evilquest | 63f4af3dc144e2539a4ab76d869c41419144fde9419e2e909a12c78e00461888 | Triage

Submit
Reports

Overview

overview

Static

static

0b08a62975...kes118

macos-10.15-amd64

Sharing

General

Target

0b08a62975f39ca1593ccfca5ab32813_JaffaCakes118
Size

168KB
Sample

240501-emhveahe32
MD5

0b08a62975f39ca1593ccfca5ab32813
SHA1

ce7bd06fdc906a4880d5c868b5769895a998355a
SHA256

63f4af3dc144e2539a4ab76d869c41419144fde9419e2e909a12c78e00461888
SHA512

8e45662de3ae5acf4e86631ea45d995214bfed843c22591b8a3402b625ba481389b0255cba692b9c75a6d494c476dc784a4eef650a269ae612c065704c7dd2fa
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9L0:5SeOQdaZNxtk8cqhSxvHY9

Score

10^/10

evilquest backdoor execution macos persistence

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

0b08a62975f39ca1593ccfca5ab32813_JaffaCakes118

Resource

macos-20240410-en

evilquest backdoor execution persistence

macos-10.15-amd64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  0b08a62975f39ca1593ccfca5ab32813_JaffaCakes118
- Size
  
  168KB
- MD5
  
  0b08a62975f39ca1593ccfca5ab32813
- SHA1
  
  ce7bd06fdc906a4880d5c868b5769895a998355a
- SHA256
  
  63f4af3dc144e2539a4ab76d869c41419144fde9419e2e909a12c78e00461888
- SHA512
  
  8e45662de3ae5acf4e86631ea45d995214bfed843c22591b8a3402b625ba481389b0255cba692b9c75a6d494c476dc784a4eef650a269ae612c065704c7dd2fa
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9L0:5SeOQdaZNxtk8cqhSxvHY9
Score

10^/10

evilquest backdoor execution persistence
- EvilQuest
  EvilQuest family.
  backdoor evilquest
- EvilQuest payload
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evilquestbackdoorexecutionpersistence

© 2018-2024

Terms | Privacy