evilquest | 01282fce4b0eb96c7d133fd550ea5a4a969a5d39051248e19fe77821cb6e8651 | Triage

Submit
Reports

Overview

overview

Static

static

077cd5e693...kes118

macos-10.15-amd64

Sharing

General

Target

077cd5e6938ea048af084a011e61b468_JaffaCakes118
Size

168KB
Sample

240429-mxj48agg78
MD5

077cd5e6938ea048af084a011e61b468
SHA1

b71f166b5dc522cde1e8bc4d05355fd2d90ec563
SHA256

01282fce4b0eb96c7d133fd550ea5a4a969a5d39051248e19fe77821cb6e8651
SHA512

f99bf5bc8bbf51b9ef235b42dd7972cb293e87d2597a712e737fd54e378eb11d1453153ec5b8e938c5e9a0226814e16897da960840c9daf1947fc0547f8d1e35
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9x1sk0:5SeOQdaZNxtk8cqhSxvHY9

Score

10^/10

evilquest backdoor evasion execution macos persistence

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

077cd5e6938ea048af084a011e61b468_JaffaCakes118

Resource

macos-20240410-en

evilquest backdoor evasion execution persistence

macos-10.15-amd64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  077cd5e6938ea048af084a011e61b468_JaffaCakes118
- Size
  
  168KB
- MD5
  
  077cd5e6938ea048af084a011e61b468
- SHA1
  
  b71f166b5dc522cde1e8bc4d05355fd2d90ec563
- SHA256
  
  01282fce4b0eb96c7d133fd550ea5a4a969a5d39051248e19fe77821cb6e8651
- SHA512
  
  f99bf5bc8bbf51b9ef235b42dd7972cb293e87d2597a712e737fd54e378eb11d1453153ec5b8e938c5e9a0226814e16897da960840c9daf1947fc0547f8d1e35
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9x1sk0:5SeOQdaZNxtk8cqhSxvHY9
Score

10^/10

evilquest backdoor evasion execution persistence
- EvilQuest
  EvilQuest family.
  backdoor evilquest
- EvilQuest payload
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Hide Artifacts

Resource Forking

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evilquestbackdoorevasionexecutionpersistence

© 2018-2024

Terms | Privacy