evilquest | 2f350ea801faa950fcd9b813a9b158eddf9ecf2620b5a3a662076c5e554a260d | Triage

Sharing

General

Target

064037e46d48076d4bd2791b0c2450dc_JaffaCakes118
Size

168KB
Sample

240728-c8w8tatepm
MD5

064037e46d48076d4bd2791b0c2450dc
SHA1

709287cd324038d7e7bffe36f1913fe08a7cf567
SHA256

2f350ea801faa950fcd9b813a9b158eddf9ecf2620b5a3a662076c5e554a260d
SHA512

3df3e1eca59da1a4f716d22ffb38788bbbf4f869c55f48a70b3c496e9a2b760b839307a5cc5c3a05e4a88e3f9a71a1eef781e9dcf277ae491548588e507be14e
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9Z0G0:5SeOQdaZNxtk8cqhSxvHY9K

Score

10^/10

evilquest execution macos persistence

Malware Config

Targets

- Target
  
  064037e46d48076d4bd2791b0c2450dc_JaffaCakes118
- Size
  
  168KB
- MD5
  
  064037e46d48076d4bd2791b0c2450dc
- SHA1
  
  709287cd324038d7e7bffe36f1913fe08a7cf567
- SHA256
  
  2f350ea801faa950fcd9b813a9b158eddf9ecf2620b5a3a662076c5e554a260d
- SHA512
  
  3df3e1eca59da1a4f716d22ffb38788bbbf4f869c55f48a70b3c496e9a2b760b839307a5cc5c3a05e4a88e3f9a71a1eef781e9dcf277ae491548588e507be14e
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9Z0G0:5SeOQdaZNxtk8cqhSxvHY9K
Score

5^/10

execution persistence
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

executionpersistence