Overview

overview

10

Static

static

10

2024-06-23...ekoobe

macos-10.15-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-06-23_0ddba0b1b7478d96a51dc8c5f302f190_adload_evilquest_rekoobe

  • Size

    168KB

  • Sample

    240623-wbxb4ayakh

  • MD5

    0ddba0b1b7478d96a51dc8c5f302f190

  • SHA1

    1e6a3015406e9ba85f36fb67135a343b95a42d66

  • SHA256

    d4cdeb6301ae45c2498c355ffaf022063a0dcc79ee4699d38ac6711e49985c60

  • SHA512

    8640f39c8a6d39d6443ee83b2c34352ab4799503048d1fefbb49fee7aef0ac2063d14a895a9daab90c87dea52678f2638748676640aec477097a87b393dbdf1d

  • SSDEEP

    3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq910:5SeOQdaZNxtk8cqhSxvHY9

Score
10/10
evilquestbackdoorexecutionmacospersistence

Malware Config

Targets

    • Target

      2024-06-23_0ddba0b1b7478d96a51dc8c5f302f190_adload_evilquest_rekoobe

    • Size

      168KB

    • MD5

      0ddba0b1b7478d96a51dc8c5f302f190

    • SHA1

      1e6a3015406e9ba85f36fb67135a343b95a42d66

    • SHA256

      d4cdeb6301ae45c2498c355ffaf022063a0dcc79ee4699d38ac6711e49985c60

    • SHA512

      8640f39c8a6d39d6443ee83b2c34352ab4799503048d1fefbb49fee7aef0ac2063d14a895a9daab90c87dea52678f2638748676640aec477097a87b393dbdf1d

    • SSDEEP

      3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq910:5SeOQdaZNxtk8cqhSxvHY9

    Score
    10/10
    evilquestbackdoorexecutionpersistence

    • EvilQuest

      EvilQuest family.

      backdoorevilquest

    • EvilQuest payload

    • Launch Agent

      Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.

      persistence

    • Launch Daemon

      Adversaries may create or modify Launch Daemons to execute malicious payloads as part of persistence. Launch Daemons are plist files used to interact with Launchd, the service management framework used by macOS.

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks