evilquest | 48c0eab0d9769bf3ba4ad7baf8a29d8484a1b78b94d2a55ec7f8d4ad4944f0b5 | Triage

Sharing

General

Target

092cfb36d2603050fe957e13b268ec80_JaffaCakes118
Size

168KB
Sample

240430-gm2cvsea48
MD5

092cfb36d2603050fe957e13b268ec80
SHA1

622a03489f62bed721a28146fdae8bf415173c14
SHA256

48c0eab0d9769bf3ba4ad7baf8a29d8484a1b78b94d2a55ec7f8d4ad4944f0b5
SHA512

e6840889f64497fcbbae95d5c43c3ee0a50b520355236a791e4dc10b1737280fe39afd045cd5cf78d8f34d302f9fb3aef81175700ea33f577f493c87dcccf511
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9Q0:5SeOQdaZNxtk8cqhSxvHY9

Score

10^/10

evilquest execution macos persistence

Malware Config

Targets

- Target
  
  092cfb36d2603050fe957e13b268ec80_JaffaCakes118
- Size
  
  168KB
- MD5
  
  092cfb36d2603050fe957e13b268ec80
- SHA1
  
  622a03489f62bed721a28146fdae8bf415173c14
- SHA256
  
  48c0eab0d9769bf3ba4ad7baf8a29d8484a1b78b94d2a55ec7f8d4ad4944f0b5
- SHA512
  
  e6840889f64497fcbbae95d5c43c3ee0a50b520355236a791e4dc10b1737280fe39afd045cd5cf78d8f34d302f9fb3aef81175700ea33f577f493c87dcccf511
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9Q0:5SeOQdaZNxtk8cqhSxvHY9
Score

5^/10

execution persistence
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

executionpersistence