evilquest | 562703fd7fe50a397ee23c95f57da0986de07cd4204159635cde00c920629a08 | Triage

Sharing

General

Target

066a3ed1c809c3bb8375ab8e4f0ef1d5_JaffaCakes118
Size

168KB
Sample

240429-asyqladc3s
MD5

066a3ed1c809c3bb8375ab8e4f0ef1d5
SHA1

125886597d29e12d95862b72543574d076d3086b
SHA256

562703fd7fe50a397ee23c95f57da0986de07cd4204159635cde00c920629a08
SHA512

99a8926ae4b6fc89da42844a18faa43157b2ca33764429db053461575cfbbf715b6a61e585840ab0a1d6fca566acc4cb6009cbfc07d49a71e7d1618335b74df0
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9Lv0:5SeOQdaZNxtk8cqhSxvHY9

Score

10^/10

evilquest execution macos persistence

Malware Config

Targets

- Target
  
  066a3ed1c809c3bb8375ab8e4f0ef1d5_JaffaCakes118
- Size
  
  168KB
- MD5
  
  066a3ed1c809c3bb8375ab8e4f0ef1d5
- SHA1
  
  125886597d29e12d95862b72543574d076d3086b
- SHA256
  
  562703fd7fe50a397ee23c95f57da0986de07cd4204159635cde00c920629a08
- SHA512
  
  99a8926ae4b6fc89da42844a18faa43157b2ca33764429db053461575cfbbf715b6a61e585840ab0a1d6fca566acc4cb6009cbfc07d49a71e7d1618335b74df0
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9Lv0:5SeOQdaZNxtk8cqhSxvHY9
Score

5^/10

execution persistence
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

executionpersistence