evilquest | 4f374e6187acd8ec6de7e034ae526cce97b0fd1701b0b5dab8857c3a393a1a38 | Triage

Sharing

General

Target

043e3fa9242071d428145b21aaee2f5f_JaffaCakes118
Size

168KB
Sample

240428-dmy1ysfb2z
MD5

043e3fa9242071d428145b21aaee2f5f
SHA1

237d86cea6ac97cf1c5f0381664dbf537c35bdea
SHA256

4f374e6187acd8ec6de7e034ae526cce97b0fd1701b0b5dab8857c3a393a1a38
SHA512

bdc39bcecbcb46c25424da48a2710b80808aa9ad1d65659553c29ba34ae49fb99ad28db4273cc80a1ed63a3d0c43d7423949d6d40f44d87010e210db9897fa67
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9i0:5SeOQdaZNxtk8cqhSxvHY9

Score

10^/10

evilquest execution macos persistence

Malware Config

Targets

- Target
  
  043e3fa9242071d428145b21aaee2f5f_JaffaCakes118
- Size
  
  168KB
- MD5
  
  043e3fa9242071d428145b21aaee2f5f
- SHA1
  
  237d86cea6ac97cf1c5f0381664dbf537c35bdea
- SHA256
  
  4f374e6187acd8ec6de7e034ae526cce97b0fd1701b0b5dab8857c3a393a1a38
- SHA512
  
  bdc39bcecbcb46c25424da48a2710b80808aa9ad1d65659553c29ba34ae49fb99ad28db4273cc80a1ed63a3d0c43d7423949d6d40f44d87010e210db9897fa67
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9i0:5SeOQdaZNxtk8cqhSxvHY9
Score

5^/10

execution persistence
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

executionpersistence