General

  • Target

    010ca47900964fd8757bf7e84451225e_JaffaCakes118

  • Size

    168KB

  • Sample

    240727-z6csqazapl

  • MD5

    010ca47900964fd8757bf7e84451225e

  • SHA1

    437737f33914283a52a05bbd21dc5282bc75f85a

  • SHA256

    7bf7c18042227ac254d6d33ec7de34c844a4cd1767932073f29bb8d31ab28db3

  • SHA512

    6bf0e6fabcc743c98b841a27aca05719ae41258e34338af1a0e7a5f404f89d99c6e3359070186844bd538cdbf48266dc4532718d325843f949cfb97471587ce4

  • SSDEEP

    3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq95u0:5SeOQdaZNxtk8cqhSxvHY9

Malware Config

Targets

    • Target

      010ca47900964fd8757bf7e84451225e_JaffaCakes118

    • Size

      168KB

    • MD5

      010ca47900964fd8757bf7e84451225e

    • SHA1

      437737f33914283a52a05bbd21dc5282bc75f85a

    • SHA256

      7bf7c18042227ac254d6d33ec7de34c844a4cd1767932073f29bb8d31ab28db3

    • SHA512

      6bf0e6fabcc743c98b841a27aca05719ae41258e34338af1a0e7a5f404f89d99c6e3359070186844bd538cdbf48266dc4532718d325843f949cfb97471587ce4

    • SSDEEP

      3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq95u0:5SeOQdaZNxtk8cqhSxvHY9

    • EvilQuest

      EvilQuest family.

    • EvilQuest payload

    • Launch Agent

      Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.

    • Launch Daemon

      Adversaries may create or modify Launch Daemons to execute malicious payloads as part of persistence. Launch Daemons are plist files used to interact with Launchd, the service management framework used by macOS.

MITRE ATT&CK Enterprise v15

Tasks