General

  • Target

    2024-09-06_a0c8565871c03f1e08142e89be8d7471_adload_evilquest_rekoobe

  • Size

    389KB

  • Sample

    240906-kceb5awfqg

  • MD5

    a0c8565871c03f1e08142e89be8d7471

  • SHA1

    0e34f11c9f032a3d93b87dd4ecb7f5cd9f21cdcf

  • SHA256

    5167171d6014645b258adf3766edf15730373b2882432334936e25183c15e15d

  • SHA512

    73bf4bf35e667ac1183d43cd5f662feeedcfccbe3dbbc3d4c2accdcad539682409fd3574b6fdd71bd3f2022d79c9fe26ce5932a21e9156648e291e4b33974360

  • SSDEEP

    6144:5SeOQdaZNxtk8cqhSxvHY9unjCIQwa6QXbYRPuCnfL08Y/ok5XM7mM6QS7MkBh:5LOQdaDxq8cqavHYcWIDaJXcl/nfg801

Malware Config

Targets

    • Target

      2024-09-06_a0c8565871c03f1e08142e89be8d7471_adload_evilquest_rekoobe

    • Size

      389KB

    • MD5

      a0c8565871c03f1e08142e89be8d7471

    • SHA1

      0e34f11c9f032a3d93b87dd4ecb7f5cd9f21cdcf

    • SHA256

      5167171d6014645b258adf3766edf15730373b2882432334936e25183c15e15d

    • SHA512

      73bf4bf35e667ac1183d43cd5f662feeedcfccbe3dbbc3d4c2accdcad539682409fd3574b6fdd71bd3f2022d79c9fe26ce5932a21e9156648e291e4b33974360

    • SSDEEP

      6144:5SeOQdaZNxtk8cqhSxvHY9unjCIQwa6QXbYRPuCnfL08Y/ok5XM7mM6QS7MkBh:5LOQdaDxq8cqavHYcWIDaJXcl/nfg801

    • EvilQuest

      EvilQuest family.

    • EvilQuest payload

    • Launch Agent

      Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.

    • Launch Daemon

      Adversaries may create or modify Launch Daemons to execute malicious payloads as part of persistence. Launch Daemons are plist files used to interact with Launchd, the service management framework used by macOS.

MITRE ATT&CK Enterprise v15

Tasks