evilquest | 4dfd31dffe1813e03884d7b8ec0e95666cfb6a81e5ef9cfd89814c556bcf8394 | Triage

Sharing

General

Target

044478a1e490d339ef8b69fca45ceb4a_JaffaCakes118
Size

168KB
Sample

240428-dw88aafc9v
MD5

044478a1e490d339ef8b69fca45ceb4a
SHA1

07f8fb506df857aebb7a4bccc2fe47c60db1f876
SHA256

4dfd31dffe1813e03884d7b8ec0e95666cfb6a81e5ef9cfd89814c556bcf8394
SHA512

bf243e4fa0cf41114026ff178f957c8888f03b8a4894bac90ebf7a614dbab83e5d6b7e85bf88ad35bbe00664a7d288f872d0b062b358ebe2c7f1536e1180daa6
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9Vc0:5SeOQdaZNxtk8cqhSxvHY9

Score

10^/10

evilquest execution macos persistence

Malware Config

Targets

- Target
  
  044478a1e490d339ef8b69fca45ceb4a_JaffaCakes118
- Size
  
  168KB
- MD5
  
  044478a1e490d339ef8b69fca45ceb4a
- SHA1
  
  07f8fb506df857aebb7a4bccc2fe47c60db1f876
- SHA256
  
  4dfd31dffe1813e03884d7b8ec0e95666cfb6a81e5ef9cfd89814c556bcf8394
- SHA512
  
  bf243e4fa0cf41114026ff178f957c8888f03b8a4894bac90ebf7a614dbab83e5d6b7e85bf88ad35bbe00664a7d288f872d0b062b358ebe2c7f1536e1180daa6
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9Vc0:5SeOQdaZNxtk8cqhSxvHY9
Score

5^/10

execution persistence
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

executionpersistence