evilquest | 4176796036582daf4379c94b9a3b0dce851b174643bc7a5951ea5130d328bd85 | Triage

Submit
Reports

Overview

overview

Static

static

05e9514c7c...kes118

macos-10.15-amd64

Sharing

General

Target

05e9514c7ca251c7cb3364903dcdca0a_JaffaCakes118
Size

168KB
Sample

240428-x71j3afb86
MD5

05e9514c7ca251c7cb3364903dcdca0a
SHA1

06e688f57f0544abbfb7ea0f3d2e66caf6ab9176
SHA256

4176796036582daf4379c94b9a3b0dce851b174643bc7a5951ea5130d328bd85
SHA512

ff01e9af3243aae60b06b4d0ebcca00b3a72aefeebe0796741e80a257de867f55eb2673327369c34efe4b0e8110fd8cddfd1f72d713e26a755c4efa622dfa716
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9upWZsTwnh1V0:5SeOQdaZNxtk8cqhSxvHY9

Score

10^/10

evilquest backdoor evasion execution macos persistence

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

05e9514c7ca251c7cb3364903dcdca0a_JaffaCakes118

Resource

macos-20240410-en

evilquest backdoor evasion execution persistence

macos-10.15-amd64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  05e9514c7ca251c7cb3364903dcdca0a_JaffaCakes118
- Size
  
  168KB
- MD5
  
  05e9514c7ca251c7cb3364903dcdca0a
- SHA1
  
  06e688f57f0544abbfb7ea0f3d2e66caf6ab9176
- SHA256
  
  4176796036582daf4379c94b9a3b0dce851b174643bc7a5951ea5130d328bd85
- SHA512
  
  ff01e9af3243aae60b06b4d0ebcca00b3a72aefeebe0796741e80a257de867f55eb2673327369c34efe4b0e8110fd8cddfd1f72d713e26a755c4efa622dfa716
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9upWZsTwnh1V0:5SeOQdaZNxtk8cqhSxvHY9
Score

10^/10

evilquest backdoor evasion execution persistence
- EvilQuest
  EvilQuest family.
  backdoor evilquest
- EvilQuest payload
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Hide Artifacts

Resource Forking

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

evilquestbackdoorevasionexecutionpersistence

© 2018-2024

Terms | Privacy