evilquest | 660ef27662f23865ae45bf5e22513e68e97e25996178da2aba3d36c68337ca99 | Triage

Sharing

General

Target

08231c74fb78529be8930521ab8231db_JaffaCakes118
Size

168KB
Sample

240429-vadmxsfg8v
MD5

08231c74fb78529be8930521ab8231db
SHA1

05a72e07d84698a4ce2c04bba0f8a5940ea5e7f4
SHA256

660ef27662f23865ae45bf5e22513e68e97e25996178da2aba3d36c68337ca99
SHA512

d1c6954ca138ed54a5e3511994df7333640725cbd549e52a60d8abd683fac401036734627cecd40effd61c55ea311ea7b0c52013ed38b76feb645b76aca58496
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9cO47bBY0:5SeOQdaZNxtk8cqhSxvHY9

Score

10^/10

evilquest execution macos persistence

Malware Config

Targets

- Target
  
  08231c74fb78529be8930521ab8231db_JaffaCakes118
- Size
  
  168KB
- MD5
  
  08231c74fb78529be8930521ab8231db
- SHA1
  
  05a72e07d84698a4ce2c04bba0f8a5940ea5e7f4
- SHA256
  
  660ef27662f23865ae45bf5e22513e68e97e25996178da2aba3d36c68337ca99
- SHA512
  
  d1c6954ca138ed54a5e3511994df7333640725cbd549e52a60d8abd683fac401036734627cecd40effd61c55ea311ea7b0c52013ed38b76feb645b76aca58496
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9cO47bBY0:5SeOQdaZNxtk8cqhSxvHY9
Score

5^/10

execution persistence
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

executionpersistence