evilquest | 058ecb0453ace6ff5f2347c044b0812b3ebb3492709dba65625df9ac25701be6 | Triage

Sharing

General

Target

05bd53f38a0f93314527f127d006ddef_JaffaCakes118
Size

168KB
Sample

240428-wcz5dada89
MD5

05bd53f38a0f93314527f127d006ddef
SHA1

380b88573629a340916edca50f271d278a7b21ed
SHA256

058ecb0453ace6ff5f2347c044b0812b3ebb3492709dba65625df9ac25701be6
SHA512

640a1f027b220d6646df591c70944e3305e249f3b29fb5a81b45451f595c2c3ec87c3d5e50b4f1dbf83c245d9a171006014c19921515bbab6ae9a02eef5faf63
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9uK0:5SeOQdaZNxtk8cqhSxvHY9u

Score

10^/10

evilquest execution macos persistence

Malware Config

Targets

- Target
  
  05bd53f38a0f93314527f127d006ddef_JaffaCakes118
- Size
  
  168KB
- MD5
  
  05bd53f38a0f93314527f127d006ddef
- SHA1
  
  380b88573629a340916edca50f271d278a7b21ed
- SHA256
  
  058ecb0453ace6ff5f2347c044b0812b3ebb3492709dba65625df9ac25701be6
- SHA512
  
  640a1f027b220d6646df591c70944e3305e249f3b29fb5a81b45451f595c2c3ec87c3d5e50b4f1dbf83c245d9a171006014c19921515bbab6ae9a02eef5faf63
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9uK0:5SeOQdaZNxtk8cqhSxvHY9u
Score

5^/10

execution persistence
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

executionpersistence