evilquest | 2b58e7d405f2004962a6181e4eaace57b7e4bc74a936e8c674b9c07a4d85c4c4 | Triage

Sharing

General

Target

080d7c448de0ae387311b99bde1d6113_JaffaCakes118
Size

168KB
Sample

240429-te451aee53
MD5

080d7c448de0ae387311b99bde1d6113
SHA1

66a347b2422b4e395017d1733aa6ad83206206e5
SHA256

2b58e7d405f2004962a6181e4eaace57b7e4bc74a936e8c674b9c07a4d85c4c4
SHA512

47ef095f8e84ab10fb0e4244781fa38700af7fd8154d6c8c4f2e75d1cead7d5e2d100da315522c18466fe4cf86c259c22528c0515b1681ee3fc16945c2877bbc
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9lF0:5SeOQdaZNxtk8cqhSxvHY9

Score

10^/10

evilquest execution macos persistence

Malware Config

Targets

- Target
  
  080d7c448de0ae387311b99bde1d6113_JaffaCakes118
- Size
  
  168KB
- MD5
  
  080d7c448de0ae387311b99bde1d6113
- SHA1
  
  66a347b2422b4e395017d1733aa6ad83206206e5
- SHA256
  
  2b58e7d405f2004962a6181e4eaace57b7e4bc74a936e8c674b9c07a4d85c4c4
- SHA512
  
  47ef095f8e84ab10fb0e4244781fa38700af7fd8154d6c8c4f2e75d1cead7d5e2d100da315522c18466fe4cf86c259c22528c0515b1681ee3fc16945c2877bbc
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9lF0:5SeOQdaZNxtk8cqhSxvHY9
Score

5^/10

execution persistence
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

executionpersistence