evilquest | 4d08bf69996200e5179da77df49075e3cb7590ad5fbc6c15d8f47e08e2b8d9b8 | Triage

Sharing

General

Target

02f1e486102a748834029c76a4c311c8_JaffaCakes118
Size

168KB
Sample

240427-lhdhfsgd3s
MD5

02f1e486102a748834029c76a4c311c8
SHA1

b4e56fd319885bae6a9e066cad69f6588e0b16bd
SHA256

4d08bf69996200e5179da77df49075e3cb7590ad5fbc6c15d8f47e08e2b8d9b8
SHA512

494fa1a0a55e890566729a883a7d3857223eacca977f624900667c7c632b84ecfb4061aac52ee751932047f29fcd80cfb333fbc9909f999348a20f12f24d9727
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq93Z0:5SeOQdaZNxtk8cqhSxvHY9

Score

10^/10

evilquest execution macos persistence

Malware Config

Targets

- Target
  
  02f1e486102a748834029c76a4c311c8_JaffaCakes118
- Size
  
  168KB
- MD5
  
  02f1e486102a748834029c76a4c311c8
- SHA1
  
  b4e56fd319885bae6a9e066cad69f6588e0b16bd
- SHA256
  
  4d08bf69996200e5179da77df49075e3cb7590ad5fbc6c15d8f47e08e2b8d9b8
- SHA512
  
  494fa1a0a55e890566729a883a7d3857223eacca977f624900667c7c632b84ecfb4061aac52ee751932047f29fcd80cfb333fbc9909f999348a20f12f24d9727
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq93Z0:5SeOQdaZNxtk8cqhSxvHY9
Score

5^/10

execution persistence
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

executionpersistence