evilquest | 62f9e0090b1085fe4d76fca4938b211a0b096aaa9c844a28cdb47c3bc1a41235 | Triage

Submit
Reports

Overview

overview

Static

static

069b47a14c...kes118

macos-10.15-amd64

Sharing

General

Target

069b47a14c8c6bb8b5a1e03cdaeef6c6_JaffaCakes118
Size

168KB
Sample

240429-cskj3sfd62
MD5

069b47a14c8c6bb8b5a1e03cdaeef6c6
SHA1

38100a77cdb19069cfa60cdcdedb7d1321737c92
SHA256

62f9e0090b1085fe4d76fca4938b211a0b096aaa9c844a28cdb47c3bc1a41235
SHA512

06732b97f4834942ba7e0388037d3c1683384b5ffafa3b2a13a2e6904160691d74de734bc31c99e8cd3f282685cf185375a18d29f2f62a98e9bb9ab297f06cd1
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9KEcUnz0:5SeOQdaZNxtk8cqhSxvHY9K

Score

10^/10

evilquest backdoor evasion execution macos persistence

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

069b47a14c8c6bb8b5a1e03cdaeef6c6_JaffaCakes118

Resource

macos-20240410-en

evilquest backdoor evasion execution persistence

macos-10.15-amd64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  069b47a14c8c6bb8b5a1e03cdaeef6c6_JaffaCakes118
- Size
  
  168KB
- MD5
  
  069b47a14c8c6bb8b5a1e03cdaeef6c6
- SHA1
  
  38100a77cdb19069cfa60cdcdedb7d1321737c92
- SHA256
  
  62f9e0090b1085fe4d76fca4938b211a0b096aaa9c844a28cdb47c3bc1a41235
- SHA512
  
  06732b97f4834942ba7e0388037d3c1683384b5ffafa3b2a13a2e6904160691d74de734bc31c99e8cd3f282685cf185375a18d29f2f62a98e9bb9ab297f06cd1
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9KEcUnz0:5SeOQdaZNxtk8cqhSxvHY9K
Score

10^/10

evilquest backdoor evasion execution persistence
- EvilQuest
  EvilQuest family.
  backdoor evilquest
- EvilQuest payload
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Hide Artifacts

Resource Forking

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evilquestbackdoorevasionexecutionpersistence

© 2018-2024

Terms | Privacy