evilquest | 90effbefcc03dd20082f78c67555f4effef15e1cf30ea20d9f4ce49419e33c37 | Triage

Sharing

General

Target

0ca36d0e0d117809b2d4499b9258a529_JaffaCakes118
Size

168KB
Sample

240501-x4b3ased4w
MD5

0ca36d0e0d117809b2d4499b9258a529
SHA1

7aaf7909698b08bddcec517b5ac0129e503389aa
SHA256

90effbefcc03dd20082f78c67555f4effef15e1cf30ea20d9f4ce49419e33c37
SHA512

1ef507201bfa9640bf4301510048bdfdeaa595a66b3dd147f397d76c065286db74b63e0d4ea23d214a1252b36030e01ac9e3b18c88ae81364183a4d6695c4866
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9Vni0:5SeOQdaZNxtk8cqhSxvHY9Vn

Score

10^/10

evilquest execution macos persistence

Malware Config

Targets

- Target
  
  0ca36d0e0d117809b2d4499b9258a529_JaffaCakes118
- Size
  
  168KB
- MD5
  
  0ca36d0e0d117809b2d4499b9258a529
- SHA1
  
  7aaf7909698b08bddcec517b5ac0129e503389aa
- SHA256
  
  90effbefcc03dd20082f78c67555f4effef15e1cf30ea20d9f4ce49419e33c37
- SHA512
  
  1ef507201bfa9640bf4301510048bdfdeaa595a66b3dd147f397d76c065286db74b63e0d4ea23d214a1252b36030e01ac9e3b18c88ae81364183a4d6695c4866
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9Vni0:5SeOQdaZNxtk8cqhSxvHY9Vn
Score

5^/10

execution persistence
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

executionpersistence