evilquest | 59d54abd21a71a65c5741a572cbca54c6c845af1a894a2da007bfe737312ca0a | Triage

Sharing

General

Target

202409123b0f529cd4c6ffd34c8f05353bcbe4c0adloadevilquestrekoobe
Size

168KB
Sample

240912-rd8exsxgpf
MD5

3b0f529cd4c6ffd34c8f05353bcbe4c0
SHA1

ec49751f2bd50ec1d12c57e2bdf7592b58ac19db
SHA256

59d54abd21a71a65c5741a572cbca54c6c845af1a894a2da007bfe737312ca0a
SHA512

d048b5a2512894ae631237860a99feae072724a60bcdb4d09d35ae6d40d1c74ce6a972c46219588fb876e41681afd1bb2f7e5cfad53b3eac7e187da18f229244
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9o0:5SeOQdaZNxtk8cqhSxvHY9

Score

10^/10

evilquest evasion execution macos persistence

Malware Config

Targets

- Target
  
  202409123b0f529cd4c6ffd34c8f05353bcbe4c0adloadevilquestrekoobe
- Size
  
  168KB
- MD5
  
  3b0f529cd4c6ffd34c8f05353bcbe4c0
- SHA1
  
  ec49751f2bd50ec1d12c57e2bdf7592b58ac19db
- SHA256
  
  59d54abd21a71a65c5741a572cbca54c6c845af1a894a2da007bfe737312ca0a
- SHA512
  
  d048b5a2512894ae631237860a99feae072724a60bcdb4d09d35ae6d40d1c74ce6a972c46219588fb876e41681afd1bb2f7e5cfad53b3eac7e187da18f229244
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9o0:5SeOQdaZNxtk8cqhSxvHY9
Score

5^/10

evasion execution persistence
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Hide Artifacts

Resource Forking

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionexecutionpersistence