evilquest | 4a5a162a5f155505fa8870efc37fe7c238a36c0fae6bf5984d97b1264e75ecec | Triage

Submit
Reports

Overview

overview

Static

static

078eb7f7ec...kes118

macos-10.15-amd64

Sharing

General

Target

078eb7f7eccdde11919583b30ff3d82e_JaffaCakes118
Size

168KB
Sample

240429-nkxefshg7v
MD5

078eb7f7eccdde11919583b30ff3d82e
SHA1

b31f12ef69912fac418c3ff70087a01475e9cc5f
SHA256

4a5a162a5f155505fa8870efc37fe7c238a36c0fae6bf5984d97b1264e75ecec
SHA512

ab35bc53a40d9ddb3435f7bcc4969aea958ec87be607092e3e77be15cffbbff2b35ddd55beb9f5c9c5ec0661ce717e7ff50f65b1474caea7f3ddd41de4ac1b54
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9rh0:5SeOQdaZNxtk8cqhSxvHY9r

Score

10^/10

evilquest backdoor evasion execution macos persistence

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

078eb7f7eccdde11919583b30ff3d82e_JaffaCakes118

Resource

macos-20240410-en

evilquest backdoor evasion execution persistence

macos-10.15-amd64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  078eb7f7eccdde11919583b30ff3d82e_JaffaCakes118
- Size
  
  168KB
- MD5
  
  078eb7f7eccdde11919583b30ff3d82e
- SHA1
  
  b31f12ef69912fac418c3ff70087a01475e9cc5f
- SHA256
  
  4a5a162a5f155505fa8870efc37fe7c238a36c0fae6bf5984d97b1264e75ecec
- SHA512
  
  ab35bc53a40d9ddb3435f7bcc4969aea958ec87be607092e3e77be15cffbbff2b35ddd55beb9f5c9c5ec0661ce717e7ff50f65b1474caea7f3ddd41de4ac1b54
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9rh0:5SeOQdaZNxtk8cqhSxvHY9r
Score

10^/10

evilquest backdoor evasion execution persistence
- EvilQuest
  EvilQuest family.
  backdoor evilquest
- EvilQuest payload
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Hide Artifacts

Resource Forking

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evilquestbackdoorevasionexecutionpersistence

© 2018-2024

Terms | Privacy