evilquest | 076e920550c4f2ab173fd2f3545f965e880096436a8db8441c213e57e05bbc95 | Triage

Sharing

General

Target

0699ff99489d80dcc8ff55b9ea3b533f_JaffaCakes118
Size

168KB
Sample

240429-cq5ggaff9v
MD5

0699ff99489d80dcc8ff55b9ea3b533f
SHA1

90c01c6131ebee65945a5b288b0bee620326565d
SHA256

076e920550c4f2ab173fd2f3545f965e880096436a8db8441c213e57e05bbc95
SHA512

fd5579190c71c41df017fc0b51eb2da1178d5fbe92c57ee00123e204f27f76df4d5936871e66ef649a6e9d361a1f4bc47580a7dc38525700fa598068831839bb
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq980:5SeOQdaZNxtk8cqhSxvHY9

Score

10^/10

evilquest execution macos persistence

Malware Config

Targets

- Target
  
  0699ff99489d80dcc8ff55b9ea3b533f_JaffaCakes118
- Size
  
  168KB
- MD5
  
  0699ff99489d80dcc8ff55b9ea3b533f
- SHA1
  
  90c01c6131ebee65945a5b288b0bee620326565d
- SHA256
  
  076e920550c4f2ab173fd2f3545f965e880096436a8db8441c213e57e05bbc95
- SHA512
  
  fd5579190c71c41df017fc0b51eb2da1178d5fbe92c57ee00123e204f27f76df4d5936871e66ef649a6e9d361a1f4bc47580a7dc38525700fa598068831839bb
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq980:5SeOQdaZNxtk8cqhSxvHY9
Score

5^/10

execution persistence
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

executionpersistence