evilquest | 0fe7349a2bb848b6926fa8380e1d6643a43d2008f327a051c054dc4c9deecd12 | Triage

Sharing

General

Target

0a8b148ef2e789a10d7a71233d3b61ca_JaffaCakes118
Size

168KB
Sample

240430-16zsxsah73
MD5

0a8b148ef2e789a10d7a71233d3b61ca
SHA1

2f7054a0bb95c1ecb9de79bee3f920ee554e9264
SHA256

0fe7349a2bb848b6926fa8380e1d6643a43d2008f327a051c054dc4c9deecd12
SHA512

516938d75ccbc5136906afde0364793f08736d5a7fa4562262f09b36db0f2b8bcdd1b0f6362f3d5cc57ca6dff74f19c5075d125ef2df0f7d731f852a3ba14206
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9V0:5SeOQdaZNxtk8cqhSxvHY9

Score

10^/10

evilquest evasion execution macos persistence

Malware Config

Targets

- Target
  
  0a8b148ef2e789a10d7a71233d3b61ca_JaffaCakes118
- Size
  
  168KB
- MD5
  
  0a8b148ef2e789a10d7a71233d3b61ca
- SHA1
  
  2f7054a0bb95c1ecb9de79bee3f920ee554e9264
- SHA256
  
  0fe7349a2bb848b6926fa8380e1d6643a43d2008f327a051c054dc4c9deecd12
- SHA512
  
  516938d75ccbc5136906afde0364793f08736d5a7fa4562262f09b36db0f2b8bcdd1b0f6362f3d5cc57ca6dff74f19c5075d125ef2df0f7d731f852a3ba14206
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9V0:5SeOQdaZNxtk8cqhSxvHY9
Score

5^/10

evasion execution persistence
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Hide Artifacts

Resource Forking

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionexecutionpersistence