evilquest | 308ec0bc1572507283b53c2233ecb2aa27a23eeae857f90c7ebac274fb54ff8d | Triage

Submit
Reports

Overview

overview

Static

static

03a67d80fa...kes118

macos-10.15-amd64

Sharing

General

Target

03a67d80fa5fa77f1c6449cfa18a7557_JaffaCakes118
Size

168KB
Sample

240427-z5yzkagg27
MD5

03a67d80fa5fa77f1c6449cfa18a7557
SHA1

af176a7acea73091dad836dc40ca2aba813e3403
SHA256

308ec0bc1572507283b53c2233ecb2aa27a23eeae857f90c7ebac274fb54ff8d
SHA512

35aae29a451742ff3a3fd84722e26151318398919184d503af4a6f1e03757605ebca6f12f9ff3d180c3ea5f47885ddd71b521813859e449bb1fee11ae85f2fa1
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9BO0:5SeOQdaZNxtk8cqhSxvHY9

Score

10^/10

evilquest backdoor evasion execution macos persistence

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

03a67d80fa5fa77f1c6449cfa18a7557_JaffaCakes118

Resource

macos-20240410-en

evilquest backdoor evasion execution persistence

macos-10.15-amd64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  03a67d80fa5fa77f1c6449cfa18a7557_JaffaCakes118
- Size
  
  168KB
- MD5
  
  03a67d80fa5fa77f1c6449cfa18a7557
- SHA1
  
  af176a7acea73091dad836dc40ca2aba813e3403
- SHA256
  
  308ec0bc1572507283b53c2233ecb2aa27a23eeae857f90c7ebac274fb54ff8d
- SHA512
  
  35aae29a451742ff3a3fd84722e26151318398919184d503af4a6f1e03757605ebca6f12f9ff3d180c3ea5f47885ddd71b521813859e449bb1fee11ae85f2fa1
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9BO0:5SeOQdaZNxtk8cqhSxvHY9
Score

10^/10

evilquest backdoor evasion execution persistence
- EvilQuest
  EvilQuest family.
  backdoor evilquest
- EvilQuest payload
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Hide Artifacts

Resource Forking

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evilquestbackdoorevasionexecutionpersistence

© 2018-2024

Terms | Privacy