evilquest | f13b67981c1d2f55e769e2e604c39378075b34a0e2fe0bdc1ab0e0e345e64d06 | Triage

Sharing

General

Target

0d7e014e075154cafee0ec3bbd46ba6d_JaffaCakes118
Size

168KB
Sample

240502-ez8atsag85
MD5

0d7e014e075154cafee0ec3bbd46ba6d
SHA1

7483c5f128ac3cb1b21cc1868dcb26f1ee74c5d8
SHA256

f13b67981c1d2f55e769e2e604c39378075b34a0e2fe0bdc1ab0e0e345e64d06
SHA512

a2fe870561301e11bbede176c4a24053d75185dab6a285071a2b7584fb3389c67ef2135e751c2f8048cf2219d30f04b6493a7e14bc276dbd2619ce728b66b326
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9mSi0:5SeOQdaZNxtk8cqhSxvHY9

Score

10^/10

evilquest execution macos persistence

Malware Config

Targets

- Target
  
  0d7e014e075154cafee0ec3bbd46ba6d_JaffaCakes118
- Size
  
  168KB
- MD5
  
  0d7e014e075154cafee0ec3bbd46ba6d
- SHA1
  
  7483c5f128ac3cb1b21cc1868dcb26f1ee74c5d8
- SHA256
  
  f13b67981c1d2f55e769e2e604c39378075b34a0e2fe0bdc1ab0e0e345e64d06
- SHA512
  
  a2fe870561301e11bbede176c4a24053d75185dab6a285071a2b7584fb3389c67ef2135e751c2f8048cf2219d30f04b6493a7e14bc276dbd2619ce728b66b326
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9mSi0:5SeOQdaZNxtk8cqhSxvHY9
Score

5^/10

execution persistence
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

executionpersistence