Overview

overview

10

Static

static

10

20240912ff...ekoobe

macos-10.15-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    20240912ff518e7b84421876e36339aa7458485fadloadevilquestrekoobe

  • Size

    177KB

  • Sample

    240912-w6zeyayajc

  • MD5

    ff518e7b84421876e36339aa7458485f

  • SHA1

    d5b7633132caf8e468e0171100bbcb7bc9344f46

  • SHA256

    454bd33dedc789d78374f923f7973710f448235673b2b414c434af3e7168aa81

  • SHA512

    4a11771f44134c2a8d08a78d821b55208c2c52dbbd0ae06c6ae5d42100260cef049f77981f61763b17ababdbd357085a9b83e8775c98b4f34a77e889c87931d2

  • SSDEEP

    3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9oe0k:5SeOQdaZNxtk8cqhSxvHY9oa

Score
10/10
evilquestbackdoorexecutionmacospersistence

Malware Config

Targets

    • Target

      20240912ff518e7b84421876e36339aa7458485fadloadevilquestrekoobe

    • Size

      177KB

    • MD5

      ff518e7b84421876e36339aa7458485f

    • SHA1

      d5b7633132caf8e468e0171100bbcb7bc9344f46

    • SHA256

      454bd33dedc789d78374f923f7973710f448235673b2b414c434af3e7168aa81

    • SHA512

      4a11771f44134c2a8d08a78d821b55208c2c52dbbd0ae06c6ae5d42100260cef049f77981f61763b17ababdbd357085a9b83e8775c98b4f34a77e889c87931d2

    • SSDEEP

      3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9oe0k:5SeOQdaZNxtk8cqhSxvHY9oa

    Score
    10/10
    evilquestbackdoorexecutionpersistence

    • EvilQuest

      EvilQuest family.

      backdoorevilquest

    • EvilQuest payload

    • Launch Agent

      Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.

      persistence

    • Launch Daemon

      Adversaries may create or modify Launch Daemons to execute malicious payloads as part of persistence. Launch Daemons are plist files used to interact with Launchd, the service management framework used by macOS.

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks