Overview

overview

10

Static

static

10

02a762458c...kes118

macos-10.15-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    02a762458c49af4a4392db04a33440b1_JaffaCakes118

  • Size

    168KB

  • Sample

    240427-hg35yadh3y

  • MD5

    02a762458c49af4a4392db04a33440b1

  • SHA1

    bf85338874cb6a4fde325d044d7261b280b4e763

  • SHA256

    53c9ce413387a60362551b9e0d3e9fdaa0a7e23a80c851f1baba6b6f4b9fab41

  • SHA512

    00b47017a30e4f1af87a9252edbf0a2380440522aaf339db6e95b409913be26f620f2568b5a3e9d97e0a3cab8fe718b9f281ea17f51074f1ccd4b86801accb2d

  • SSDEEP

    3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq920:5SeOQdaZNxtk8cqhSxvHY9

Score
10/10
evilquestbackdoorevasionexecutionmacospersistence

Malware Config

Targets

    • Target

      02a762458c49af4a4392db04a33440b1_JaffaCakes118

    • Size

      168KB

    • MD5

      02a762458c49af4a4392db04a33440b1

    • SHA1

      bf85338874cb6a4fde325d044d7261b280b4e763

    • SHA256

      53c9ce413387a60362551b9e0d3e9fdaa0a7e23a80c851f1baba6b6f4b9fab41

    • SHA512

      00b47017a30e4f1af87a9252edbf0a2380440522aaf339db6e95b409913be26f620f2568b5a3e9d97e0a3cab8fe718b9f281ea17f51074f1ccd4b86801accb2d

    • SSDEEP

      3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq920:5SeOQdaZNxtk8cqhSxvHY9

    Score
    10/10
    evilquestbackdoorevasionexecutionpersistence

    • EvilQuest

      EvilQuest family.

      backdoorevilquest

    • EvilQuest payload

    • Launch Agent

      Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.

      persistence

    • Launch Daemon

      Adversaries may create or modify Launch Daemons to execute malicious payloads as part of persistence. Launch Daemons are plist files used to interact with Launchd, the service management framework used by macOS.

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks