evilquest | 5b69cbae4967225227c8b8d9131fee90ff554ae4802e9c0586536921678a6cea | Triage

Submit
Reports

Overview

overview

Static

static

04d9433577...kes118

macos-10.15-amd64

Sharing

General

Target

04d9433577f50ad873df5953fea4dfd7_JaffaCakes118
Size

168KB
Sample

240428-k4npwace8t
MD5

04d9433577f50ad873df5953fea4dfd7
SHA1

d1c90f77511d9ca9caaba18d661c797097fc68d8
SHA256

5b69cbae4967225227c8b8d9131fee90ff554ae4802e9c0586536921678a6cea
SHA512

b3fa10a53550336ee57066c61fc09e842be620d1c16927e6522c0f83913cb9678babe6842f9f78715c075eb64212fe79366c21fadcf266868367475dc2a0a579
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9x0:5SeOQdaZNxtk8cqhSxvHY9

Score

10^/10

evilquest backdoor evasion execution macos persistence

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

04d9433577f50ad873df5953fea4dfd7_JaffaCakes118

Resource

macos-20240410-en

evilquest backdoor evasion execution persistence

macos-10.15-amd64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  04d9433577f50ad873df5953fea4dfd7_JaffaCakes118
- Size
  
  168KB
- MD5
  
  04d9433577f50ad873df5953fea4dfd7
- SHA1
  
  d1c90f77511d9ca9caaba18d661c797097fc68d8
- SHA256
  
  5b69cbae4967225227c8b8d9131fee90ff554ae4802e9c0586536921678a6cea
- SHA512
  
  b3fa10a53550336ee57066c61fc09e842be620d1c16927e6522c0f83913cb9678babe6842f9f78715c075eb64212fe79366c21fadcf266868367475dc2a0a579
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9x0:5SeOQdaZNxtk8cqhSxvHY9
Score

10^/10

evilquest backdoor evasion execution persistence
- EvilQuest
  EvilQuest family.
  backdoor evilquest
- EvilQuest payload
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Hide Artifacts

Resource Forking

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evilquestbackdoorevasionexecutionpersistence

© 2018-2025

Terms | Privacy