evilquest | 595fd48e08d8f7da2dd542215d71d391c2e6c03584aa075fccff77d1cc63ecf1 | Triage

Submit
Reports

Overview

overview

Static

static

0adeba535b...kes118

macos-10.15-amd64

Sharing

General

Target

0adeba535b2e7996f63c34a7aaa36ee5_JaffaCakes118
Size

168KB
Sample

240501-ca2ewafc94
MD5

0adeba535b2e7996f63c34a7aaa36ee5
SHA1

d7d35684f8ee71bd47d5d3c2bf91c3af4c94fe7b
SHA256

595fd48e08d8f7da2dd542215d71d391c2e6c03584aa075fccff77d1cc63ecf1
SHA512

349635f0b9cedc07f495a1682aab0d66f74da9188d6d8d4c3e83a8b3f06c3c7f4e4625a9c9639811c12ae69542960eb69400e6b5e7095f4c5b8593afaf345d19
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9Q41m0:5SeOQdaZNxtk8cqhSxvHY9J

Score

10^/10

evilquest backdoor evasion execution macos persistence

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

0adeba535b2e7996f63c34a7aaa36ee5_JaffaCakes118

Resource

macos-20240410-en

evilquest backdoor evasion execution persistence

macos-10.15-amd64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  0adeba535b2e7996f63c34a7aaa36ee5_JaffaCakes118
- Size
  
  168KB
- MD5
  
  0adeba535b2e7996f63c34a7aaa36ee5
- SHA1
  
  d7d35684f8ee71bd47d5d3c2bf91c3af4c94fe7b
- SHA256
  
  595fd48e08d8f7da2dd542215d71d391c2e6c03584aa075fccff77d1cc63ecf1
- SHA512
  
  349635f0b9cedc07f495a1682aab0d66f74da9188d6d8d4c3e83a8b3f06c3c7f4e4625a9c9639811c12ae69542960eb69400e6b5e7095f4c5b8593afaf345d19
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9Q41m0:5SeOQdaZNxtk8cqhSxvHY9J
Score

10^/10

evilquest backdoor evasion execution persistence
- EvilQuest
  EvilQuest family.
  backdoor evilquest
- EvilQuest payload
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Hide Artifacts

Resource Forking

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evilquestbackdoorevasionexecutionpersistence

© 2018-2024

Terms | Privacy