evilquest | 54f41fe50c42a45b8bc587239b2c987c2919562505ca28fa1312eca748d7fbc2 | Triage

Submit
Reports

Overview

overview

Static

static

05aea69e23...kes118

macos-10.15-amd64

Sharing

General

Target

05aea69e23e15b8a962cc15f5364d520_JaffaCakes118
Size

168KB
Sample

240428-vramlace82
MD5

05aea69e23e15b8a962cc15f5364d520
SHA1

24039cb0de1f3b913bf539c4686a538c284d34ea
SHA256

54f41fe50c42a45b8bc587239b2c987c2919562505ca28fa1312eca748d7fbc2
SHA512

c33a0821df728b68abc3362688f181173cc201e3fc6a9266c306b4ceef0eefcb995cf2558f9d8b92c46a374a6393bb02c036f00f8bd73aa406898a712b928c56
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9ByEj0:5SeOQdaZNxtk8cqhSxvHY9/

Score

10^/10

evilquest backdoor evasion execution macos persistence

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

05aea69e23e15b8a962cc15f5364d520_JaffaCakes118

Resource

macos-20240410-en

evilquest backdoor evasion execution persistence

macos-10.15-amd64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  05aea69e23e15b8a962cc15f5364d520_JaffaCakes118
- Size
  
  168KB
- MD5
  
  05aea69e23e15b8a962cc15f5364d520
- SHA1
  
  24039cb0de1f3b913bf539c4686a538c284d34ea
- SHA256
  
  54f41fe50c42a45b8bc587239b2c987c2919562505ca28fa1312eca748d7fbc2
- SHA512
  
  c33a0821df728b68abc3362688f181173cc201e3fc6a9266c306b4ceef0eefcb995cf2558f9d8b92c46a374a6393bb02c036f00f8bd73aa406898a712b928c56
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9ByEj0:5SeOQdaZNxtk8cqhSxvHY9/
Score

10^/10

evilquest backdoor evasion execution persistence
- EvilQuest
  EvilQuest family.
  backdoor evilquest
- EvilQuest payload
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Hide Artifacts

Resource Forking

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evilquestbackdoorevasionexecutionpersistence

© 2018-2024

Terms | Privacy