1sada69

  • MD5

    02a30918b9a27c71b18f190da71b5a0a

  • SHA1

    7123120c2301677d480297fd3bd1cb7a45f3195c

  • SHA256

    5a5b548bcd07ed5c302bfe57902caacc9614b1168e71b34e908cbfb5a4b6cf29

  • SHA512

    01b19563e7f8c3f490a1f8bcf9f89f66ec0061a0f63240dcc3d223a65d059d713aeb176c4fc50c0afa084916582baea799d9f378990306e607feaf74ca0291ca

  • SSDEEP

    3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9R0:5SeOQdaZNxtk8cqhSxvHY9

Score
10/10
evilquestbackdoorevasionexecutionmacospersistence

Malware Config

Targets

    • Target

      02a30918b9a27c71b18f190da71b5a0a_JaffaCakes118

    • Size

      168KB

    • MD5

      02a30918b9a27c71b18f190da71b5a0a

    • SHA1

      7123120c2301677d480297fd3bd1cb7a45f3195c

    • SHA256

      5a5b548bcd07ed5c302bfe57902caacc9614b1168e71b34e908cbfb5a4b6cf29

    • SHA512

      01b19563e7f8c3f490a1f8bcf9f89f66ec0061a0f63240dcc3d223a65d059d713aeb176c4fc50c0afa084916582baea799d9f378990306e607feaf74ca0291ca

    • SSDEEP

      3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9R0:5SeOQdaZNxtk8cqhSxvHY9

    Score
    10/10
    evilquestbackdoorevasionexecutionpersistence

    • EvilQuest

      EvilQuest family.

      backdoorevilquest

    • EvilQuest payload

    • Launch Agent

      Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.

      persistence
    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

1
T1059

AppleScript

1
T1059.002

System Services

1
T1569

Launchctl

1
T1569.001

Persistence

Create or Modify System Process

1
T1543

Launch Agent

1
T1543.001

Privilege Escalation

Create or Modify System Process

1
T1543

Launch Agent

1
T1543.001

Defense Evasion

Hide Artifacts

1
T1564

Resource Forking

1
T1564.009

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks