Overview

overview

10

Static

static

10

2024-09-06...ekoobe

macos-10.15-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-09-06_a0c8565871c03f1e08142e89be8d7471_adload_evilquest_rekoobe

  • Size

    389KB

  • Sample

    240906-kceb5awfqg

  • MD5

    a0c8565871c03f1e08142e89be8d7471

  • SHA1

    0e34f11c9f032a3d93b87dd4ecb7f5cd9f21cdcf

  • SHA256

    5167171d6014645b258adf3766edf15730373b2882432334936e25183c15e15d

  • SHA512

    73bf4bf35e667ac1183d43cd5f662feeedcfccbe3dbbc3d4c2accdcad539682409fd3574b6fdd71bd3f2022d79c9fe26ce5932a21e9156648e291e4b33974360

  • SSDEEP

    6144:5SeOQdaZNxtk8cqhSxvHY9unjCIQwa6QXbYRPuCnfL08Y/ok5XM7mM6QS7MkBh:5LOQdaDxq8cqavHYcWIDaJXcl/nfg801

Score
10/10
evilquestbackdoorexecutionmacospersistence

Malware Config

Targets

    • Target

      2024-09-06_a0c8565871c03f1e08142e89be8d7471_adload_evilquest_rekoobe

    • Size

      389KB

    • MD5

      a0c8565871c03f1e08142e89be8d7471

    • SHA1

      0e34f11c9f032a3d93b87dd4ecb7f5cd9f21cdcf

    • SHA256

      5167171d6014645b258adf3766edf15730373b2882432334936e25183c15e15d

    • SHA512

      73bf4bf35e667ac1183d43cd5f662feeedcfccbe3dbbc3d4c2accdcad539682409fd3574b6fdd71bd3f2022d79c9fe26ce5932a21e9156648e291e4b33974360

    • SSDEEP

      6144:5SeOQdaZNxtk8cqhSxvHY9unjCIQwa6QXbYRPuCnfL08Y/ok5XM7mM6QS7MkBh:5LOQdaDxq8cqavHYcWIDaJXcl/nfg801

    Score
    10/10
    evilquestbackdoorexecutionpersistence

    • EvilQuest

      EvilQuest family.

      backdoorevilquest

    • EvilQuest payload

    • Launch Agent

      Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.

      persistence

    • Launch Daemon

      Adversaries may create or modify Launch Daemons to execute malicious payloads as part of persistence. Launch Daemons are plist files used to interact with Launchd, the service management framework used by macOS.

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks