Overview

overview

10

Static

static

10

02d86b8a84...kes118

macos-10.15-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    02d86b8a84136368b5e70231720716de_JaffaCakes118

  • Size

    168KB

  • Sample

    240427-kh2plsfe6y

  • MD5

    02d86b8a84136368b5e70231720716de

  • SHA1

    7dcdedf19b4eb62cc10302237d2e6259c6fa8565

  • SHA256

    39b85137ab92fb175515234f7e529fb0d38624c7501b9c08b67234d1ed7e97ef

  • SHA512

    ec950bba18dc51dc784f063a23b0457eb628caf084c4d4cae7ed327f065d5f214de2c9084ec150e3d0ceaf5f4a8fc42d82a3863c22e7949de3d009f37f9a2ac9

  • SSDEEP

    3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq92Y0:5SeOQdaZNxtk8cqhSxvHY92

Score
10/10
evilquestbackdoorevasionexecutionmacospersistence

Malware Config

Targets

    • Target

      02d86b8a84136368b5e70231720716de_JaffaCakes118

    • Size

      168KB

    • MD5

      02d86b8a84136368b5e70231720716de

    • SHA1

      7dcdedf19b4eb62cc10302237d2e6259c6fa8565

    • SHA256

      39b85137ab92fb175515234f7e529fb0d38624c7501b9c08b67234d1ed7e97ef

    • SHA512

      ec950bba18dc51dc784f063a23b0457eb628caf084c4d4cae7ed327f065d5f214de2c9084ec150e3d0ceaf5f4a8fc42d82a3863c22e7949de3d009f37f9a2ac9

    • SSDEEP

      3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq92Y0:5SeOQdaZNxtk8cqhSxvHY92

    Score
    10/10
    evilquestbackdoorevasionexecutionpersistence

    • EvilQuest

      EvilQuest family.

      backdoorevilquest

    • EvilQuest payload

    • Launch Agent

      Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks