evilquest | 3abd75cbf412503ca2d88ad6dade1fd7f412e55c8c2478ad06629c14ff32b580 | Triage

Submit
Reports

Overview

overview

Static

static

0793f5a839...kes118

macos-10.15-amd64

Resubmissions

29-04-2024 12:52

240429-p38e4sbd5y 10

29-04-2024 11:37

240429-nrj3pshh91 10

Sharing

General

Target

0793f5a839f86d51180c135f6dba34a2_JaffaCakes118
Size

168KB
Sample

240429-nrj3pshh91
MD5

0793f5a839f86d51180c135f6dba34a2
SHA1

813b8c1a4ef6469f49db3c4fa607256f0da20b55
SHA256

3abd75cbf412503ca2d88ad6dade1fd7f412e55c8c2478ad06629c14ff32b580
SHA512

ecfb0b6c0ec653b459246d3ab6389d120747feb085f47d2c5ac38617ee415d0531df17c3425a5c6fde5a68d61757f1c897a0e457ad36d4e81911f2a25e8d90d1
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq90l0:5SeOQdaZNxtk8cqhSxvHY9

Score

10^/10

evilquest backdoor evasion execution macos persistence

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

0793f5a839f86d51180c135f6dba34a2_JaffaCakes118

Resource

macos-20240410-en

evilquest backdoor evasion execution persistence

macos-10.15-amd64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  0793f5a839f86d51180c135f6dba34a2_JaffaCakes118
- Size
  
  168KB
- MD5
  
  0793f5a839f86d51180c135f6dba34a2
- SHA1
  
  813b8c1a4ef6469f49db3c4fa607256f0da20b55
- SHA256
  
  3abd75cbf412503ca2d88ad6dade1fd7f412e55c8c2478ad06629c14ff32b580
- SHA512
  
  ecfb0b6c0ec653b459246d3ab6389d120747feb085f47d2c5ac38617ee415d0531df17c3425a5c6fde5a68d61757f1c897a0e457ad36d4e81911f2a25e8d90d1
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq90l0:5SeOQdaZNxtk8cqhSxvHY9
Score

10^/10

evilquest backdoor evasion execution persistence
- EvilQuest
  EvilQuest family.
  backdoor evilquest
- EvilQuest payload
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Hide Artifacts

Resource Forking

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evilquestbackdoorevasionexecutionpersistence

© 2018-2025

Terms | Privacy