evilquest | 7be0f9c8f1fa1c3b8772fb7e7a2ae280df85ff4fc9db3b8f1dd47a43bb36ff09 | Triage

Sharing

General

Target

0e2e44d95e5943154a4f049796c75122_JaffaCakes118
Size

168KB
Sample

240502-lzfn5sge87
MD5

0e2e44d95e5943154a4f049796c75122
SHA1

bfff000b64bcbdbcb4bf24e0814f9ff691f88790
SHA256

7be0f9c8f1fa1c3b8772fb7e7a2ae280df85ff4fc9db3b8f1dd47a43bb36ff09
SHA512

f182532454e063be6ea1120adbd6264bca650f6491e9795ff269de9bc52bc4d8adfeea74385fbff6fd98f541209ddd85ad008e36221bfaf943d566af25a4d5ca
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9RO0:5SeOQdaZNxtk8cqhSxvHY9

Score

10^/10

evilquest execution macos persistence

Malware Config

Targets

- Target
  
  0e2e44d95e5943154a4f049796c75122_JaffaCakes118
- Size
  
  168KB
- MD5
  
  0e2e44d95e5943154a4f049796c75122
- SHA1
  
  bfff000b64bcbdbcb4bf24e0814f9ff691f88790
- SHA256
  
  7be0f9c8f1fa1c3b8772fb7e7a2ae280df85ff4fc9db3b8f1dd47a43bb36ff09
- SHA512
  
  f182532454e063be6ea1120adbd6264bca650f6491e9795ff269de9bc52bc4d8adfeea74385fbff6fd98f541209ddd85ad008e36221bfaf943d566af25a4d5ca
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9RO0:5SeOQdaZNxtk8cqhSxvHY9
Score

5^/10

execution persistence
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

executionpersistence