evilquest | 39b85137ab92fb175515234f7e529fb0d38624c7501b9c08b67234d1ed7e97ef | Triage

Submit
Reports

Overview

overview

Static

static

02d86b8a84...kes118

macos-10.15-amd64

Sharing

General

Target

02d86b8a84136368b5e70231720716de_JaffaCakes118
Size

168KB
Sample

240427-kh2plsfe6y
MD5

02d86b8a84136368b5e70231720716de
SHA1

7dcdedf19b4eb62cc10302237d2e6259c6fa8565
SHA256

39b85137ab92fb175515234f7e529fb0d38624c7501b9c08b67234d1ed7e97ef
SHA512

ec950bba18dc51dc784f063a23b0457eb628caf084c4d4cae7ed327f065d5f214de2c9084ec150e3d0ceaf5f4a8fc42d82a3863c22e7949de3d009f37f9a2ac9
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq92Y0:5SeOQdaZNxtk8cqhSxvHY92

Score

10^/10

evilquest backdoor evasion execution macos persistence

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

02d86b8a84136368b5e70231720716de_JaffaCakes118

Resource

macos-20240410-en

evilquest backdoor evasion execution persistence

macos-10.15-amd64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  02d86b8a84136368b5e70231720716de_JaffaCakes118
- Size
  
  168KB
- MD5
  
  02d86b8a84136368b5e70231720716de
- SHA1
  
  7dcdedf19b4eb62cc10302237d2e6259c6fa8565
- SHA256
  
  39b85137ab92fb175515234f7e529fb0d38624c7501b9c08b67234d1ed7e97ef
- SHA512
  
  ec950bba18dc51dc784f063a23b0457eb628caf084c4d4cae7ed327f065d5f214de2c9084ec150e3d0ceaf5f4a8fc42d82a3863c22e7949de3d009f37f9a2ac9
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq92Y0:5SeOQdaZNxtk8cqhSxvHY92
Score

10^/10

evilquest backdoor evasion execution persistence
- EvilQuest
  EvilQuest family.
  backdoor evilquest
- EvilQuest payload
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Hide Artifacts

Resource Forking

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

evilquestbackdoorevasionexecutionpersistence

© 2018-2024

Terms | Privacy